UMA telecon 2021-05-13
- Alec Laws
UMA telecon 2021-05-13
Date and Time
- Primary-week Thursdays 6:30am PT
- Screenshare and dial-in:Â https://global.gotomeeting.com/join/485071053
United States: +1 (224) 501-3316, Access Code: 485-071-053
- See UMA calendar for additional details:Â http://kantara.atlassian.net/wiki/display/uma/Calendar
Agenda
- Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06
- Pension Dashboard Update
- AOB
Minutes
Roll call
Quorum was reached.
Approve minutes
- Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06
DeferredÂ
Pension Dashboard Update
https://kantarainitiative.org/uma-profile-for-uk-pensions-dashboard-programme/
There will be no press release/promotion while the invitation to tender is open, until ~September.
There have been a few RFX's that have included UMA in past couple years. Can we collect some of the references together? Alec will look at some Canadian onesÂ
Relationship Manager Review
We went back through the different proposed profiles and the recent Relationship Manager Draft (recent draft text). I
In the recent RM draft, the concept of exposing the resource to the client works nicely, as it closely follows the UMA Fedz resource registration api. However, the addition of authorization server management and protection here has been awkward. In some of the early proposed "Wallet" profile drafts, this concept doesn't exist. Instead the Wallet Client (Relationship Manager) registers a credential (pub key) with the RS, allowing i) the RM to create signed permissions at the AS, over the Policy API and ii) the RS to verify the permission is signed by the credential, eg directly trace to the RO, not only trusting the AS. This mechanism also worked with the Resource Definition profile, as the RS has registered general resource types with the AS, it can get a specific resource conveyed through the RO permission. The credential idea becomes an intersections between the W3C standards and UMA, now using W3C Verifiable Credentials instead of the loose proposal in the Wallet draft. We looked at a OIDC based credential issuance api, and spoke about how it could be used to issues UMA resource definitions as credentials to the RM.
AOB
Attendees
As of October 26, 2020, quorum is 5 of 8. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve)
Voting:
- Michael
- Alec
- Domenico
Non-voting participants:
- Scott
- Steve V, Recently joined Forgerock, history working with IAM going back to Boeing.
- Colin
Regrets:
- Eve
- Ian
- Ken