[Openid-specs-heart] HEART WG MEETING Monday March 23

Steven Deng stevend_online at hotmail.com
Mon Mar 16 14:31:36 UTC 2020 

It might be beneficial to have clear mapping among standards to show people where are the overlaps and where are the complimenting parts. e.g with my limited understanding of OAuth* and FID* standards, it seems to me that they can complement each other pretty well, OAuth* deal with authorization while FID* are mainly focusing on identities used in OAuth* protocols. By using DID in UMA we can use a dedicated actor (component) to separate personal data from the Authorization data. If it is a knowledge gap on my side, it would be definitely good to know.

Regards,
Steven

________________________________
From: Openid-specs-heart <openid-specs-heart-bounces at lists.openid.net> on behalf of Tom Jones <thomasclinganjones at gmail.com>
Sent: March 15, 2020 11:11 AM
To: Justin Richer <jricher at mit.edu>
Cc: openid-specs-heart at lists.openid.net <openid-specs-heart at lists.openid.net>
Subject: Re: [Openid-specs-heart] HEART WG MEETING Monday March 23

How is this different from the xauth proposal from dick hardt. It seems like w3c did and dif- com are working on solutions as well. I guess we have a whole alphabet soup of competing solutions to pick from.

thx ..Tom (mobile)

On Sun, Mar 15, 2020, 7:33 AM Justin Richer <jricher at mit.edu<mailto:jricher at mit.edu>> wrote:
With the IETF107 meeting cancelled and virtual meetings scheduled, I had hope that the conflict would no longer be the case, but unfortunately this proposed meeting is exactly during the TxAuth virtual session now. As many of you know, TxAuth is a newly proposed working group in the IETF where I’m submitting the work I’ve been doing on XYZ (https://oauth.xyz/) that incorporates a lot of things from OAuth, OIDC, UMA, and their extensions into a simpler, more comprehensive protocol. This might one day turn into OAuth 3, but that’s far in the future if it happens. I do encourage everyone to follow along with the TXAuth mailing list in the IETF and hopefully join the working group when it comes online.

 — Justin

On Mar 6, 2020, at 1:13 PM, Debbie Bucci <debbucci at gmail.com<mailto:debbucci at gmail.com>> wrote:

Hello All

My apologies I thought I posted this to the list


If you have something to present (encouraged!) please let use know and  we will generate a new agenda to accommodate.

---------- Forwarded message ---------
From: Adrian Gropper <agropper at healthurl.com<mailto:agropper at healthurl.com>>
Date: Thu, Mar 5, 2020, 11:10 AM
Subject: Re: [Openid-specs-heart] HEART WG MEETING Monday March 23
To: Debbie Bucci <debbucci at gmail.com<mailto:debbucci at gmail.com>>


Yes. I would like to present the Separation of Concerns work that is defining the overlap between IETF Oauth3 / transactional authorization and the SSI standards work. Justin and I are currently the only ones with a foot in both camps (UMA and SSI). That’s why I would prefer he be present but I can do my best anyway.

I can also talk about HIE of One Trustee as the implementation of the current state of the art in these two camps, of course.

- Adrian

On Thu, Mar 5, 2020 at 10:48 AM Debbie Bucci <debbucci at gmail.com<mailto:debbucci at gmail.com>> wrote:
Hi Adrian

Agree it would be great if Justin were there as well but scheduling is tight on my end.   Hesitant to push out much further.  If we agree there is a path forward then we can discuss an alternate time that does not conflict with other schedules and time zone.

Starting a list .... we have 90 minutes.  We could dedicate a good portion of that time for presentations,  would you like to present something?



On Thu, Mar 5, 2020 at 9:48 AM Adrian Gropper <agropper at healthurl.com<mailto:agropper at healthurl.com>> wrote:
Justin, IMHO, is essential for this meeting. I suggest we reschedule.

- Adrian

On Thu, Mar 5, 2020 at 9:41 AM Justin Richer <jricher at mit.edu<mailto:jricher at mit.edu>> wrote:
Unfortunately, this time conflicts with the OAuth working group meeting at IETF107 in Vancouver. As a consequence, I won’t be able to make it, as much as I’d like to.

 — Justin

On Mar 4, 2020, at 4:20 PM, Debbie Bucci <debbucci at gmail.com<mailto:debbucci at gmail.com>> wrote:

Hi everybody,

We are convening a 90-minute HEART meeting on March 23 from 4:00pm Eastern time (our traditional start time) to gather and discuss possible paths forward for the group.


  *
When: 1 PM PST/4 PM EST
  *
Duration: 1.5 hrs
  *   Where: Gotomeeting  – https://global.gotomeeting.com/join/785234357

After our specifications were approved as Implementer's Drafts, our Working Group went into a holding pattern for a little while to see what implementation experience would tell us.

Over the last couple of months, we, the co-chairs, have been approached by a number of people interested in the HEART profiles and/or hoping to extend the work we have done to date.   We believe it may be an opportune time for a discussion of where to go from here.



We have been approached about the following discussion points/areas of focus.


  *
Hear from and potentially incorporate work that has been done to support healthcare in other countries and from the Open Banking community.
  *
Promoting the use of OpenID Connect/OAUTH2 Discovery.
  *
Define `fhir_url` in Discovery and perhaps other endpoints.
  *
Provide guidance for the use of Dynamic Client Registration.
  *
Update the profiles to codify how IAL/AAL/FAL are transmitted in the id_token.
  *
Fine-grained OAuth extensions – leveraging updated OAuth* work such as RAR/PAR.
  *
Incorporating Decentralized Identity.
  *
Providing guidance on how to choose FHIR Resource type patterns.

I assume those that have reached out to us are also following along on the list. We hope you or someone on your team(s) will join us.

Comments/updates to the list of discussion points are appreciated.

_______________________________________________
Openid-specs-heart mailing list
Openid-specs-heart at lists.openid.net<mailto:Openid-specs-heart at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-heart

_______________________________________________
Openid-specs-heart mailing list
Openid-specs-heart at lists.openid.net<mailto:Openid-specs-heart at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-heart
_______________________________________________
Openid-specs-heart mailing list
Openid-specs-heart at lists.openid.net<mailto:Openid-specs-heart at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-heart

_______________________________________________
Openid-specs-heart mailing list
Openid-specs-heart at lists.openid.net<mailto:Openid-specs-heart at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-heart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20200316/2b4d5c96/attachment-0001.html>

More information about the Openid-specs-heart mailing list