[Openid-specs-mobile-profile] MODRNA WG call June 17th: preliminary notes

Lodderstedt, Torsten t.lodderstedt at telekom.de
Thu Jun 18 06:03:46 UTC 2015

Hi all,

please find below the preliminary notes of today's call.

Best regards,


-          John Bradley

-          Nat Sakimura

-          Jörg Connotte

-          Sebastian Ebling

-          Matthieu Verdier

Brief presentation of the new version of the discovery flows. John will review it and give feedback to Torsten.

We afterwards discussed two the authentication topics with highest priority.

Encrypted Login Hint:

-          reduce the claims to MSISDN, iss, aud, and iat

-          JWT is encrypted with public key of MNO JWT and signed with private key of issuer

-          login_hint_token is moved to authentication spec

Context parameter

-          request object is used to protect context data from being modified/eavesdropped

-          Current text covers two different use cases

1.       give a context for a authentication transaction (login on PC at home) and

2.       authorize a certain transaction (e.g. payment tx for a certain amount)

-          We need to discuss whether we use the same parameter to enable both use cases or different parameters. Discussion will be continued on the list (Jörg will post a use case decription).

Products & Innovation
Dr.-Ing. Torsten Lodderstedt
Leiter Technology Enabling Platforms
T-Online Allee 1, 64295 Darmstadt
+49 6151 680 7038 (Tel.)
E-Mail: t.lodderstedt at telekom.de<mailto:t.lodderstedt at telekom.de>


Die gesetzlichen Pflichtangaben finden Sie unter:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150618/96c39b19/attachment.html>

More information about the Openid-specs-mobile-profile mailing list