[Wg-uma] Draft minutes of UMA telecon 2009-08-20

Eve Maler eve at xmlgrrl.com
Thu Aug 20 17:33:49 PDT 2009


The draft minutes are here:

http://kantarainitiative.org/confluence/display/uma/UMA+telecon+2009-08-20+%28quorate%29

The action item summary is here:

http://kantarainitiative.org/confluence/display/uma/Meetings+and+Minutes

The draft minutes are also pasted below from the wiki, for your  
convenience. I'm not a big fan of rich text in email, but I've used it  
below to retain the embedded links. Let me know if you prefer your  
email 7-bit clean, the way the Deity intended :-), or pretty with  
hyperlinks. (Or for me just to send out a link to the minutes, as I've  
done previously...)

	Eve

Attendees
Akram, Hasan
Andrieu, Joe
Bryan, Paul
Machulak, Maciej
Maler, Eve
Nagelberg, Alan
Regrets
J. Trent Adams
Christian Scholz
Mike Hanson
Bill Smith
Iain Henderson
Agenda
Roll call
Announce results of leadership team balloting
Approve minutes of prior telecons
UMA telecon 2009-08-06
UMA telecon 2009-08-13
Consider setting up a special time to review ProtectServe details
Review and consider acceptance of scenarios and use cases
Sharing a Calendar with Vendors (Pending)
Granting Service Access to a Photo Set (Pending)
See if anyone wants to champion items in the bucket of scenario, use  
case, and issue ideas we've been collecting
AOB
Minutes
Roll call
6 of 27 present; quorum not reached.

Announce results of leadership team balloting
As previously announced in email, Eve Maler was confirmed as Chair,  
Paul Bryan as Vice-Chair and Technical Spec Editor, and Hasan Akram as  
Use Cases Editor. Thanks to all for their participation in this ballot.

Approve minutes of prior telecons
UMA telecon 2009-08-06
UMA telecon 2009-08-13
Deferred due to lack of quorum.

Consider setting up a special time to review ProtectServe details
AI: Eve: Create a doodle poll to establish a time for a ProtectServe  
overview.

IIW F2F meeting idea
Eve has pursued inquiries with the IIW organizers, and they may have a  
room to offer us. Let's try and request an afternoon-long meeting on  
the Monday. We could also plan to host an IIW session sharing the  
results of our work to date. (Do we need a "walk-through IPR  
agreement" in the form of a sign outside the door?)

AI: Eve: Check on IPR considerations around public(ish) F2F meetings.

Review methods of working on our documents
Hasan has sent email proposing a way of contributing to the scenario  
document: we can use hashtags to alert him of our ideas in email, or  
contribute content directly. Note that his email may have reversed the  
senses of our choice of scenario (high-level) and use case (lower- 
level) terminology.

The goal is to identify the key differences between scenarios/use  
cases, so that we don't add a lot of duplication.

Scenarios are high-level, ideally real-world, and express the needs of  
the actors without reference to technology (unless interoperability  
with something is a hard requirement/constraint).
Use cases add a precise accounting of the actors and the overall  
interaction goal. They might have pre-conditions and post-conditions.
Issues capture a technical problem we're going to need to decide.
Requirements (which we don't actually have any of, yet) capture a  
unique technical need we've agreed to solve.
Eventually our technical specs will need to turn into IETF Internet- 
Drafts. So possibly we should write the spec using xml2rfc.  
Alternatively, we could edit the document in Confluence, which allows  
for more natural collaboration and gives us some content management  
(e.g. tracking changes) by default. Maybe there's a way to export to  
xml2rfc or raw HTML from Confluence.

AI: Paul: Research technical spec formats and their pros and cons.

Review and consider acceptance of scenarios and use cases
We discussed two scenarios but haven't decided on a disposition of  
them yet.

Sharing a Calendar with Vendors (Pending)
Eve reviewed this scenario and its use case in detail. Some aspects  
that make this scenario special/unique (are these on the way to  
becoming requirements?):

The SP is simply where the user has chosen to host the calendar data;  
nothing is said about how it got in there. (It might have gotten there  
by means of a permissioned feed from elsewhere!)
The SP and the AM are conceptually separate; the user might choose  
different providers for these services.
This is about simple data-sharing in one direction. Think of it as a  
read-only operation, or an HTTP GET.
Granting Service Access to a Photo Set (Pending)
We began to discuss this. Some aspects that make this scenario special/ 
unique:

This is about potentially two-way service access. Think of it as a  
read-write operation, or an HTTP GET/POST/PUT/DELETE.
Currently it involves multiple resources hosted at a single SP.
It is not only inspired by OAuth's authorized interactions, but it  
relies on integrating with OAuth specifically.
We discussed the possibility of not "muddying up" this scenario by  
having the multiple resources aspect in it. Should we pick another  
example, maybe something more realistic taken from today's OAuth  
world? The real-world example of chained location services that all  
read and write to each other is cool, but also scary.
AI: Eve: Revise the photo set scenario to be more realistic.

We definitely need to add a scenario, probably focused VRM or VPI  
situations, that takes into account distributed SPs for pieces of data  
coming from multiple sources. We don't have an owner for this yet,  
though Iain and Eve may be contenders; they will be discussing this  
offline.

(Following is an example of the hashtag in use...)

#scenario: Authorizing access to a set of multiple resources hosted on  
distributed SPs.

Alan  noted that there's a big problem in identity systems of having  
the same data in multiple places, since they may go out of sync or go  
stale. [Eve notes later: We're trying to mitigate this by making point- 
of-use data retrieval more consistently reliable than using data on  
hand.]

Next Meeting: UMA telecon 2009-08-27 (focus)
Day: Thursday, 27 Aug 2009
Time: 9-10am PDT | 12noon-1pm EDT | 16:00-17:00 UTC (time chart)
Dial-In: +1-218-862-7200
Code: 987-632 (do not press #)

Eve Maler
eve at xmlgrrl.com
http://www.xmlgrrl.com/blog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-uma_kantarainitiative.org/attachments/20090820/f5260dbf/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smile.gif
Type: image/gif
Size: 699 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/wg-uma_kantarainitiative.org/attachments/20090820/f5260dbf/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: help_16.gif
Type: image/gif
Size: 634 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/wg-uma_kantarainitiative.org/attachments/20090820/f5260dbf/attachment-0003.gif>


More information about the Wg-uma mailing list