UMA Release Notes
Abstract
...
- AS: authorization server
- RS: resource server
- Core: UMA Core specification
- RSR: OAuth Resource Set Registration specification
- I-D: IETF Internet-Draft specification
- Sec: section
...
Anchor | ||||
---|---|---|---|---|
|
...
The UMA V1.0 specifications (Core, RSR) were approved in March 2015. The UMA V1.0.1 specifications (Core, RSR) are were approved in an All-Member Ballot to be Kantara Recommendations and were published in December 2015.
...
Previously, the security considerations around accepting policy-setting context information from an incompletely trusted AS were not covered. Now they cover the user_access_policy_uri
property, which is the only policy-setting context information passed from AS to RS. (185) (RSR Sec 4)
Specification Reorganizations
The specifications, particularly Core Sec 3, were reorganized in the fashion of OpenID Connect, with the goal of giving a subsection to every request and response message. Other notable changes include:
...
Anchor | ||||
---|---|---|---|---|
|
Following is a catalog of notable changes to the specifications in the pre-V1.0 timeframe.
Core Changes
Internet-Draft Rev 11 to Rev 12
...