UMA telecon 2015-09-03

UMA telecon 2015-09-03

Date and Time

Agenda

  • Roll call
  • Minutes approval
  • Last-minute quick hits
    • Conclude on topic: GitHub paradigm
    • Sal's IDESG form for UMA as "recommended standard"
  • Spec review work in preparation for 45-day public review
    • Specs for review and email thread with some open issues here
    • Issues on GitHub here
    • Timeline for patch release process here
    • What is the likelihood of our reaching quorum next week?
  • If time: UIG status
  • AOB

Minutes

Roll call

Quorum was reached.

Minutes approval

MOTION: Approve the minutes of UMA telecon 2015-08-27. APPROVED by unanimous consent.

Conclude on topic: GitHub paradigm

Plan of record: Use GitHub tricks to clean up our IP hygiene; keep the repo open.

AI: Eve: Convey GitHub best practice lessons learned to Sal for LC knowledge.

Spec review work in preparation for 45-day public review

#15: Adrian would like to see the RS register its intent with the AS, in order to inform the RO, to act contrary to the sufficiency-of-authorization indications associated with the RPT presented by the client. The "The resource server MUST NOT give access where the token's status is not associated with sufficient authorization data for the attempted scope of access." wording was meant to be a "wormhole" into the Binding Obs or other legal subgroup outputs, because it's not technically a testable assertion.

We changed the MUST NOT to a STRONGLY RECOMMENDED wording.

AI: Adrian: Submit an issue to solve the "RS notifies RO of access" challenge.

The rest of the items just need careful review by everybody.

AI: EVERYONE!: Please review the specs (which Eve will republish today) carefully by Monday, and put any new issues in GitHub.

AI: ALL VOTING PARTICIPANTS: Please attend next week's meeting to achieve quorum.

UIG status

Deferred.

AI status

  • AI: Thomas: Review the charter for potential revisions in this annual cycle.
  • AI: Sal: Investigate IP implications of formal liaison activities with other Kantara groups with the LC, and ultimately draft an LC Note as warranted.
  • AI: Gil: Edit the UIG to add Ishan's content and excerpt it for Eve to add to the FAQ, pointing everyone to the UIG.
  • AI: Sal: Fill out IDESG form to have UMA adopted as a recommended standard for use in the IDESG framework. [DONE – thank you, Sal!]
  • AI: Mike: Write SCIM protection case study to highlight client claims-based use case.
  • AI: Maciej: Write as many sections for the UIG as he can.
  • AI: Justin: Write a UIG section on default-deny and race conditions.

Attendees

As of 1 Sep 2015, quorum is 7 of 12. (François, Domenico, Sal, Thomas, Andi, Robert, Maciej, Eve, Arlene, Irwin, Mike, Jon)

  1. Eve
  2. François
  3. Domenico
  4. Sal
  5. Robert
  6. Mike
  7. Jon Neiditz - legal subgroup member
  8. Maciej

Non-voting participants:

  • Sarah
  • Mark
  • Adrian
  • James
  • Justin
  • George
  • Colin

Â