UMA telecon 2010-01-28
| Table of Contents | ||||||
|---|---|---|---|---|---|---|
|
Date and Time
- Day: Thursday, 28 Jan 2010
- Time: 9:00-10:30am PST | 12:00-1:30pm EST | 17:00-18:30 UTC (time chart)
- Dial-In:
- Skype: +9900827042954214
- US: +1-201-793-9022 | Room Code: 295-4214 (other local country numbers available on request)
...
- Adams, Trent
- Akram, Hasan
- Bryan, Paul
- Catalano, Domenico
- Davis, Peter
- Fletcher, George
- Hanson, Michael
- Lizar, Mark
- Machulak, Maciej
- McIntosh, Michael
- Maler, Eve
Agenda
- Roll call
- Approve minutes of UMA telecon 2010-01-21
- Action item review
- Upcoming F2F meetings
- Webinar material: final review (to be sent to list)
- Spec review
- Scenario review
- Lexicon discussion
- AOB
Minutes
New AI summary
Eve | Open | Edit scenario doc to reflect approval status changes. |
| |
Joe | Open | Edit protected inbox scenario in response to telecon and email discussion. |
| |
Paul | Open | Propose in email how multiple protections on a resource could work. |
|
Roll call
Quorum reached.
Approve minutes of UMA telecon 2010-01-21
Motion to accept minutes APPROVED.
Action item review
- Webinar team/WG Open Publicize the webinar through blogging, tweeting, etc.: Close this one.
- Paul Open Revise the UMA swimlane diagrams: Consider it closed; Paul's slides will be more authoritative than the current swimlanes on the wiki. We have outgrown WebSequenceDiagrams.com for the moment.
- Eve, Paul, George Open Construct a draft use-case email for OAuth IETF group consumption: Need to make progress on this ASAP.
- Maciej Open Revise custodian scenario: Maciej has privately sent a revision for Eve to incorporate on the site.
- Mike M. Open Check on whether he should be writing an information card use case: His current thinking is that information cards can help provide a solution to any of the use cases. And the R-card notion is so close to the use cases that it seems covered.
- Eve Open Reach out to legal contacts to research the question of requesting users vs. other requesting intermediaries when it comes to terms negotiation: Closed because this is in the works.
Upcoming F2F meetings
Please register very soon if you're attending the Kantara (including UMA) F2F. So far it appears the UMA contingent may be small.
...
The webinar is full. Do we have a couple of WG volunteers to join late or drop off?
E-commerce scenario
Eve made final edits based on Joe's recent email comments.
Motion to accept this scenario and its use cases APPROVED.
Protected inbox scenario
Eve wonders if providing some concrete examples of what would be sent to such an inbox would be useful. Also, it may be a bit too technically detailed.
Mike notes that there may be interesting policy-setting implications to controlled such an inbox (Iain had provided some detail coming out of privacy regulations, which would be good to add here). Since this controls data inflow vs. outflow, it's a distinctive aspect. (The location scenario, still pending, has a read/write access aspect to it, but we haven't looked at it in a long time.)
CV sharing scenario
Maciej explains: This scenario tries to capture a package of resources that are known to be fairly volatile. A student might create some resources, and might point to resources that others are authoritative for (such as proficiency certificates). A job search website or a prospective employer might be a requester. Employers often require trustworthy information such as reference letters, and information available from previous employers such as previous employments.
...
Motion to accept the CV scenario APPROVED.
Health data scenario
This scenario paints a picture of "chained" (or "nested") UMA protection (metadata as well as data), which is likely the most complicated of all of the scenarios so far because, as Mike notes, the mere existence of the resource and its address are sensitive, as well as its content. (The hData standard uses in-the-clear URLs that malicious parties could use to probe a value space, or that could reveal PII.)
...