UMA telecon 2022-06-30

Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT
- Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09
- United States: +1 (224) 501-3316, Access Code: 485-071-053
- See UMA calendar for additional details: http://kantara.atlassian.net/wiki/display/uma/Calendar

NOTE: As of October 26, 2020, quorum is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve)
Voting:
- Steve
- Alec
- Eve
- Peter
- Sal
Non-voting participants:
- Lenore
- Scott
- Chris
Regrets:

Industry self-reflection

is identity a dual use technology? seems to be true of anything, needs to stay mindful always
Identity as a surveillance tool
- Shifting of the surveillance to the wallet

passkeys

mDL

GAIN (global assured identity network)

GNAP

general audience struggles with: correlation handles, claims pushing
the added value needs to overcomes the pain of change
options make specs hard to understand (and test!)
can we show simple uma flows, uma cookbook?
- eg just auth code flow (no claims pushing), just claims pushing (no auth code) as profiles
- or profiles that remove optionality of path names, make interop testing easier
- good designs for resource registration against FHIR (or open banking/FPX)

Shared Signals & Events

IDPro

Healthcare

draft completed, will socialize on the list for feedback

US is working on federal privacy legislation! A rights/responsibilities framework without requirements

Confluence clean up, archive old items and promote the latest & greatest
Review of the email-poc correlated authorization specification
A financial use-case report (following the Julie healthcare template)
- either open banking or pensions dashboard
- openbanking is to FHIR(data model) as FAPI is to SMARTonFHIR(authZ protocol profile)
mDL + UMA
UMA + GNAP https://oauth.xyz/specs/
- would we have an UMA GNAP version (eg extension of GNAP or UMA? UMAonGNAP)
- will GNAP meet all the UMA outcomes?
IDPro knowledge base articles
UMA 2 playground/sandbox
- eg https://developers.google.com/oauthplayground/, https://www.oauth.com/playground/

Browser not supported