[Openid-specs-mobile-profile] MODRNA WG Call
t.lodderstedt at telekom.de
Wed Jun 17 06:18:42 UTC 2015
thanks for sharing this document with us.
Here are my comments:
- 1. - "asserted by a primary MNO that the client has a relationship with" - That's one option. Another could be that the statement is issued by a central registry all MNOs rely on. So my suggestion for this spec is to talk of a "trusted entity, e.g. a primary MNO" - potentially also "developer MNO"
- 1.2 Terminology: I think this should be replaced by MODRNA specific terminology, e.g. MNO
- 3.1. Editors Note 1: I would suggest to add a implementation note section and explain the options we see there, including using the statement as client_id -> note: If the operators uses the statement as client_id it won't most likely not issue a secret, which contradicts the text in the first sentence of this section.
- 3.1, 2nd paragraph: "If the client is registered with another MNO, a new version of the application is required." - What does "new application" mean?
- 3.1. Editors note 3: I think the introduction or a requirements section should state that this spec will support this feature.
o Signature algorithm - I suggest we limit this to RSA (to start with)
o What is/are "acus"?
o What's "gti"?
Von: Hjelm, Bjorn [mailto:Bjorn.Hjelm at VerizonWireless.com]
Gesendet: Mittwoch, 20. Mai 2015 02:50
An: Lodderstedt, Torsten; Openid-specs-mobile-profile
Betreff: RE: [Openid-specs-mobile-profile] MODRNA WG Call
Attached is a revised version of the draft registration spec.
From: Lodderstedt, Torsten [mailto:t.lodderstedt at telekom.de]
Sent: Monday, May 18, 2015 10:17 AM
To: Lodderstedt, Torsten; Openid-specs-mobile-profile
Subject: [Openid-specs-mobile-profile] MODRNA WG Call
When: Wednesday, May 20, 2015 4:00 PM-5:00 PM (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.
Zeit: Mittwoch, 20. Mai 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien.
Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine Anpassungen für Sommerzeit.
I won't be able to attend but John will moderate the call instead (thanks!).
I would suggest the following topics:
· Discussion of discovery design (native vs. web - probably using sequence diagrams)
· Status of registration spec (esp. software statement contents)
· Alignment of GSMA work and authentication draft
<< File: ATT00002.txt >>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-mobile-profile