UMA telecon 2024-01-11
Date and Time
Agenda
Attendees
NOTE: As of Sept 15, 2022, quorum is 3 of 5. (Peter, Sal, Alec, Eve, Steve)
Voting:
Non-voting participants:
Regrets:
Quorum: No
Â
Meeting Minutes
Approve previous meeting minutes
Topics
Charter Refresh and 2024 Plan
Draft Charter 2024
Â
Pensions Dashboard Use-case report
Draft will be worked on here: Pension Dashboard Use-Case Report
Â
discussed plan to complete report. Alec is getting and tech writer to give it a final edit/polish this month
Â
AOB
Â
Â
Tentative 2023 roadmap:
120 A financial use-case report (following the Julie healthcare template)
openbanking is to FHIR(data model) as FAPI is to SMARTonFHIR(authZ protocol profile)
123 Pensions Dasboard Report → use-case is well understood and live/going live soon. tight use-case
127 Open Banking Report → requires more research, determine use case
130 IDPro knowledge base articles
140 Wikipedia article refresh: User-Managed Access
UMA simple value explainers, business and technical ‘marketing’
170 UMA + Verifiable Credentials OR UMA and Wallets/User Held Credentials (+ mDL?)
how does a wallet fulfill both an RS and AS responsibility for a user? How are available resources and attributes understandable by a wide-ecosystem
how does a local/offline wallet act as an RS if it’s offline?
how to create true user controlled ecosystem, not a few major wallets…
Â
Full list:
20 Confluence clean up, archive old items and promote the latest & greatest
100 FAPI Review (FAPI + UMA)Â
scope: how the FAPI work could be applied to UMA ecosystems
review may inform what profiling work is required, eg if UMA must support PAR to work with FAPI
120 A financial use-case report (following the Julie healthcare template)
openbanking is to FHIR(data model) as FAPI is to SMARTonFHIR(authZ protocol profile)
123 Pensions Dasboard Report → use-case is well understood and live/going live soon. tight use-case
127 Open Banking Report → requires more research, determine use case
130 IDPro knowledge base articles
140 Wikipedia article refresh
150 Minor profiling work,
resource scopes → scopesÂ
PAR as dynamic scopes eg fhir query params
policy manager & policy description
110 pushed claims types: templates + profiles (beyond IDTokens): 171 VCs, 113 consent, policy, mDL
170 UMA + Verifiable Credentials OR UMA and Wallets/User Held Credentials
how would VCs work in an UMA ecosystem? How could VCs be used as claims in UMA
There are openapi specs for VC formats
Could UMA protect a VC presentation or issuance endpoint?
There's a lot of openid4vc profilesÂ
300 mDL + UMA
scope: how mDL could work in UMA ecosystems, how mDL could be a claim to UMAÂ
is there a role for UMA in token fabrication and referencing it as the RS?
600 Review of the email-poc correlated authorization specification
500 UMA + GNAP Interaction Â
UMA 2 playground/sandbox
Upcoming Conferences
Â