UMA telecon 2010-12-09
| Table of Contents | ||||||
|---|---|---|---|---|---|---|
|
Date and Time
- WG telecon on Thursday, 9 Dec 2010, at 9-10:30am PT (time chart)
- Skype line "C": +9900827042954214
- US: +1-201-793-9022 | Room Code: 295-4214
Agenda
- Roll call
- Approve minutes of 2010-11-18 meeting
- Action item review
- Add AI for OAuth draft 11 review and report?
- Add AI for OAuth token review and report?
- UMA validation bounty program status
- Trusted claims
- Refer to etherpad and latest trusted claims proposal
- Resource reg spec
- Catalog new issues based on review
- Try to knock off low-hanging-fruit issues
- Conformance testing questions
- Review issues that are blocking conformance test plan completion
- AOB
...
- Kevin Cox
- Cordny Nederkoorn
Minutes
New AI summary
Susan, Thomas | Open | Review and critique the resource reg spec. | |
Eve | Open | Revise the core and resource reg specs to reflect new decisions. |
Roll call
Quorum was reached.
Approve minutes of 2010-12-02 meeting
Minutes of 2010-11-18 meeting APPROVED.
Action item review
- 2010-11-01-2 Eve Open Put the public-private continuum language and diagram into the Lexicon.
- 2010-11-18-3 Domenico, Sal Open Explore turning the trusted claims UX and writeup into draft spec text. Now closed.
- 2010-11-18-4 Eve Open Capture new user stories in the wiki.
...
Cordny's draft materials are available on the wiki. They need to be reviewed against the core spec.
...
Paul asks: How do we intend to identify the subject of these claims? The early UMA work (on Claims 2.0) tried to face this, and it was very difficult. How can one party issue a claim about the subject, such that another party can believe that the claim is about the "same subject"? In the non-aggregated point-to-point case that Eve gave above, George believes the trust hinges on the claims catalog provider being correct in sending the requesting party to that specific claims host to log in. Crypto comes into the picture if you have an aggregated end-to-end model, for the subject and for the other entities communicating.
We have a number of design principles and requirements that are going to end up in conflict with each other. Privacy, cryptography, simplicity, etc. We'll have to decide which ones are most "violatable" in each case. In the specific use case of Bob having to share a trusted claim about whether he's "bob@gmail.com" in order to gain access to Alice's online stuff, where an embedded instance of UMA is being leveraged to protect this claim in service of Bob's as a requesting party, Alice's privacy is paramount and his privacy (even as an "embedded authorizing user") is subordinate to the needs of Alice's access control policies.
...
The alternative might be to have a default/implicit "all"/"all" scope (or "none"/"none"!?) that is applied before the point when the host has registered anything. At the last F2F, we discussed reasons why entirely public and entirely private resources might want to be managed by an AM, and it's really dependent on the nature of the host, the resources, the user, etc. The authorizing user might have a default policy that gets mapped to registered resources and actions from particular (or all) hosts – but we think those resources and actions have to be explicitly registered. And the host has the right to self-manage access to its resources, so this right has to be preserved. So we're agreed to take this approach for now. This will start to give Cordny the information he needs to flesh out this portion of the test cases.
Next Meetings
- WG telecon on Thursday, 16 Dec 2010, at 9-10:30am PT (time chart)
- WG telecon on Wednesday, 22 Dec 2010, at 9-10:30am PT (time chart)