[Openid-specs-mobile-profile] OIDC Mobile profile call March 11th: preliminary notes

Lodderstedt, Torsten t.lodderstedt at telekom.de
Wed Mar 11 16:38:54 UTC 2015

Hi all

please find below the preliminary minutes of our call for your review.

Best regards,
John Bradley
Gonzalo Fernandéz
Ian Deakin
Michael Egan
Torsten Lodderstedt
Bjorn Helm (partially)

Reports from MWC (John, Jörg, Gonzalo)

-          some demonstrations of mobile connect

-          all used SIM-based authentication (SIM Applet or USSD)

-          most were based on solutions of Ericsson and WSO2

-          some operators are mostly interested to replace SMS PIN codes by SIM-based authentication, no identity proving

-          Orange wants to use SIM applet for Orange services, e.g. customer service agent sending gathering confirmations that way

-          Discussions with David Pollington regarding convergence between GSMA work and our work. We need to finish work on at least registration first before we can start a discussion.
WG Documents (all)

-          Given the conclusion above, we now focus on registration and produce a new revision of the discovery

-          Work on authentication is suspended until we finalized this work

-          Jörg and John will set up a call with Bjorn to plan further work
New Topic: Service provider wants to influence message on the device (Gonzalo)

-          Use case: bank uses Mobile Connect to access secure 2nd factor, bank wants to show to the user a message related to the actual transaction on the device

-          Key question: how to sanitize such a message in order to prevent injection attacks?

-          Put it in the requirements list

Products & Innovation
Dr.-Ing. Torsten Lodderstedt
Head of Development
Customer Platforms
T-Online Allee 1, 64295 Darmstadt
+49 6151 680 7038 (Tel.)
E-Mail: t.lodderstedt at telekom.de<mailto:t.lodderstedt at telekom.de>


Die gesetzlichen Pflichtangaben finden Sie unter:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150311/d9f2846f/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list