UMA telecon 2021-04-22

UMA telecon 2021-04-22

Date and Time

Agenda

Minutes

Roll call

Quorum was reached.

Approve minutes

Eve moves to approve.  Peter seconds. Motion Passes!


Pension Dashboard Update

RFP is released, included profile + design doc largely the same as what we've reviewed previously

Still finalizing the Kantara hosted publication of the contributed profiles (outside the UMA WG). We'll update the UMA site with some explanation after it's up

Kantara will look to put a press release out when the documents are posted


Is there interest in implementing/trying the profiles from the WG members?
Origo has an (older) POC of the AS/system. IDENTOS is interested in building a conforming 'RS Adapter'. Could we try with some open source UMA components (gluu gateway/keycloak)? Members will need access to the RFP versions of the profile + design documents 


Identiverse 2021

We can have a dedicated UMA presentation slot (25mins)

Alec will ask about attending identiverse, volunteer to present (maybe remote). Presentation can be recorded or live


Andi will cover the UMA EIC presentation in Sept


IIW Review

Eve and George presented the UMA 101 session with 15-20 attendees. Took a slightly different approach, more of a true 101 session with increasing detail as it went. Covered new profiles and the UMA<>decentralized identity relationships. Eve can upload the new slides to the wiki

Some questions about user interface standards "will there be standards about UMA interfaces?" 


Ian notes that Pension Dashboard → Dashboard client sharing of pensions resources is possible in the profile. The person dashboard is a true interoperable uma client. After finding, Alice can access her pensions from any Dashboard client after registration. 

Pensions dashboard includes an idea of Alice→Alice sharing happening before any Alice→Advisor(Bob) sharing happens. Eve notes this pattern is useful in health care use-cases where the Patient ID works against some privacy goals, anyone with the ID could see/access a lot with a FHIR API 


The idea that UMA is a layer above any identity let's UMA apply very widely. However, specific deployments do need to specific the identity trust model (where is it integrated, who has to trust it, etc)

The PDP profile is a lot of specifying the identities, which ones exist (Alice as Citizen, Bob as Advisor), where (at AS and Dashboard), whether they need to be conveyed between system (IDToken to RS for matching), how they are stored + resumed (PCT profiling). FPX also specifies identifies, no IDs at the AS, used mainly at the RS, the Wallet needs authentication and may rely on the RS for ID.


Looking for production DID/VC use cases? NHS Truu id? A lot of challenges being raised about wallet interop, the growing number of did methods, technical limitation of DID-SIOP and the lack of direct interop with existing Identity/Authorization systems. A lot of people questioning the market/use-case/user drivers for SSI, there are solid example in peer dids, but not clear overarching path forward.

Profiles Discussion, relationship manager draft

AOB

Attendees

As of October 26, 2020, quorum is 5 of 8. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve)

Voting:

  1. Michael
  2. Eve
  3. Alec
  4. Domenico
  5. Peter

Non-voting participants:

  1. Ian
  2. Colin
  3. Ken

Regrets: