UMA Release Notes
...
This draft document has been updated to reflect the V1.0.1 candidate Draft Recommendations dated 2015-0912-14. It will be corrected as required and updated when the V1.0.1 specifications are finalized.28. There were no specification changes between the draft and final Recommendations.
Editor
- Eve Maler
Intellectual Property Notice
...
The UMA V1.0 specifications (Core, RSR) were approved in March 2015. The UMA V1.0.1 specifications (Core, RSR) are currently (September 2015) in draft form; the Work Group's goal is to see their finalization by the end of 2015. were approved in an All-Member Ballot to be Kantara Recommendations and were published in December 2015.
The following release notes are therefore also in draft form. They are catalogued according to their impact on software implementations (where impact on client software in addition to authorization server or resource server software is denoted with (+Client) in the section title). Links to relevant GitHub issues and specific section numbers are provided where possible, enabling old-to-new text comparisons and tracking of discussions and rationales.
...
Previously, the security considerations around accepting policy-setting context information from an incompletely trusted AS were not covered. Now they cover the user_access_policy_uri property, which is the only policy-setting context information passed from AS to RS. (185) (RSR Sec 4)
Specification Reorganizations
The specifications, particularly Core Sec 3, were reorganized in the fashion of OpenID Connect, with the goal of giving a subsection to every request and response message. Other notable changes include:
...
| Anchor | ||||
|---|---|---|---|---|
|
Following is a catalog of notable changes to the specifications in the pre-V1.0 timeframe.
Core Changes
Internet-Draft Rev 11 to Rev 12
...