- WG-UMA - mailman.kantarainitiative.org

Agenda for UMA telecon 2022-12-01
by Alec L 01 Dec '22

01 Dec '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/118784001/UMA+telecon+2… UMA telecon 2022-12-01Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - Kantara AGM, 7 December 11:00 am – 12:30 pm ET - IIW Debrief - AOB

1 0

Agenda for UMA telecon 2022-11-24
by Alec L 22 Nov '22

22 Nov '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/115638273/UMA+telecon+2… UMA telecon 2022-11-24Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - Kantara AGM, 7 December 11:00 am – 12:30 pm ET - IIW Debrief - AOB - Alec Laws alec(a)identos.ca

1 0

Cancelling this week's call
by Alec Laws 16 Nov '22

16 Nov '22

Hi all, Cancelling this week's call. I'll be in transit post-IIW Have a great week, and see you next time! Best, - Alec

1 0

Agenda for UMA telecon 2022-11-10
by Alec Laws 09 Nov '22

09 Nov '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/110166017/UMA+telecon+2… UMA telecon 2022-11-10Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - Kantara AGM, 7 December 11:00 am – 12:30 pm ET - AOB

1 0

Agenda for UMA telecon 2022-11-03
by Alec Laws 03 Nov '22

03 Nov '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/107544577/UMA+telecon+2… UMA telecon 2022-11-03Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - AOB

1 0

Draft minutes from UMA telecon 2022-10-27
by Alec Laws 28 Oct '22

28 Oct '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/97353729/UMA+telecon+20… UMA telecon 2022-10-27Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - AOB Attendees - NOTE: As of October 26, 2020, quorum <http://kantarainitiative.org/confluence/display/uma/Participant+Roster> is 5 of 8. (Michael, Domenico, Peter, Sal, Thomas, Alec, Eve, Steve) - Voting: - Alec - Sal - Non-voting participants: - Chris - Regrets: - Steve Quorum: No Meeting Minutes Approve previous meeting minutes - Approve minutes of UMA telecon 2022-08-11 <https://kantara.atlassian.net/wiki/spaces/uma/pages/39124993>, UMA telecon 2022-08-25 <https://kantara.atlassian.net/wiki/spaces/uma/pages/45875201>, UMA telecon 2022-09-08 <https://kantara.atlassian.net/wiki/spaces/uma/pages/56459265> , UMA telecon 2022-09-15 <https://kantara.atlassian.net/wiki/spaces/uma/pages/62029825> , UMA telecon 2022-09-22 <https://kantara.atlassian.net/wiki/spaces/uma/pages/62980097> , UMA telecon 2022-09-29 <https://kantara.atlassian.net/wiki/spaces/uma/pages/74055681> , UMA telecon 2022-10-06 <https://kantara.atlassian.net/wiki/spaces/uma/pages/79101953> , UMA telecon 2022-10-13 <https://kantara.atlassian.net/wiki/spaces/uma/pages/85721089> , UMA telecon 2022-10-20 <https://kantara.atlassian.net/wiki/spaces/uma/pages/91193345> - Deferred - no quorum Topics FAPI and UMA next steps - OAuth compatible UMA version https://fapi.openid.net/ UMA isn’t just additional to OAuth, but also changes defined functionality: - request/response names (scope / ticket, claims_redirect_uri) → creates need to change oauth libraries or create uma custom tech stacks - well defines AuthZ steps, the multi-step possibilities of ticket/correlation handles makes the flows extremely variable (eg can have 3 token calls, followed by claims gathering). To address those concerns, is it possible to create an intermediary spec that is OAuth compliant? OAuth <> *OAuth compliant UMA* <> Full UMA What’s the minimum viable UMA features set: needs_info, RqP role, claims_pushing, RS first flows What could be removed: PCT, request_submitted, *ticket(!)* Token endpoint, still need a new grant type for claims pushing, maybe renamed from uma-ticket to uma or uma-claims. There is no OAuth grant_type for this today - pro: OAuth BW compatibility - pro: maintain RqP separation, needs_info and claims pushing - con: no multi-step authZ (no ticket as correlation handle) - no pushing claims in multiple steps, no pushing claims + interactive gathering - no need/ less value of PCT - could be addressed by unique transactional scope created by AS? some challenges here.. - possible: remove PCT and request_submitted. Features that are less 'used' even by UMA impls? Reduce scope for reader/implementer - neutral: client can stay ignorant of authZ details since its’ returned the scopes to ask for Pushed Claims Case: 1. client requests resource, gets www-authenticate with scope string 2. client requests token, gets need_info with options (push or gather) and scope string (maybe changed) 3. client requests token with claims, gets RPT (or needs_info again?) 4. client requests resource with RPT Gathering Use Case 1. client requests resource, gets www-authenticate with scope string 2. client requests token, gets need_info with options (push or gather) and scope string (maybe changed) 3. client does authorization code flow with AS (/authorize → /callback) 4. client requests token with code, gets RPT 5. client requests resource with RPT Next steps: - Can we see this side by side with oauth - what are the implications to UMA Fedz - Draft UMA-lite spec text

1 0

Agenda for UMA telecon 2022-10-27
by Alec Laws 26 Oct '22

26 Oct '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/97353729/UMA+telecon+20… UMA telecon 2022-10-27Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps. OAuth compatible UMA version - AOB

1 0

Draft minutes for UMA telecon 2022-10-20
by Alec Laws 21 Oct '22

21 Oct '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/91193345/UMA+telecon+20… UMA telecon 2022-10-20Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps - AOB Attendees - NOTE: As of October 26, 2020, quorum <http://kantarainitiative.org/confluence/display/uma/Participant+Roster> is 5 of 8. (Michael, Domenico, Peter, Sal, Thomas, Alec, Eve, Steve) - Voting: - Alec - Non-voting participants: - Hanfei - Regrets: Quorum: No Meeting Minutes Approve previous meeting minutes - Approve minutes of UMA telecon 2022-08-11 <https://kantara.atlassian.net/wiki/spaces/uma/pages/39124993>, UMA telecon 2022-08-25 <https://kantara.atlassian.net/wiki/spaces/uma/pages/45875201>, UMA telecon 2022-09-08 <https://kantara.atlassian.net/wiki/spaces/uma/pages/56459265> , UMA telecon 2022-09-15 <https://kantara.atlassian.net/wiki/spaces/uma/pages/62029825> , UMA telecon 2022-09-22 <https://kantara.atlassian.net/wiki/spaces/uma/pages/62980097> , UMA telecon 2022-09-29 <https://kantara.atlassian.net/wiki/spaces/uma/pages/74055681> , UMA telecon 2022-10-06 <https://kantara.atlassian.net/wiki/spaces/uma/pages/79101953> , UMA telecon 2022-10-13 <https://kantara.atlassian.net/wiki/spaces/uma/pages/85721089> - Deferred - no quorum Topics FAPI and UMA next steps https://fapi.openid.net/ Went though UMA Grant and marked up what could be changed to be backwards compatible with OAuth UMA 2.0 Grant for OAuth 2.0 - Alec markup.pdf 20 Oct 2022, 01:38 PM

1 0

Agenda for UMA telecon 2022-10-20
by Alec Laws 20 Oct '22

20 Oct '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/91193345/UMA+telecon+20… UMA telecon 2022-10-20Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA next steps - AOB

1 0

Agenda for UMA telecon 2022-10-13
by Alec Laws 13 Oct '22

13 Oct '22

https://kantara.atlassian.net/wiki/spaces/uma/pages/85721089/UMA+telecon+20… UMA telecon 2022-10-13Date and Time - Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT - Screenshare and dial-in: https://zoom.us/j/99487814311?pwd=dTAvZi9uN0ZmeXJReWRrc1Zycm5KZz09 - United States: +1 346 248 7799, Access Code: 994 8781 4311 - See UMA calendar for additional details: https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518/Calendar <https://kantara.atlassian.net/wiki/spaces/uma/pages/4857518> Agenda - Approve minutes since UMA telecon 2022-06-30 <https://kantara.atlassian.net/wiki/spaces/uma/pages/14352423> - FAPI and UMA - AOB

1 0