UMA telecon 2021-09-23
Date and Time
- Primary-week Thursdays 06:30am PT; Secondary-week Thursdays 10:00am PT
Topic Candidates (from previous week's telcon)
Outcome of user stories discussion
PDP architecture includes the concept
TOIP/SSI are starting to define this ecosystem function
ANCR records update
Privacy as Expected.
- Ontario's Digital Identity Program
Privacy as Expected
- Site: privacy-as-expected.org
- From above page: PaE:CG [Privacy as Expected: Consent Gateway] is a project funded under NGI TRUST from OCT-2020 to JUN-2021 that will provide an end-to-end, user-centric, comprehensive, open source solution to managing Consent for Personal Data. The key deliverables are open software, a public demonstrator, real-world trials, and publications.
- Me2B is coming out
- Perhaps have an expert join us one week
- Nancy: seems like there is a lot of redundancy in terms of orgs doing similar things
- NGI Trust: NGI == Next Generation Internet
- Respectful Tech : Spec in final review under me2b org as a WG
Peter: Is Alec L working on this?
Steve: Analysis of Okta OSS implementations: "Delegate" and "Managed Access"
Eve/Nancy: UMA Legal and business Business-legal Framework and Use Cases
- Trying to separate resource rights administrator from data subject
Nancy: PP2pi (Protecting Privacy to Promote Interoperability Workgroup)
- Soliciting participation in these WG's
- Use cases span medical data with other services – ex; Disabled person looking for a job
- Eve: Convert the legal use cases doc and publish; demote out of date related stuff; cleaning up legal-type topics on WG wiki
Need an analysis of the PP2pi use cases
- this is a layer above UMA. Example:: graph for policy
Ref Sovrin whitepaper: https://sovrin.org/wp-content/uploads/Guardianship-Whitepaper2.pdf
- Eve: Can we make a forcing function out of this: e.g., a report that analyses these use cases w.r.t. UMA
- Mostly useful for scraping terminology
- Finish by end of November?
Delegation: lots of nuance : see UMA Legal role slides
Eve: World of RUFADAA: Revised Uniform Fiduciary Access to Digital Access Act
Sal: that is what we are working on in ANCR and the associated record that is created when RO starts discovery on first contact
Eve; We should use these secondary sources as we develop glossary, as well as how the use cases align (or don't) to UMA use cases.
- Also a concordance of use cases
Future UMA mtg: Need a discussion on document development: methods. GDocs/etc. is problematic
- Peter: Maybe Kantara's github?
- Use markdown?
Ontario's Digital Identity Program
Link to document: https://www.ontario.ca/page/consultation-policy-framework-ontarios-digital-identity-program
- Alec (previous week's notes): Feel free to submit comments to Ontario about the DI strategy
- We did a shallow review of doc, but we should figure out if any of it is relevant to UMA?
- Sal: put big comment around consent receipts;
Eve: proposing topic on defining "delegation" and associate
|Future mtg: ANCR records update, probably 30min; maybe two or three weeks out|
As of October 26, 2020, quorum is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve)