2015-06-30 Meeting Notes

Date

June 30th, 2015

Attendees

Goals

  • Kantara IPR Feedback, Review and Agreement
  • Principles Discussion

Discussion Items

TimeItemWhoNotes
1 minKantara IPRSal
4 minsRoll CallSal
  • Roll, new intros, announcements
4 minsMinutes/Notes UpdateSal
5 minsVirtual PlenarySal
35 minsPrinciplesAll
  • Return to Revocable...; Also covered Transferable;
3 minsOther AdminAll
  • Other Administrative, Action Item Review (not covered above) 
1 minsAoBAll
  • AoB TBD...

Action Items

  •  

High-level Topics Covered

  • Role call
  • IRP Update
  • Virtual Plenary Events
  • Principles Discussion
    • Revocable
    • Transferable

Detailed Meeting Notes

Returning to revocable, sorry about not editing mutable comments out…

How do we relate the work in the different groups as a roadmap for use cases.

Really important to see what is going on in other groups.

 

Reviewed work to date,

How do you get notified, how does someone as for revoke, who can revoke,

Specific use case in health care, doctor and patient both have health care records, there are two relationships, one is to have patient centric records, doctor signs in and uses the shared/owned patient record, and then for forensic reasons doctors and patients have records, but this is likely “write only”, it is restricted,

Resource owner and contract, still have some confusion about where this takes us.  It becomes hard to follow.  A lot of words have been used in the identity space over a long time and we need to make sure that we don’t repeat that issue here.  Different relationships to the same information.

Back to mutable, if something immutable, it cannot be revoked,

If something is revoked, it might be re-instated, so do we need to consider, suspended.

Be clear about what we mean because the term is not always very well understood,

If certain principles are in play then it might preclude others as in the case of mutable and revocable.

Can we be clear about the gap we are trying to fill, how do we cross the gap between where relationships are clear and where they are not (me and my health record vs. me and the IoT).  In 25 words or less.  Relationships with institutions that are clear vs. relationships with data brokers.

OK with this for now.

Moved on to Transferable

May be related to sub-attributes, so it has to be considered in context, so what about permission, is control also transferred.  So in the case of temporary how complete is your ability to modify.

So maybe its only about temporary because if something is transferred you have created a new relationship,

Do we actually have a relationship lifecycle?

Redefine relationships

Could be referred to as delegation, it’s an all or nothing thing, delegation with constraint, (UMA..?)

Kim, transferrable, temporary or permanent that constraints can be applied.

Temporary transference or else?  Delegated scope from a transfer (with return).

Doesn’t delete point, new actor, <- that’s a history.. vs.  lifecycle and same dichotomy with other principles

Adrian points that you might have a relationship block chain.

Notion of prior, car fax

Design principles of transferable allows for one party to “hand its entire connection or some of its permissions to a relationship to another actor” forever or less time,

Negative case <- Ian

Temperature and Location, when the actor can’t but the cloud or portal solution and moves over to operational considerations.  Can’t not do… 

Put principles through, everyone with their own expertise and overlap with other Kantara WG – DG activity.  Share the work.

LC resources for admin.