[Openid-specs-mobile-profile] MODRNA WG Call

Lodderstedt, Torsten t.lodderstedt at telekom.de
Wed Jun 17 06:18:42 UTC 2015


Hi Bjorn,

thanks for sharing this document with us.

Here are my comments:

-          1. - "asserted by a primary MNO that the client has a relationship with" - That's one option. Another could be that the statement is issued by a central registry all MNOs rely on. So my suggestion for this spec is to talk of a "trusted entity, e.g. a primary MNO" - potentially also "developer MNO"

-          1.2 Terminology: I think this should be replaced by MODRNA specific terminology, e.g. MNO

-          3.1. Editors Note 1: I would suggest to add a implementation note section and explain the options we see there, including using the statement as client_id -> note: If the operators uses the statement as client_id it won't most likely not issue a secret, which contradicts the text in the first sentence of this section.

-          3.1, 2nd paragraph: "If the client is registered with another MNO, a new version of the application is required." - What does "new application" mean?

-          3.1. Editors note 3: I think the introduction or a requirements section should state that this spec will support this feature.

-          3.2

o   Signature algorithm - I suggest we limit this to RSA (to start with)

o   What is/are "acus"?

o   What's "gti"?

best regards,
Torsten.

Von: Hjelm, Bjorn [mailto:Bjorn.Hjelm at VerizonWireless.com]
Gesendet: Mittwoch, 20. Mai 2015 02:50
An: Lodderstedt, Torsten; Openid-specs-mobile-profile
Betreff: RE: [Openid-specs-mobile-profile] MODRNA WG Call

Attached is a revised version of the draft registration spec.

BR,
Bjorn

-----Original Appointment-----
From: Lodderstedt, Torsten [mailto:t.lodderstedt at telekom.de]
Sent: Monday, May 18, 2015 10:17 AM
To: Lodderstedt, Torsten; Openid-specs-mobile-profile
Subject: [Openid-specs-mobile-profile] MODRNA WG Call
When: Wednesday, May 20, 2015 4:00 PM-5:00 PM (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.
Where: https://global.gotomeeting.com/join/764054389


Zeit: Mittwoch, 20. Mai 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien.
Ort: https://global.gotomeeting.com/join/764054389

Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine Anpassungen für Sommerzeit.

*~*~*~*~*~*~*~*~*~*

Hi all,

I won't be able to attend but John will moderate the call instead (thanks!).

I would suggest the following topics:
·         Discussion of discovery design (native vs. web - probably using sequence diagrams)
·         Status of registration spec (esp. software statement contents)
·         Alignment of GSMA work and authentication draft

best regards,
Torsten.
  << File: ATT00002.txt >>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150617/abff9786/attachment.html>


More information about the Openid-specs-mobile-profile mailing list