https://www.udap.org/udap-client-authorization-grants.html
Why can't OAuth be profiled directly, the UDAP profiles require further profiles to get to an implementable level of specificity
Some of the examples create new risks, or could lead to new risks, eg around end-user identifiers
Few UMA members have stated interests in working with US health care and UDAP and/or UMA adoption in this space. We don't want UMA to be excluded because of perceived overlap with UDAP.
Do we need to explicitly show how UMA and UDAP can work together, eg through some report of udap profile? What do we want to produce, if/how do we engaged with the UDAP folks?
Eve moves to accept the 2022 charter. Sal seconds. motion passes!!
Alec will move it in place on our confluence and inform the LC