UMA telecon 2016-04-14

UMA telecon 2016-04-14

Date and Time

Agenda

  • Roll call
  • Approve minutes of UMA telecons 2016-03-24 and 2016-03-31
  • Solution proposals against wide ecosystem challenges (Eve's challenge analysis doc) – today's solution proposals include:
    • Alice's AS dynamically gets client credentials to Bob's claim sources (Eve)
    • Different patterns of Alice's AS and RS's accepting and providing federated logins (Adrian)
    • (Adding a new solution proposal to the list for a future meeting: Sourcing Bob's claims from a distributed ledger (champion?))
  • AOB

Minutes

Roll call

Quorum was reached.

Approve minutes

Approve minutes of UMA telecons 2016-03-24 and 2016-03-31: They're approved.

Wide ecosystem

Adrian's solution proposal

Alice has to have exactly one AS, and it has to work in a partitioned manner, such that Bob, the AS, and the RS have to work in a situation where they're on the same LAN with no Internet connectivity; this is required for #wideeco. Alice's AS has to be able to handle a client of Bob's if it's a web browser. Why the limited connectivity? Because if Alice decides that her AS wants to be on her phone vs. in the cloud, it may need to survive this lack of connectivity. Sal comments: The widest possible ecosystem would include examples of this, and there is some IoT that has this requirement, but this is not necessarily the best test of solutions for #wideeco. Eve wonders if we should be modularizing our problem space vs. bundling this challenge into #wideeco vs. in #IoT. Kathleen asks if this makes the ecosystem narrow vs. wide. 

What is the relationship between limited connectivity and the notion that Alice should ideally have exactly one AS? If the AS is "always on", then it would seem to be able to fulfill the needs of the other two components. If it has limited connectivity, then it would have problems whether Alice has one or more than one.

Eve's solution proposal

Alice's AS dynamically gets client credentials to Bob's claim sources. Lots of people have independently come up with this. In fact, MitreID Connect implements it. It's WebFinger-enabled. There's a constraint on the need to be in a canonical domain. (More notes may be coming from Sal.)

Attendees

As of 13 Apr 2016, quorum is 6 of 11. (François, Domenico, Kathleen, Sal, Thomas, Andi, Robert, Maciej, Eve, Mike, Sarah)

  1. Domenico
  2. Kathleen
  3. Sal
  4. Andi
  5. Eve
  6. Mike
  7. Sarah

Non-voting participants:

  • Scott
  • Justin
  • Adrian
  • Jin

Â