Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

UMA telecon 2017-03-29

Date and Time

Agenda

  • Roll call

  • Approve minutes of UMA telecon 2017-03-09 

  • Logistics: Okay to schedule a couple of meetings during the week of Apr 10 because we can't hold meetings the week of Apr 3?
  • UMA V2.0 work:
    • 2016 roadmap / GitHub issues for V2.0 (all issues to be kept here for the duration!) / dynamic swimlane
    • Core is up to 20 and RReg is up to 06 (WG drafts; no change)
    • See new issues: With our limited time, let's focus on #296: Out-of-the-box profiling for tight AS-RS coupling
  • AOB

Minutes

Roll call

Quorum was not reached.

Approve minutes

Approve minutes of UMA telecon 2017-03-09: Deferred.

UMA V2.0 work

Andrew's insight about  #296 was that this "profile" was essentially "OAuth". :-) In other words, that's the typical way people use OAuth grants. So would having an inner and outer spec help? The inner would be just the UMA grant, or maybe the grant++: adding the set math, say, and whatever other logic is needed given that this grant includes a requesting party and so on. But it doesn't seem to need the addition of the resource ID concept, for example, because that's "private" between the AS and RS. The outer would include all the protection API elements.

Ishan notes Ping has struggled with finding the fit with the whole UMA proposition, so putting RS constraints on what the RO can share would help. Eve notes that, AS-RS tight or loose, the RS's dedicated client (in the realm of enterprise authorization rules -- whether that uses UMA or no) would be able to apply constraints before Alice can "share" some resource. Would consent receipts be the right place to capture Alice's intent in sharing a particular resource, e.g. payment amount, with Bob?

Ishan also mentions impacts of/on token binding. We discussed that last week as part of the PoP issue. Definitely worth the full analysis.

Attendees

As of 7 Mar 2017, quorum is 4 of 7. (Domenico, Sal, Andi, Maciej, Eve, Mike, Cigdem)

  1. Eve

Non-voting participants:

  • Ishan
  • John W

Regrets:

  • Sal
  • Justin