UMA telecon 2011-11-17
UMA telecon 2011-11-17
Date and Time
- WG telecon on Thursday, 17 Nov 2011, at 9am PT (time chart)
- Skype line "C": +9900827042954214
- US: +1-201-793-9022 (other int'l numbers) | Room Code: 295-4214
Agenda
- Roll call
- Approve minutes of 2011-10-13, 2011-10-20, 2011-10-27, 2011-11-03, and 2011-11-10 meetings
- Action item review
- Trust model and implementer user guides/best practices work
- FAQ status
- Review 2011Q4 timeline
- No meeting next week: holiday
- Meeting on Dec 1: chair pro tem
- Spec and issue edit status
- I-D contribution status
- Webinar planning
- UMA core spec issues
- AOB
Attendees
As of 16 Nov 2011, quorum is 7 of 12.
- Bryan, Paul
- Catalano, Domenico
- D'Agostino, Salvatore
- Machulak, Maciej
- Maler, Eve
- Moren, Lukasz
- Morrow, Susan
- Szpot, Jacek
- Wray, Frank
Non-voting participants:
- Kevin Cox
Regrets:
- Hardjono, Thomas
Minutes
New AI summary
Eve |
Open |
Set up a trust model subteam ad hoc call in the 10am or 11am PT hour some day, and forward key messages from the existing thread to the UMA WG list. |
 |
|
Eve, Frank |
Open |
Work with Dervla to book WebEx, arrange for audio lines, and publicize the registration link. |
 |
Roll call
Quorum was reached.
Approve minutes of 2011-10-13, 2011-10-20, 2011-10-27, 2011-11-03, and 2011-11-10 meetings
Minutes of 2011-10-13, 2011-10-20, 2011-10-27, 2011-11-03, and 2011-11-10 meetings APPROVED.
Action item review
- 2010-11-18-4 Eve Open Capture new user stories in the wiki. Now OBE. It sufficiently conveys the "feel" of what users should experience. We can always supplement it in future, in reaction to requests.
- 2011-09-22-4 Various Ongoing Build list of FAQs on the wiki. Paul to write a FAQ on "access granularity". Susan to draft a FAQ on "government PDS use cases". Lukasz to write a FAQ on the SMART implementation.
- 2011-09-29-1 Frank, Sal, Dom, Sus, Kevin et al. Open Prepare Trust Model "user guide".
- 2011-10-20-1 Eve Open Add Sampo's and others' latest implementation info to the wiki.
- 2011-10-20-2 Paul Open Define a set of "RESTful CRUD" scopes that can be reusable. Paul is working on this. Paul has chosen JSON exclusively; this may cause controversy.
- 2011-10-27-1 Thomas Open Implement the result of issue #3, now reopened in case there are questions, and other conclusions from 2011-10-27 and 2011-11-03 telecons. Deferred due to illness.
- 2011-11-03-1 Paul Open Comment on and close issue #8, comment on and close issue #15 and incorporate spec revision, comment on issue #16 and discuss with Eve, comment on issue #24, and comment on issue #25. Will do this week.
Trust model and implementer user guides/best practices work
A private thread on the trust model topic has blossomed. Susan wrote the most recent entry. She has proposed a document outline that covers qualitative and quantitative aspects of using UMA in a trust-enabled deployment.
We think the audience should be: business owners and deployers of UMA. If we have multiple audiences, we should probably branch out to multiple documents. Or we can provide technical and business examples side by side.
We think the document should cover topics like:
- What should a technical UMA profile look like, for various deployment requirements?
- What UX constraints might be imposed?
- How would you solve the problem of needing LOA on the authentication of various parties?
- How would you solve the problem of needing LOP/LOC on the usage of shared data?
- Introductory material (see Dom's graphics) that explains UMA's approach to trust in a nutshell.
Kevin's company was approached by a government department looking to write a document about trust. Legislation tends to be general, but the examples are what gets followed. They become the de facto standard. (The same is true for technical specs.) So we should strive to make our examples good-quality.
Review 2011Q4 timeline
Let's target the Dec 8 meeting to approve the next draft to be published as an I-D, so that it comes out prior to the webinar.
Webinar planning
Kevin expresses interest in sponsoring up to 25 additional audio lines at a cost of US$15 each.
Frank has proposed an outline for the webinar, assuming that the audience is made of potential implementers and deployers. Here's an expanded version from today's discussion:
- What is UMA and why do we need it? (Eve)
- Use cases for UMA (up to five UMAnitarians)
- Why would an organization want to operate an authorization manager?
- Why would an organization want to operate an UMA-enabled host app?
- Existing UMA implementations:
- Cloud Identity/Newcastle University
- Synergetics/TAS3
- Fraunhofer AISEC
Shall we change up speakers for each item? Yes, we should try.
UMA core spec issues
We're behind on editing, but we'll catch up shortly. Paul and Eve will work together to close issues.
Next Meetings
- NO WG telecon on Thursday, 24 Nov 2011 – U.S. Thanksgiving holiday
- WG telecon on Thursday, 1 Dec 2011, at 9am PT (time chart) – Eve regrets; vice-chair Maciej is chair pro tem
- WG telecon on Thursday, 8 Dec 2011, at 9am PT (time chart) – Last telecon before webinar! Approve new I-D rev
- Webinar on Wednesday, 14 Dec 2011, at 10am PT (time chart) – Webinar!
- WG telecon on Thursday, 15 Dec 2011, at 9am PT (time chart)
- WG telecon on Thursday, 22 Dec 2011, at 9am PT (time chart)
- NO WG telecon on Thursday, 29 Dec 2011 – Happy new year!