Scribing Template --Tues., Nov 12, 2013 at 9:45am -- Santa Barbara
TOPIC: User Managed Access Built into SAML2 IDP
CONVENER: Roland Hedberg
SCRIBE: Michael Schwartz
# of ATTENDEES: 25
MAIN ISSUES DISCUSSED:
Roland laid out a use case where attribute release policies are a
hassle to manage by the institution IT management. He mentioned work in
U-Approve. He saw UMA as a way to standardize the approach, and decided
to try to implement. In his IDP implementation, he ran into some
problems, and this session.
Scott Cantor asked how the IDP would manage attributes which make no
sense to the person.
Mike Schwartz clarified that UMA does not specify who makes the
decision, or how the policy is expressed.
Roland gave an overview of his implementation, in which the IDP (or
OpenID Provider---OP) is an UMA, and the permissions for attribute release
are stored in the AS.
ACTIVITIES GOING FORWARD / NEXT STEPS:
If slides are used in the session, please ask presenters to convert their slides to PDF and email them to acamp-info@incommon.org