<div dir="ltr">





<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Attendance:</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Omri G</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Aaron C</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Victor L</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Alex B</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Shayne</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Steve V</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">George F</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Mike K</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Gerry G</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">We had an abbreviated session today due to some overlapping schedule conflicts. The discussion focused on the Scope section, where we made some minor edits. We also added links to some external documents (Authorization Design Patterns and Proposed standard for an authorization API)</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">If possible, we’d like to get acknowledgment and consensus on the draft for our next call so that we can move to submittal to OIDF for an official working group.</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">For the next call, please review the scope and the newly added external documents for further discussion, link provided here for your convenience: <a href="https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit">https://docs.google.com/document/d/1ijAaymAapYyeV_3qMVjuLtNzoskKsh7R/edit</a><span class="gmail-Apple-converted-space"> </span></p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Here are some additional notes to capture the discussion:</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">- Omri suggested that we make point 2 stronger in the scope section (updated text)</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">- Steve V: Will the scope include the definition of higher levels of abstraction for a management audience? (No, moved that to the “out of scope” section</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">- Aaron: Why are we starting first with a charter and not a problem statement (following OIDF conventions, charter is needed to create official working group and gain OIDF IPR protection)</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">- Aaron - discussion of how to promote interoperability in scope #1 statement. Access in authN flows for example are different than some authorization flows. AuthN requirements could be represented as parameters (MFA requirements, etc). Also have policies for users if their device is out of date - “we would like you to update to latest security updates/patches”. We don’t look at this like typical access for permit/deny, could have settings like to quarantine a device. We are thinking that an implementation is more like a decision engine</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Omri - couple layers. 1 is managing policies for particular layer. We talked about creating profiles to describe payload - similar to OIDC claims profile (flexible).</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">One architecture pattern is sending PDP a request and getting a response - might have been too specific for exact format, but this is an important aspect</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Second was moving policy in a payload from a management system to a decision system</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Aaron - IDQL has action, but this can be an abstraction that is interpreted in different ways</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Alex - can be done in interoperable way if kept generic enough</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Gerry - In response to Aaron’s use cases, There is likely a builtin bias among the majority in this group that authN has already been completed and now we have moved on to exclusively address access control<span class="gmail-Apple-converted-space"> </span></p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><span class="gmail-Apple-converted-space"> </span></p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">- Steve: What is the process to submit a charter?</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">> at least 5 proposers</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">> 1 or more chairs</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">> 1 or more editors</p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">> submit to Specifications Council for review/approval</p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica;min-height:14px"><br></p>
<p class="gmail-p2" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:12px;line-height:normal;font-family:Helvetica">Omri - IIW: propose meeting on Tue or Wed for anyone who is attending. We should try to make some plans soon so people can organize their schedules<span class="gmail-Apple-converted-space"> </span></p></div>