This is our last telecon of the year. We got only a couple of regrets from voting participants last week for this meeting -- hope we can get good representation, and raise a virtual cup of egg nog while solving lots of open issues in this last session of 2016. :-) http://kantarainitiative.org/confluence/display/uma/UMA+telecon+2016-12-22 Date and Time - *Thursdays,* 9-10am PT - Skype: +99051000000481 / US +1-805-309-2350 / international lines https://www.turbobridge.com/join.html / web calling interface https://panel.turbobridge.com/webcall/ / code 1782540 - Screen sharing: http://join.me/findthomas - NOTE: do not use the join.me dial-in line - UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar Agenda - Roll call - Approve minutes of UMA telecon 2016-12-01 http://kantarainitiative.org/confluence/display/uma/UMA+telecon+2016-12-01 - Logistics - This is our last meeting of the year - Refer to telecon 2016-12-01 http://kantarainitiative.org/confluence/display/uma/UMA+telecon+2016-12-01 minutes to see how voting/balloting process goes - UMA V2.0 workAOB - 2016 roadmap http://kantarainitiative.org/confluence/display/uma/UMA+Roadmap+for+2016 - Core is up to 09 https://docs.kantarainitiative.org/uma/ed/uma-core-2.0-09.html and RReg is up to 02 http://docs.kantarainitiative.org/uma/ed/oauth-resource-reg-2.0-02.html (no changes from last meeting) - Dynamic swimlane http://www.websequencediagrams.com/files/render?link=Pu0sP0Oe2kjKc2WgdKZd - Complete set math decisions *today*: see email proposal https://groups.google.com/forum/#!topic/kantara-initiative-uma-wg/QVr9EgbfvQ... - Proposal for "the rest of the issues to consider/take out of the backlog"; let's decide the final list by our first meeting in January and figure out our completion roadmap: - Use Cases for FHIR Security Authorization with Patient Consent http://kantarainitiative.org/confluence/download/attachments/17760302/Use%20... ("cascading authorization servers") - Shoebox endpoint/"audit whether RS gave access per permissions" (issues 24 https://github.com/KantaraInitiative/wg-uma/issues/24 , 224 https://github.com/KantaraInitiative/wg-uma/issues/224) - Hashed claims discovery (issue 254 https://github.com/KantaraInitiative/wg-uma/issues/254) - Issues that came up in editing: - What is the proper way to complete the specification of the UMA grant? e.g., how do the client's credentials actually get used in the flow? - Remove policy-specific resource/scope description properties from RReg and add as extensions in Core? - claim_token_profiles_supported: Provide real profiles for OIDC and maybe SAML? - What to do with the extensibility profiles? - Need to have IANA registry entries for both old uma-configuration and uma2-configuration? *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl