Reports & Recommendations

Kantara Initiative’s expert led, open and collaborative based Recommendations & Reports, Technology Specifications, Profiles, and Frameworks bring clarity to complex issues and help to drive industry innovations regarding trust in digital services.

Kantara Initiative is an ethics based, mission-led non-profit international consortium passionate about giving control of data back to people and improving trustworthy use of identity and personal data through innovation, standardization and good practice. Kantara’s Recommendations and Reports are produced by Kantara member and non member participant volunteers as a service to themselves and to the global community of stakeholders that support Kantara’s philosophy. N.B. Each document carries IPR and Copyright notices that apply to your use and management of these artefacts.

Are you interested in associating your corporate logo with these or forthcoming Reports and Recommendations to increase your product’s visibility, credibility and thought leadership? Sponsorship packages are on a first come first served basis. Contact us for details.

Do you want to ensure you have the latest versions (note UMA 2.0 comprises 2 specifications), join the Groups that developed them, or opt in to receive ‘Keeping up with Kantara’ news emailer, please Contact us putting the title of your request into the Subject field.

Kantara Initiative Recommendations

Title
User Managed Access
Final Recommendation Approved by All Member Ballot Kantara Initiative Recommendations Link
User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization
Editor: Eve Maler, ForgeRock Status: This technical specification is a Recommendation produced by the User-Managed Access Work Group and approved by the Membership of the Kantara Initiative according to its Operating Procedures. Abstract: This specification defines a means for a client, representing a requesting party, to use a permission ticket to request an OAuth 2.0 access token to gain access to a protected resource asynchronously from the time a resource owner authorizes access. Kantara Initiative Recommendations 2.0 Download
SAML V2.0 Implementation Profile for Federation Interoperability/a>
This document encompasses a set of software conformance requirements intended to facilitate interoperability within the context of full mesh identity federations, such as those found in the research and education sector. It attempts to address a number of common barriers to interoperability and details features that are necessary in order to use SAML metadata as a foundation for scalable trust fabrics. It supercedes the eGovernment Implementation Profile V2.0bis from June 2011. Kantara Initiative Recommendations 1.0 Download
Identity Assurance Framework (IAF)
The Kantara Identity Assurance Framework is a set of controlling documentation. Documents may evolve independently. Kantara Initiative Recommendations Link
Federation Operator Guidelines V1.0/a>
This document is a Kantara Initiative Recommendation, created by the IAWG WG (see section 3.8 of the Kantara Initiative Operating Procedures) Kantara Initiative Recommendations 1.0 Download
Federated Authorization for User-Managed Access (UMA) 2.0/a>
Editor: Eve Maler, ForgeRock Status: This technical specification is a Recommendation produced by the User-Managed Access Work Group and approved by the Membership of the Kantara Initiative according to its Operating Procedures. Abstract: This specification defines a means for an UMA-enabled authorization server and resource server to be loosely coupled, or federated, in a secure and authorized resource owner context. Kantara Initiative Recommendations 2.0 Download
Consent Receipt Specification
Editors: Mark Lizar, David Turner Status: This document is a Kantara Initiative Technical Specification Recommendation produced by the Consent & Information Sharing Work Group, and has been approved by the Group. The Public Comment and Intellectual Property Rights Review has been completed. It has been approved by the Membership of the Kantara Initiative. See the Kantara Initiative Operating Procedures for more information. Abstract: A Consent Receipt is record of authority granted by a Personally Identifiable Information (PII) Principal to a PII Controller for processing of the Principal’s PII. The record of consent is human-readable and can be represented as standard JSON. This specification defines the requirements for the creation of a consent record and the provision of a human-readable receipt. The standard includes requirements for links to existing privacy notices & policies as well as a description of what information has been or will be collected, the purposes for that collection as well as relevant information about how that information will be used or disclosed. This specification is based on current privacy and data protection principles as set out in various data protection laws, regulations and international standards. Kantara Initiative Recommendations 1.1.0 Download

    Kantara Initiative Reports

    Title
    The Information Sharing Report
    This document is a Kantara Initiative Work Group Report, and has been approved by the Information Sharing Work Group, for submission to the Leadership Council. Kantara Initiative Reports 3.0 Download
    The Design Principles of Relationship Management V1.0 Report
    This document is a Kantara Initiative Final Report, created by the IRM WG (see section 3.9 and 4 of the Kantara Initiative Operating Procedures) Kantara Initiative Reports 1.0 Download
    REST/SOAP Harmonization proposal for Identity-based Web-Services
    This document is a Kantara Initiative Draft Report that has been approved by the Telecommunications Identity WG/DG (see section 3.9 and 4 of the Kantara Initiative Operating Procedures) Kantara Initiative Reports 0.4 Download
    Report from the Blockchain and Smart Contracts Discussion Group to the Kantara Initiative
    This document is a draft Report produced by the Blockchain and Smart Contracts Discussion Group. See the Kantara Initiative Operating Procedures for more information. Kantara Initiative Reports 1.0 Download
    Refining the Design Principles of Identity Relationship Management
    This document is a Kantara Initiative Report produced by the Identity Relationship Management Work Group. It has been approved by the Leadership Council of the Kantara Initiative. See the Kantara Initiative Operating Procedures for more information. Kantara Initiative Reports 2.0f Download
    Personal Request For Proposal (pRFP) Engagement Model
    This document is a Kantara Initiative Work Group Report, it has been approved by the Information Sharing Work Group for submission to the Leadership Council. Kantara Initiative Reports 2.0 Download
    Kantara Initiative_IAWG_US FPC Report_v2.0.pdf
    This document is a Kantara Initiative Report, approved by the Identity Assurance WG (see section 3.8 of the Kantara Initiative Operating Procedures) Kantara Initiative Reports 2.0 Download
    Kantara Initiative eGovernment Implementation Profile of SAML V2.0
    This document is a Kantara Initiative Final Report, created by the eGovernment WG (see section 3.9 and 4 of the Kantara Initiative Operating Procedures) Kantara Initiative Reports 2.0 Download
    Deployment Guide for Proxying Assurance between OpenID and SAML v4
    SAML and OpenID are key federated identity protocols. Both SAML and OpenID define mechanisms in support of expressing assurance information on protocol messages, respectively Authentication Context and the Provider Authentication Policy Extension (PAPE) Kantara Initiative Reports 4.0 Link
    Consumer Identity Workgroup Interim Report
    This document is a Kantara Initiative Work Group Report, approved by the Consumer Identity WG (see section 3.9 and 4 of the Kantara Initiative Operating Procedures) Kantara Initiative Reports 1.0 Download
    Code of Conduct for Relying Parties for services to Government
    This document is a Kantara Initiative Report produced by the eGovernment WG. It has been approved by the Leadership Council of the Kantara Initiative. See the Kantara Initiative Operating Procedures at https://kantarainitiative.org/confluence/x/owVAAg for more information. Kantara Initiative Reports 1.0 Download
    AMDG Report
    The goal of the Attribute Management Discussion Group is to determine what Attribute Management means to Kantara Initiative (KI) stakeholders, what areas need further discussion or development, and to make recommendations regarding where and how the Kantara Initiative should contribute to efforts in this space. Kantara Initiative Reports Link
    Additional Requirements for Credential Service Providers: US Federal Privacy Criteria

    This document is a Kantara Initiative Report, approved by the Identity 17 Assurance WG (see section 3.8 of the Kantara Initiative Operating Procedures)

    Kantara Initiative Reports 2.0 Download
    A Proposed Licensing Model for User-Managed Access
    This is a Draft Report produced by the User-Managed Access Work Group. See the Kantara Initiative Operating Procedures for more information. Kantara Initiative Reports 0.7e Download

       

      For Errata Repository, please visit Errata pages for Kantara Recommendations and Reports