UMA telecon 2021-06-03

Date and Time

• Alternate-week Thursdays  10:00am PT

  • Screenshare and dial-in: https://global.gotomeeting.com/join/485071053

  • United States: +1 (224) 501-3316, Access Code: 485-071-053

  • See UMA calendar for additional details: http://kantara.atlassian.net/wiki/display/uma/Calendar

Agenda

• Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06, UMA telecon 2021-05-13, UMA telecon 2021-05-20, UMA telecon 2021-05-27

• Continue Charter Review/Refresh

• Changes to Group Leadership

• AOB

Minutes

Roll call

Quorum was reached.

Approve minutes

• Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06, UMA telecon 2021-05-13, UMA telecon 2021-05-20, UMA telecon 2021-05-27

Deferred 

Charter Review/Refresh

Please review the  Draft Charter 2021, changes have been highlighted in red.

(5)

• A horizontal UMA security profile, considering other profiles including HEART, FAPI, and OAuth 2.1

Changes to Group Leadership

• we need to renew our annual voting roles, Chair and Vice-Chair

• Next quorum we'll need to discuss and ideally vote on this topic

• Feel free to send nominations to the list so we're prepared at our next quorum. Alec will send a separate note to the list to raise this request

• If you have a voting membership, please let Alec know if you can/can't attend next week

Relationship Manager 

The last session was recorded, check it out so these will make sense

Discussed the merits of having a credential (public key) registered at the RS for a Resource Owner, and the different use-cases it starts to enable, both for UMA and getting into VC/SSI.

• RO can sign policy it writes to the AS. THe RS can have less trust in the AS since it's really trusting the RO

  • Today the RS trusts the AS as the RO. With the credential, the RS can trust any AS

  • Give the RO some more fiduciary capability aside from systme-sytem (RS-AS) trust. This is part of Decentralized ID value prop 

  • RO can delegate directly to other RqPs

  • Can this help the RS, not have to trust the RO as much? ANCR established the RO establish terms with any other system

  • Binding is the most critical bit of the trust flow. CIBA also solves for this, in a way that a RqP

    • UMA helps Alice ensure, that Bob is who he says, such that her policy can be applied to his request for Access

    • CIBA helps Bob ensure Alice is who she is. Currently we don't strongly bind Alice to the AS

  • Can we bind Alice to the AS, in a way the requesting party can confirm who she is?

  • ANCR wants to capture all this trusted state so that all parties can have this transparency, including getting Witnesses just in time. (parallels to a KERI witnesses, there is cryptogrpahic binding + attestation over an identifier)

    • ie UMA pushed claims, where the AS can 'ask for more' from a trusted thirdy party (the Witness)

• RS can issue to Alice, VCs. Either resource's as a VC, or actually data-containing VCs. Alice is then free to delegate and use from there. (The ssi credential exchange api)

RS <strong trust> RO <> AS 
RS <> AS <> RqP <> RPT{Alice's proof} <> RS

Alec will update the last RM Draft to:

• Add back the credential, drop Authorization Servers API from it. 

  • We're shifting the trust from the Fedz Auth api to the RO through their credential. 

AOB

• will be looking to setup an ANCR presentation to the Group is around a month. Sal will let us know when he's ready

Attendees

As of October 26, 2020, quorum is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve)

Voting:

1. Michael

2. Steve

3. Eve

4. Alec

5. Sal

6. Domenico

Non-voting participants:

1. Scott

2. Colin

Regrets: