UMA telecon 2015-10-15

Date and Time

• Thu Oct 15, 9-10am PT
  • Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines), room code 178-2540#
  • Screen sharing: http://join.me/findthomas - NOTE: IGNORE the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line)
  • UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar

Agenda

• Public Review status and outstanding comment review
• New UIG text discussing default-deny
• Interop and IIW planning: report from the UMA Dev group
• Considering our Independent Submission stance of record
• Considering charter revisions/cleanup, especially in light of any decisions on the previous item
• Permission registration extension spec idea
• How are we doing on other outstanding AIs?
• AOB

Minutes

Public review status

Please retweet the @UMAWG tweet about the public review!

Take a look at the new Release Notes document.

UIG status

For the Organizations as Resource Owners and Requesting Parties section, is there really that much to say? Mike's folks are developing a sample resource server and an UMA client in Python, and will use the client credentials flow. His use cases typically use this grant flow. This will be Hello, World level. The org=RO circumstance is always the case for Mike, but the RqP might be an org or a human.

For the Ensuring Resource Server Access to an Authorization Server When the Resource Owner Is Offline section, it's worth pointing out that the RO might not be a human at all, in which call "offline" isn't the right word. We might also want to mention "break glass" as a phrase specifically, since everybody knows this phrase. We don't want to burden developers with trust framework knowledge, but it might be a good idea to call out to the Binding Obs at this point, because it's around here that UMA protection might tip over into enterprise access management.

Previous AI status

• AI: Thomas: Review the charter for potential revisions in this annual cycle.
• AI: Sal: Investigate IP implications of formal liaison activities with other Kantara groups with the LC, and ultimately draft an LC Note as warranted.
• AI: Gil: Edit the UIG to add Ishan's content and excerpt it for Eve to add to the FAQ, pointing everyone to the UIG.
• AI: Mike: Write SCIM protection case study to highlight client claims-based use case.
• AI: Andi and Zhanna: Please look at the section on optional and extension properties to see what might need an update to account for V1.0.1.
• AI: Maciej: Review and correct the Redirecting the Requesting Party to the Client After Claims Gathering section.
• AI: Maciej: Write up some recommendations for the RPT Refreshing section.
• AI: Maciej: Try to find Justin's old recommendations for the Permission Ticket Management section.

Attendees

As of 13 Oct 2015, quorum is 7 of 13. (François, Domenico, Sal, Thomas, Andi, Mary, Robert, Maciej, Eve, Sourav, Lisa, Arlene, Mike)

1. tbs

Non-voting participants:

• tbs

Regrets:

• tbs