[Openid-specs-mobile-profile] WG description

Torsten Lodderstedt torsten at lodderstedt.net
Mon Oct 6 19:38:21 UTC 2014


Hi all,

next attempt - what about that:

Reaching all mobile users in a certain market requires a relying party to connect to all of its mobile operators. The working group will develop mechanisms so a relying party can get approved for the ID service once and connect at runtime to any relevant mobile network operator without have to manually register at each one.

best regards,
Torsten.



> Am 06.10.2014 um 12:57 schrieb Torsten Lodderstedt <torsten at lodderstedt.net>:
> 
> Hi Gonzalo,
> 
> both aspects belong together. What we purpose must fulfill the envisioned mobile connect process. I did not intend to go to much into details as this is supposed a brief description.
> 
> Best regards, 
> Torsten. 
> 
> 
> -------- Ursprüngliche Nachricht --------
> Von: GONZALO FERNANDEZ RODRIGUEZ
> Datum:06.10.2014 12:47 (GMT+01:00)
> An: "Manger, James" , Torsten Lodderstedt , openid-specs-mobile-profile at lists.openid.net
> Betreff: Re: [Openid-specs-mobile-profile] WG description
> 
> Hi,
> 
> 
> Regarding the James' comment, probably we should differentiate between the
> business enrollment and the technical registration. I see the first one
> more tied to the Mobile Connect project, when a RP is registered or
> enrolled to the Mobile Connect System it is accepting the T&C from all the
> OP's belong to the Mobile Connect system. However, what I understand that
> Torsten is talking about in that paragraph is the "trustworthy credential
> management" and it requires one registration per OP to have a credentials
> (key/password) per each one as DT has been described in its Dynamic
> Registration proposal.
> 
> 
> 
> Best,
> Gonza.
> 
> 
> El 06/10/14 01:28, "Manger, James" <James.H.Manger at team.telstra.com>
> escribió:
> 
> >Torsten,
> >
> >The 3rd paragraph (on multiple MNOs) is a bit hard to understand. How
> >about stating that "the working group will develop mechanisms so a
> >relying party can accept connections from any mobile network operator
> >without have to separately register at each one".
> >
> >--
> >James Manger
> >
> >-----Original Message-----
> >From: Openid-specs-mobile-profile
> >[mailto:openid-specs-mobile-profile-bounces at lists.openid.net] On Behalf
> >Of Torsten Lodderstedt
> >Sent: Monday, 6 October 2014 2:50 AM
> >To: openid-specs-mobile-profile at lists.openid.net
> >Subject: [Openid-specs-mobile-profile] WG description
> >
> >Hi all,
> >
> >Don Thibeau (OIDF Executive Director) asked me for a (brief) description
> >of the WG to be used for marketing purposes. Please find below my
> >proposal. I would very much appreciate to get your feedback until Oct
> >12th.
> >
> >thanks in advance,
> >Torsten.
> >
> >-----
> >
> >Mobile network operators increasingly want to become identity providers
> >that way leveraging their reach and specific technical capabilities to
> >partners. The Mobile Profile working group aims to create a profile of
> >OpenID Connect tailored to the specific needs of mobile networks and
> >devices thus enabling usage of operator ID services in an interoperable
> >way. The specific challenges the working group is aiming to cope with are:
> >
> >To start with, OpenID Connect basically relies on the e-mail address to
> >determine an user's OpenID provider (OP). In the context of mobile
> >identity, the mobile phone number or other suitable mobile network data
> >are considered more appropriate. The working group will propose
> >extensions to the OpenID discovery function to use this data to determine
> >the operator's OP, taking also into consideration protection of this
> >data's privacy (esp. mobile phone number).
> >
> >Given that regions are typically served by multiple, independent mobile
> >network operators (including virtual network operators), the number of
> >potential mobile OPs a particular relying party needs to setup a trust
> >relationship with could be very high. The working group will propose an
> >appropriate and efficient model for trust and client credential
> >management based on existing OpenID Connect specifications, which also
> >ensures fulfillment of the respective privacy, operational, and security
> >requirements of all involved parties.
> >
> >As service providers may have different requirements regarding a certain
> >authentication transaction, the profile will also define a set of
> >authentication policies operator OP's are recommended to implement and
> >service providers can choose from.
> >
> >This working group has been setup in cooperation with the GSMA in order
> >to support GSMA's mobile connect project. Intermediary working group
> >results will be proposed to this project and participating operators for
> >adoption (e.g. in pilots) but can also be adopted by any other interested
> >party. The experiences gathered during early adoption will influence
> >further work.
> >
> >_______________________________________________
> >Openid-specs-mobile-profile mailing list
> >Openid-specs-mobile-profile at lists.openid.net
> >http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile
> 
> 
> ________________________________
> 
> Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.
> 
> The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.
> 
> Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
> _______________________________________________
> Openid-specs-mobile-profile mailing list
> Openid-specs-mobile-profile at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile


More information about the Openid-specs-mobile-profile mailing list