Meeting minutes
Admin
<jo_> https://
Resolution: Accept minutes of last meeting
Jo: noting that there are guests today, it is good to notice the formality <describes the formalities>
Compliance and Redistribution PoC
Ben: we wanted to do an end-to-end demo
… From a consumer to a provider/provider-administrator
… we looked for something that has lots of cross-supply chain interactions
… and if we could replace those with web-based or M2M requests
… we also wanted to look at the end value of this, can we implement some kind of enforcement
… the final area we thought it could touch was the overhead of maintenance
… because there is a significant overhead
… and looking to automate those kinds of changes
… we picked out one particular use case: redistribution
… we know that causes certain amount of heartache
… looking to automating consent of redistribution
… <describes the sequence diagram of the use case>
Marko: need to share my screen
… <describes the proof of concept>
Mark: and you just sucked in this from DataBP via ODRL ?
Marko: yes
Caspar: we've got a fake client application
… the distribution component can understand the ODRL coming from the policy
… <log in to the web application and starts the demo>
Mark: what Caspar has done is initiating a request to the content source
… saying "can we distribute data to this 3rd party"
… at this stage we send a "deny"
… What could happen is that the user could go and create an approval
… <mark describes his part of the PoC in detail>
Caspar: you can see we are still in pending state, waiting for consent
… in the background the access has been pulled down and now it has been granted
… <describes what was downloaded and the access that was granted>
Ben: do you want to change the updating text?
Mark: it is very dramatic
… <goes and changes the entry in his part of the PoC>
Caspar: now that we re-request, we can see the text has been updated
Ben: would be worth showing other use cases ?
Caspar: <shows other use cases>
Ben: we are speaking about a deontic state
… <describes the content of the message>
Mark: maybe stating the obvious, but we have 3 systems in play, moving in real-time
Atiq: demo worked first time, brilliant !
… the real value is the workflow in the exchange between dataBP, deontic and Goldman Sacks
… which is quite an achievement
… <describes the concepts>
… and here we are building an API and how it might work
… the reason why it is important is the business processes and what are the boundaries of responsibilities
… <describes more of the concepts>
… the final part is maintenance/changes ... building that into the process will be a timesaver
Ben: we will pick up some issues later in the meeting, what kind of testing we will be doing moving forward
… <describes some of the steps forward>
Jo: fantastic and successful demo
Emily: <asks Caspar about the uplift in the applications>
Caspar: <describes the different components/processes/requirements for that uplift>
Emily: paraphrasing - there is some uplifting into the apps, and going forward there will be a minimum threshold of how that uplift will take place
Caspar: <describes>
Michelle: you were talking about real-time update in policies
… do you see this as going directly to the exchange?
Atiq: we still have to workout what the right model is
… <describes the gaps/components>
Ben: we are working in a temporal model: in some cases we will receive a message today "this change will happen in 6 months time" ... and the system will work then it is effective
Mark: you can see from the demo I chose a date, but that could have been in the future
… <describes how the PoC works>
Michelle: that is an interesting concept, that it could happen systematically
Atiq: if it reduce toil of the repetitive things we do
Laura: I had the same question as Michelle
… there maybe other requirements that they might put in
Michelle: if you look at exchanges now and that you can add a new subscription, this model could be very useful
Jo: thank you everybody
… you can add more questions via the email list
FISD Webinar in June
Ben: spoke to FISD on the topic of digital rights, my own sense is that the June timing is very good
… rather than talking about the standard itself, focus on what the next steps are
… whether people think a presentation in June is worth it
Jo: and demos
Ben: many demos !
… <continues talking about the elements of use for June's FISD Webinar>
… and if we can show some demos, that's the most potent message
Jo: anyone disagrees ?
Ilya: we should tailor the message carefully for the wider community that haven't been so involved
Resolution: We should pick up on the opportunity to present at FISD
Jo: I completely agree with that
Mark: a lot of the good work we've done has been defining test cases
… and put some of that and communicate it to the broader audience
Action: Ben to call first coordination meeting to prepare for FISD
Ben: commits to deliver feedback in 2 weeks
Interoperability Testing
Ben: one of the things that the work has emphasise is the importance of validation - validating policies, knowing what is mandatory and what doesn't have to be there. I think that as people start doing implementations and PoC's and pull that work and publish it as part of the report on the standard
… and another thing that is on a very early stages is the compliance API's that we are using in this PoC
… and it would be worth to address if the API is also a standard and where is its home
… the work we've done over the past few weeks have shown the importance of validation and compliance. Atiq do you have any thoughts?
Atiq: yes, we should find a way to keep the compliance and not just the ODRL component, the API works and behaves
… and have a clear standard and change management works around it
… so far it has been largely around desktop
… but we should do an analysis on that
Ben: Ilya what is your sense on this
Ilya: you are probably talking code and a definition
… <explains possible places to store the code>
Ben: should we keep collaboration in the test cases
Ilya: such an interesting question for this group
… there will be some interest in legacy organisations depending on the types of problems solved by this specification
… depending on whether or not those API's are wide reaching enough
… what maybe worth exposing is what data exchange is part of this API, so each group can work in what each part means for "them"
… there are many implications and we haven't specify and can run into rabbit holes
Jo: it strikes me that API is a specific technology - we should get the models and try to specify in the context of flows and when (flows) people will be interested in things
Atiq: on the subject of an API as a framework, should we form a breakout group?
Jo: I'll action you for that
Action: Atiq to arrange break out session on APIs
AOB
jo: Meeting reverts to 1100 US Eastern 1600 UK next time
… congrats again to demo-ers
… many thanks once again to Josh for scribing
--- meeting closed