@techreport{maler-oauth-umatrust-03,
    number =    {draft-maler-oauth-umatrust-03},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-maler-oauth-umatrust/03/},
    author =    {Eve Maler and Thomas Hardjono},
    title =     {{Binding Obligations on User-Managed Access (UMA) Participants}},
    pagetotal = 17,
    year =      2015,
    month =     apr,
    day =       5,
    abstract =  {User-Managed Access (UMA) is a profile of OAuth 2.0. UMA defines how resource owners can control protected-resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policy. This document provides a contractual framework that defines the minimum obligations of parties that operate and use UMA-conforming software programs and services. The goal of this framework is to support end-to-end legal enforceability of the terms and conditions of access sharing relationships between authorizing and requesting sides that use UMA. The audience for this document includes technologists, legal professionals, and operators of UMA-conforming services.},
}