UMA telecon 2021-02-11

Date and Time

• Alternate-week Thursdays 6:30am PT
  • Screenshare and dial-in: https://global.gotomeeting.com/join/485071053

  • United States: +1 (224) 501-3316, Access Code: 485-071-053

  • See UMA calendar for additional details: http://kantara.atlassian.net/wiki/display/uma/Calendar

Agenda

• Approve minutes of UMA telecon 2021-02-04
• Connect.ID 2021 Call for Speakers
• UMA and FAPI discussion
• AOB

Minutes

Roll call

Quorum was NOT reached.

Approve minutes

• Approve minutes of UMA telecon 2021-02-04

Connect.ID 2021 Call for Speakers (Oct 5-6)

https://www.terrapinn.com/exhibition/connect-id 

Please make sure to submit your application before 26th February: https://www.terrapinn.com/exhibition/connect-id/apply-to-speak.stm

Other upcoming identity/security conference (checkout https://kantarainitiative.org/events/):

• Identity Week Asia
• Identity Week UK

PDP Update

PD Program has sent across some proposed license changes. Currently in-review by Kantara

AEMS Update

There has been some work towards an POC here: https://github.com/uma-email/poc 

Check it out and get involved!

UMA WG Presentation to All-Members

1200-1230 EST Next Wednesday Feb 

Topic: Industry UMA profiles bring new work to our group

Alec will share the slides with the list ahead of this session sat/sun/monday

UMA and FAPI discussion con't

There has been some reach out to FAPI around our interest in exploring this in the WG. If anyone is interested in leading this item please reach out to Alec or the mailing list.

Other profiles next steps

What's inside the Wallet? Wallet as an RS? AS?

With information (identity + other credentials) stored at the Wallet, does it become an RS for me? 

With the Wallet, the 'subject' is in the data-flow, more OIDC like. An RS supports more 'delegation' or other requesting parties. Wallet may 'push' to endpoint more than allowing a RP to 'pull' data, specifically a mobile device is hard to be setup as an 'endpoint'.

How would push work? RP needs new information, calls an authorization endpoint. The AS routes to the smartphone (how? must be through some web service). The wallet receives a token to hit the RP API with the requested information.

One angle is that if the Wallet is an RS, to a client there is no difference. The RP receives a token and can redeem it for the requested information. 

In the PD profile the dashboard is a normal UMA client. Maybe the 'Wallet' profile can be positioned similarly, where the API being requested is the 'policy api' hosted by the AS. The policy api would expose the registered resources and the associated policies. In the current profile, the RO would need to return to the AS to modify policy (eg invite a new advisor), or see pending requests to their pensions from an advisor. Another interesting overlap between the wallet profile + PD profile is the need to discover RS's that may not have UX or a user credential. 

Topic for next week, re-introduce wallet/resource manager profiles with the additional pensions dashboard use-case as context.

Attendees

As of October 26, 2020, quorum is 5 of 9. (Michael, Karim, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve)

Voting:

1. Peter
2. Alec
3. Michael

Non-voting participants:

1. Ian
2. Colin

Regrets:

1. Sal
2. Andi
3. Eve