*Tuesday 9-10am PT* *Dial-in and screenshare:* http://join.me/findthomas *Calendar:* http://kantarainitiative.org/confluence/display/uma/Calendar *(if you are currently not being invited to WG meetings and want to be, or the reverse, let me know)* Our current substantive open issues look like this: - *#290 <https://github.com/KantaraInitiative/wg-uma/issues/290> (Generality of RReg spec?) and #296 <https://github.com/KantaraInitiative/wg-uma/issues/296> (Out-of-the-box profiling for tight AS-RS coupling):* This is a biggie. Current proposal (*for which I hope to have some more details by call time!*) is to consider a different way of modularizing the specs. A group consisting of me, Mark L, Maciej, Andi, and Cigdem talked about this further in London last Monday and there was a pretty strongly favorable impression. - *#294 <https://github.com/KantaraInitiative/wg-uma/issues/294> (Consider a proof-of-possession option for the RPT):* This topic is broader by now, including token binding etc., and we suspect this all might "just work". This just needs to be analyzed a bit. *Prabath*, you were going to take a look -- can you, please, and write up? - *#295 <https://github.com/KantaraInitiative/wg-uma/issues/295> (When a requesting party needs to withdraw their access):* This touches on downscoping and token revocation, and thus could use some analysis. *Justin*, this could use your eyeballs in particular, but it's really for *everyone*. - *#298 <https://github.com/KantaraInitiative/wg-uma/issues/298> (Reconsider whether ticket should be on all redirect-back AS responses):* Justin and Cigdem have been commenting on this one and seem to have consensus so far that we're okay, but it could use more eyeballs. But another related issue has come up about the appropriateness of not_authorized as an error that we could consider. *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl