UMA telecon 2013-03-28

Date and Time

• All-hands meeting on Thursday, Mar 28, at 9am PT (time chart) - look at issues list and prioritize; work up a more formal completion roadmap
  
  • Skype: +99051000000481
  • US: +1-805-309-2350 (other international dial-in lines available) | Room Code: 178-2540

Agenda

• Roll call
• Approve minutes of UMA telecon 2013-02-28 and read into today's minutes the notes from UMA telecon 2013-03-21, UMA telecon 2013-03-14, and UMA telecon 2013-03-07
• Review issues list and review the UMA WG roadmap
  
  • Technical
  • Legal
  • Educational/outreach/liaison
  • Interop
  • Other
• Action item review in light of the above
  
  • Schedules, topics, and chairs pro tem for various April meetings
  • NOTE: "Summertime skew" ends as of April but be sure to check your local listings and the time chart links below
• Discuss UMA+OpenID Connect optimization opportunities highlighted in Monday's ad hoc meeting
• AOB

Minutes

Roll call

Quorum was reached.

Minutes approval

Deferred.

Review issues list and review the UMA WG roadmap

What should we complete by the end of Q2 2013? Brainstorming:

1. Written profile of UMA for a particular scenario or use case or sector that drives...
2. ...a working POC of UMA-mediated access to PII to drive experience with the technology
3. A functional virtual interop setup (presumably on the OSIS wiki) and defined testing event/period...
4. ...that possibly integrates with OpenID Connect and even OAuth interop testing
5. Roughed-out profiling and/or optimization of UMA usage with OpenID Connect...
6. ...along with roughing out how "personal discovery" might work for identity claims
7. Work out any UMA-specific implications of token revocation
8. Promote token introspection (external) and resource set registration (UMA-generated) I-Ds as OAuth work items
9. Improve and update the Binding Obligations spec with legal eagle input
10. Create more reusable UMA education materials that explain UMA in light of existing OAuth
11. (Colin Wallis:) RealMe profiling of UMA

The comparison tables should include the terminology differences and scenario-specific architecture maps.

Here's what it means to be a champion: You push the topic forward every week, identify inhibitors to making progress, and identify what we could add to every week's agenda to accerate progress.

Andrew is working on a project involving "assertions of medical right-to-practice". The HIAWG is working on this. The attribute provider might be the state medical board, for example. Keith would like to bring this use case to the Scalable Privacy initiative. This whole scenario bears a resemblance to our "Project hData" scenario. Sal will alert us to new use cases involving real-world attribute release, having to do with health employee credentialing, e.g. in a hospital context.

Open-source implementation status: The Fraunhofer code has an unknown status with respect to the current UMA specs. Dazza has a strong need to show a demo with real code. Perhaps check out Gluu's OX open-source code.

AI: Eve: Ask Mike or another Gluu person to take part in UMA+OIC conversations.

AI: Eve: Add to future agenda a discussion of the ways in which UMA and XDI relate.

Discuss UMA+OpenID Connect optimization opportunities highlighted in Monday's ad hoc meeting

AI: Eve: Set up an ad hoc meeting with at least Thomas, Adrian, and Keith to map out the hypothetical use case from the ad hoc meeting in true HIE/HIPAA/etc. terms.

Attendees

As of 28 Mar 2013, quorum is 6 of 10.

1. Alam
2. Eve
3. Keith
4. Thomas
5. Sal
6. Maciej

Non-voting:

• Andrew
• Adrian
• Susan

Regrets:

• George
• Domenico

Next Meetings

• Focus meeting on Thursday, Apr 4, at 9am PT (time chart) - discuss UMA/XDI comparison and synergies
• Focus meeting on Thursday, Apr 11, at 9am PT (time chart) - Eve possible regrets?
• Focus meeting on Thursday, Apr 18, at 9am PT (time chart) - Eve definite regrets
• All-hands meeting on Thursday, Apr 25, at 9am PT (time chart) - Eve definite regrets, sigh