[WG-UMA] Taxmonkey scenario update

[Holodnik, Tom]

Folks,

Here’s an update to the taxmonkey scenario I posted some time ago. This is still pretty rough in places. The challenge in this scenario is that there are regulations that the UMA Host must satisfy before the Authorizing User can allow any external entity to have access to the resources. I’ll revise this some more as the logic behind Step 1 in the protocol is refined.

The high-level questions I wanted to address with this scenario are:

1. How would UMA really work in specific cases where regulations are in effect?
2. How would the terms necessary for compliance be translated into workable, usable protocol and user experience elements?
3. Using this as a basis, can we envision other business flows we can support with the protocol?

As Eve suggested in our last meeting, I was probably too immersed in protocol details when preparing this.

Thanks,
-tom

[Eve Maler]

Tom-- Thanks for this! (As a bonus, I see you've provided HTTP request and response examples. We can probably pop these into the spec, suitably tweaked... Awesome!) Looking forward to discussing today.

Eve

> <UMA-taxmonkey-scenario.docx>_______________________________________________
> WG-UMA mailing list
> WG-...@kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-uma

_______________________________________________
WG-UMA mailing list
WG-...@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma

[Holodnik, Tom]

Truth be told- I lifted the HTTP flows from the OAuth spec for the most part
(as a forcing function to get me to think through the OAuth 2 protocol).

-tom

[Eve Maler]

That works for me. :-)