Notes from UMA legal subgroup telecon 2015-11-06

6 Nov 2015

      Fri Nov 6 8-9am PT
Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540#
Screen sharing: http://join.me/findthomas http://join.me/findthomas - NOTE: IGNORE the join.me http://join.me/ dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line)
UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar http://kantarainitiative.org/confluence/display/uma/Calendar
Goal: start building a general "legal stack" for UMA-specific elements
Learn more of Andrew H’s use case details
Examine the sociotechnical norms for potentially useful concepts
AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal

Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.

What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?

He’s trying to capture “reliance” relationships, and obligations/commitments.

Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.

The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.

Once you have the abstract model, then you can identify your specific “users” and “operators”.

So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.

Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.

Next steps:

Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements.
After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".

Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com

Eve Maler

j stollman

Andrew Hughes

John Wunderlich

Andrew Hughes

sldavid

BridgeIDentity

James Hazard

Lisa Moon

tags

participants (8)