UMA telecon 2021-06-03

Date and Time

• Alternate-week Thursdays  10:00am PT
  • Screenshare and dial-in: https://global.gotomeeting.com/join/485071053

  • United States: +1 (224) 501-3316, Access Code: 485-071-053

  • See UMA calendar for additional details: http://kantara.atlassian.net/wiki/display/uma/Calendar

Agenda

• Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06, UMA telecon 2021-05-13, UMA telecon 2021-05-20, UMA telecon 2021-05-27
• Continue Charter Review/Refresh
• Changes to Group Leadership
• AOB

Minutes

Roll call

Quorum was reached.

Approve minutes

• Approve minutes of UMA telecon 2021-04-22, UMA telecon 2021-04-29, UMA telecon 2021-05-06, UMA telecon 2021-05-13, UMA telecon 2021-05-20, UMA telecon 2021-05-27

Deferred 

Charter Review/Refresh

Please review the  Draft Charter 2021, changes have been highlighted in red.

(5)

• A horizontal UMA security profile, considering other profiles including HEART, FAPI, and OAuth 2.1

Changes to Group Leadership

• we need to renew our annual voting roles, Chair and Vice-Chair
• Next quorum we'll need to discuss and ideally vote on this topic
• Feel free to send nominations to the list so we're prepared at our next quorum. Alec will send a separate note to the list to raise this request
• If you have a voting membership, please let Alec know if you can/can't attend next week

Relationship Manager 

The last session was recorded, check it out so these will make sense

Discussed the merits of having a credential (public key) registered at the RS for a Resource Owner, and the different use-cases it starts to enable, both for UMA and getting into VC/SSI.

• RO can sign policy it writes to the AS. THe RS can have less trust in the AS since it's really trusting the RO
  • Today the RS trusts the AS as the RO. With the credential, the RS can trust any AS
  • Give the RO some more fiduciary capability aside from systme-sytem (RS-AS) trust. This is part of Decentralized ID value prop 
  • RO can delegate directly to other RqPs
  • Can this help the RS, not have to trust the RO as much? ANCR established the RO establish terms with any other system
  • Binding is the most critical bit of the trust flow. CIBA also solves for this, in a way that a RqP
    • UMA helps Alice ensure, that Bob is who he says, such that her policy can be applied to his request for Access
    • CIBA helps Bob ensure Alice is who she is. Currently we don't strongly bind Alice to the AS
  • Can we bind Alice to the AS, in a way the requesting party can confirm who she is?
  • ANCR wants to capture all this trusted state so that all parties can have this transparency, including getting Witnesses just in time. (parallels to a KERI witnesses, there is cryptogrpahic binding + attestation over an identifier)
    • ie UMA pushed claims, where the AS can 'ask for more' from a trusted thirdy party (the Witness)
• RS can issue to Alice, VCs. Either resource's as a VC, or actually data-containing VCs. Alice is then free to delegate and use from there. (The ssi credential exchange api)

RS <strong trust> RO <> AS 
RS <> AS <> RqP <> RPT{Alice's proof} <> RS

Alec will update the last RM Draft to:

• Add back the credential, drop Authorization Servers API from it. 
  • We're shifting the trust from the Fedz Auth api to the RO through their credential. 

AOB

• will be looking to setup an ANCR presentation to the Group is around a month. Sal will let us know when he's ready

Attendees

As of October 26, 2020, quorum is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve)

Voting:

1. Michael
2. Steve
3. Eve
4. Alec
5. Sal
6. Domenico

Non-voting participants:

1. Scott
2. Colin

Regrets: