John W asked in Skype whether deterministic sets, as we were just talking
about in the call today, would allow for overrides of a policy for purposes
of data localization or regulation etc. My response was that it's an AS
that represents the results of the RO's policy in a token, and it's an RS
that might override those results once the client brings that token over to
the RS (the "Adrian clause").
Thus, I wondered if the RS's actual granted access should be considered a
sixth set of a scopes that we should track, describe, etc. in the spec. It
would probably be useful in the UMA Legal work, at a minimum!
I also noted that the RS might need to do overrides in an
out-of-band-of-UMA situation. As we've discussed in the past, such a
situation might include court order or a "break glass" situation. This
would mean that this set of scopes could be interestingly disjoint from the
original five sets.
Thoughts?
(BTW, I've sent out Slack invitations, as we'd promised, to everyone who
currently gets Google Calendar invitations to our WG meetings, plus whoever
else asked for an invitation. If you'd like to get an invitation in
addition, drop me a private note.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl