Skip to Content.
Sympa Menu

assurance - Re: [Assurance] Remote proofing feedback from Big Ten auditors

Subject: Assurance

List archive

Re: [Assurance] Remote proofing feedback from Big Ten auditors


Chronological Thread 
  • From: "Michael R. Gettes" <>
  • To: "<>" <>
  • Subject: Re: [Assurance] Remote proofing feedback from Big Ten auditors
  • Date: Fri, 10 Aug 2012 15:26:28 +0000
  • Accept-language: en-US

I stand corrected.  Thank you.

As of right now, our retention is 180 days passed termination and 800-63 is 7.5 years according to National Archives rules.  I realize we are currently reconsidering this point, but as of now, this is a difference in answer to your question.  Yes?

/mrg

On Aug 10, 2012, at 11:13, Jones, Mark B wrote:

800-63-1 in Table 3 under RA actions for remote proofing says:
b) Issues credentials in a manner that confirms the ability of the Applicant to receive telephone communications or e-mail at phone number or e-mail address associated with the Applicant in records. Any secret sent over an unprotected channel shall be reset upon first use;
 
 
From:  [mailto:] On Behalf Of Michael R. Gettes
Sent: Friday, August 10, 2012 8:23 AM
To: <>
Subject: Re: [Assurance] Remote proofing feedback from Big Ten auditors
 
800-63 defines Address of Record as
 
"The official location where an individual can be found. The address of record always includes the residential street address of an individual and may also include the mailing address of the individual. In very limited circumstances, an Army Post Office box number, Fleet Post Office box number or the street address of next of kin or of another contact individual can be used when a residential street address for the individual is not available."
 
InCommon says in 4.2.2.5
 
2. The RA issues Credentials in a manner that confirms the Address of Record supplied by the Subject.
a. For a physical Address of Record, the RA requires the Subject to enter online a temporary Secret from a notice mailed to the Subject’s Address of Record.
b. For an electronic Address of Record, the RA confirms the ability of the Subject to receive telephone communications at a telephone number or e-mail at an e-mail address.
 
As for 'meeting' vs. 'comparable' - one definition of 'meet' is "fulfill or satisfy a requirement".  800-63 is not the requirement for InCommon.  Bronze and Silver are the requirements for InCommon and we work with FICAM to ensure our framework are comparable to theirs.  We are not the same.  We negotiate to come to an agreement of understanding between the frameworks.
 
/mrg
 
On Aug 10, 2012, at 2:36, Jones, Mark B wrote:


Do you have an example of a requirement in 800-63 that is not met by the IAP?
 




Archive powered by MHonArc 2.6.16.

Top of Page