https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-05-26 Agenda - Approve minutes since UMA telecon 2022-03-31 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-03-31> - UMA/UDAP/etc comparison - Let's add a row for GNAP/mDL - Charter Refresh - AOB Attendees - NOTE: As of October 26, 2020, quorum <http://kantarainitiative.org/confluence/display/uma/Participant+Roster> is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve) - Voting: - Alec - Non-voting participants: - Scott - Nancy - Regrets: Quorum: NoMeeting MinutesApprove previous meeting minutes - Approve minutes of UMA telecon 2022-03-31 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-03-31> , UMA telecon 2022-04-06 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-04-06> , UMA telecon 2022-04-14 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-04-14> , UMA telecon 2022-04-21 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-04-21> , UMA telecon 2022-05-05 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-05-05> , UMA telecon 2022-05-12 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-05-12> , UMA telecon 2022-05-19 <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2022-05-19> - *Deferred–no quorum* Topics UMA/UDAP/etc comparison - https://docs.google.com/spreadsheets/d/1UWxhLoLFsVNmHulGvyS_3vx5hF9u2reFXT3g... - Let's add a row for GNAP - https://datatracker.ietf.org/wg/gnap/documents/ - https://oauth.xyz/ - Could also add a row for mDL 18013-5 (online/offline/hybrid) - https://www.aamva.org/getmedia/c4fe2a21-91ff-449d-9df3-5a7e33cf3a8e/mDL-Impl... Julie Use-case Report - progress update on resolving feedback - Link to V0.3 Working Group Draft: Julie Use-case Report <https://kantarainitiative.org/confluence/display/uma/Julie+Use-case+Report> Charter Refresh Draft Charter 2022 <https://kantarainitiative.org/confluence/display/uma/Draft+Charter+2022> AOB me, delegate ?user=delegate Does the RqP need to know the owner? No Does UMA support group membership policy? Yes Alice has a resource R registered at her A, she delegates control to Bob, allowing Bob to 're-share' R with Sam. If Alice shares a resource R with Bob, Bob should not be able to share R with Sam Delegation of Control (administration): Alice allows Bob to create policies over her resources (R, S, T) Delegation of Access (sharing): Alice allows Bob to access her resources (R, S) resource = R, scopes = (a, b, c), owner = O Explicit Policy (opt-in): O says R can be accessed by ANYONE who provides a (name, email) ← eg to download some whitepaper Implicit(default) Policy (opt-out): AS has a policy that all R of type can be access by ALL doctors Implicit Policy: AS will allow any Doctor to access any resource if they assert the scope 'btg' Implicit Policy: As will allow any RqP who is an Owner to access their own resources Implicit policy is (today) broadly agreed to by the Owner when the agree to the ASs Terms of Service. Implicit Policy may allow an *explicit* opt-out by an owner. Explicit Opt-out: O say doctor E can't access any of her resources National Policy > State Policy > Local Policy > (Implicit) Organizational Policy >* actual policy *< subject/owner/administrator Policy (Explicit) Should we have have more impl guidance around Group Policy? It's supported in the spec, however most of our public information is Alice→Bob sharing