[Openid-specs-mobile-profile] WG description

Manger, James James.H.Manger at team.telstra.com
Sun Oct 5 23:28:25 UTC 2014


Torsten,

The 3rd paragraph (on multiple MNOs) is a bit hard to understand. How about stating that "the working group will develop mechanisms so a relying party can accept connections from any mobile network operator without have to separately register at each one".

--
James Manger

-----Original Message-----
From: Openid-specs-mobile-profile [mailto:openid-specs-mobile-profile-bounces at lists.openid.net] On Behalf Of Torsten Lodderstedt
Sent: Monday, 6 October 2014 2:50 AM
To: openid-specs-mobile-profile at lists.openid.net
Subject: [Openid-specs-mobile-profile] WG description

Hi all,

Don Thibeau (OIDF Executive Director) asked me for a (brief) description of the WG to be used for marketing purposes. Please find below my proposal. I would very much appreciate to get your feedback until Oct 12th.

thanks in advance,
Torsten.

-----

Mobile network operators increasingly want to become identity providers that way leveraging their reach and specific technical capabilities to partners. The Mobile Profile working group aims to create a profile of OpenID Connect tailored to the specific needs of mobile networks and devices thus enabling usage of operator ID services in an interoperable way. The specific challenges the working group is aiming to cope with are:

To start with, OpenID Connect basically relies on the e-mail address to determine an user's OpenID provider (OP). In the context of mobile identity, the mobile phone number or other suitable mobile network data are considered more appropriate. The working group will propose extensions to the OpenID discovery function to use this data to determine the operator's OP, taking also into consideration protection of this data's privacy (esp. mobile phone number).

Given that regions are typically served by multiple, independent mobile network operators (including virtual network operators), the number of potential mobile OPs a particular relying party needs to setup a trust relationship with could be very high. The working group will propose an appropriate and efficient model for trust and client credential management based on existing OpenID Connect specifications, which also ensures fulfillment of the respective privacy, operational, and security requirements of all involved parties.

As service providers may have different requirements regarding a certain authentication transaction, the profile will also define a set of authentication policies operator OP's are recommended to implement and service providers can choose from.

This working group has been setup in cooperation with the GSMA in order to support GSMA's mobile connect project. Intermediary working group results will be proposed to this project and participating operators for adoption (e.g. in pilots) but can also be adopted by any other interested party. The experiences gathered during early adoption will influence further work.



More information about the Openid-specs-mobile-profile mailing list