Agenda
Antitrust Policy
Commonalities Adapt to ICM Security and Interoperability Profile
Adapt info.description to Security and Interoperability Profile
Management of opt-out with Implicit consent (legitimate Interest)
Minutes
Topic Create ICM Release Plan
Topic Commonalities Adapt to ICM Security and Interoperability Profile
Main question: Should the security schemes created by ICM be in CAMARA APIs access and user consent management or be moved into Commonalities API Guidelines?
Axel's paraphasing of the arguments presented.
Pro moving arguments:
- API Design guidelines should be in one place and not be scattered into several.
- OpenAPI Definitions should be in one place which is currently the API Design Guidelines document
- There is precedence that release management created guidelines that are now part of Commonalities documents.
- Camara_common.yaml is also a Commonalities document
Contra moving arguments:
- the ICM document is only one link away
- The security scheme expertise is in ICM and future changes are easier to do if security schemes and info.description are in an ICM document
Options:
- move openapi definitions to API Design guidelines
- keep security scheme and info.description in access and user consent
- create a new document Camara-OpenAPI-defintions.mc (at Commonalities or at ICM?) that contains API Design guidelines section 11 and security schemes and info.description
- your option here
Topic Provide API Design guidelines for OAuth2 client credentials
Topic Adapt info.description to Security and Interoperability Profile
Topic Add text regarding oauth2ClientCredentials
Topic Proposed text on network-based authentication
Topic Management of opt-out with Implicit consent (legitimate Interest)
Next meeting: https://lists.camaraproject.org/g/sp-icm/viewevent?repeatid=57069&eventid=2345744&calstart=2024-06-19