https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-06-03 MinutesRoll call Quorum was reached. Approve minutes - Approve minutes of UMA telecon 2021-04-22 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-04-22 , UMA telecon 2021-04-29 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-04-29 , UMA telecon 2021-05-06 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-05-06 , UMA telecon 2021-05-13 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-05-13 , UMA telecon 2021-05-20 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-05-20 , UMA telecon 2021-05-27 https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-05-27 Deferred Charter Review/Refresh Please review the Draft Charter 2021 https://kantarainitiative.org/confluence/display/uma/Draft+Charter+2021, changes have been highlighted in red. (5) - A horizontal UMA security profile, considering other profiles including HEART, FAPI, and OAuth 2.1 Changes to Group Leadership - we need to renew our annual voting roles, Chair and Vice-Chair - Next quorum we'll need to discuss and ideally vote on this topic - *Feel free to send nominations to the list* so we're prepared at our next quorum. Alec will send a separate note to the list to raise this request - If you have a voting membership, please let Alec know if you can/can't attend next week Relationship Manager The last session was recorded, check it out so these will make sense Discussed the merits of having a credential (public key) registered at the RS for a Resource Owner, and the different use-cases it starts to enable, both for UMA and getting into VC/SSI. - RO can sign policy it writes to the AS. The RS can have less trust in the AS since it's really trusting the RO - Today the RS trusts the AS as the RO. With the credential, the RS can trust *any* AS - Give the RO some more fiduciary capability aside from system-system (RS-AS) trust. This is part of Decentralized ID value prop - RO can delegate directly to other RqPs - Can this help the RS, not have to trust the RO as much? ANCR established the RO establish terms with any other system - Binding is the most critical bit of the trust flow. CIBA also solves for this, in a way that a RqP - UMA helps Alice ensure, that Bob is who he says, such that her policy can be applied to his request for Access - CIBA helps Bob ensure Alice is who she is. Currently we don't strongly bind Alice to the AS - Can we bind Alice to the AS, in a way the requesting party can confirm who she is? - ANCR wants to capture all this trusted state so that all parties can have this transparency, including getting Witnesses just in time. (parallels to a KERI witnesses, there is cryptogrpahic binding + attestation over an identifier) - ie UMA pushed claims, where the AS can 'ask for more' from a trusted third party (the Witness) - RS can issue to Alice, VCs. Either resource's as a VC, or actually data-containing VCs. Alice is then free to delegate and use from there. (The ssi credential exchange api) RS <strong trust> RO <> AS RS <> AS <> RqP <> RPT{Alice's proof} <> RS Alec will update the last RM Draft to: - Add back the credential, drop Authorization Servers API from it. - We're shifting the trust from the Fedz Auth api to the RO through their credential. AOB - will be looking to setup an ANCR presentation to the Group is around a month. Sal will let us know when he's ready Attendees As of October 26, 2020, quorum http://kantarainitiative.org/confluence/display/uma/Participant+Roster is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve) Voting: 1. Michael 2. Steve 3. Eve 4. Alec 5. Sal 6. Domenico Non-voting participants: 1. Scott 2. Colin Regrets: