We worked from the flows and diagrams in Alec's recent email.

Alec has now added both Alice and Bob into the "new spiral" diagram. The RO delegates RS management to the wallet. The RqP now has a flow where they can release resources to the AS. The client is redirecting the RqP to the AS. Depending on how the delegation is managed, authorization can happen at the AS or at the wallet. Adrian asks: Because in his world (HIE of One) the wallet isn't necessarily online, what are the implications? The wallet in this control plane view needs to be online to write policy. So why have "choose wallet" as a dotted line and why not make this the default? Because their AS doesn't even have or need any claims gathering. This is Alec's challenge in generalizing what they've done to cover more use cases. We'll have to test the general-case design a bit.