[Openid-specs-mobile-profile] preliminary notes July 15th 2015 MODRNA WG Call

philippe.clement at orange.com philippe.clement at orange.com
Thu Jul 23 13:06:25 UTC 2015

Dear all,
Please find a new updated version of the preliminary notes (on US POC)
Any other update wanted, please let me know

Participants: John, Torsten, Joerg, Bjorn, Gonzalo, Matthieu, Philippe

1.      PoCs: Spain, US, Germany (information and requirements towards WG)
2.      Status/next steps discovery spec
3.      Status registration spec
4.      Status/next steps authentication spec

1.      PoCs: Spain, US, Germany (information and requirements towards WG)
Gonzalo (Spain)
ID Gateway implemented in-house. SPs are provided with an App through OAuth.
Spam code has been inserted, and ID token is signed.
2 authenticators are delivered: SMS (OTP or URL) and SIM applet.
Architecture: reuse of TDAF (Telefonica digital architecture framework), MSSP is outside the TDAF perimeter
SP integrated with OneAPI Exchange, do not use the credential management

Matthieu (Spain)
Project to be launched end of this year
First phase (SIM applet only for Orange Services): Orange Spain doesn't need an ID Gateway, nor OpenID Connect. Next phase will, components will be mutualized.
Existing OpenID Connect gates exposing features with existing APIs will have to combine with MC.
New trials scheduled in France for Authorization services

Bjorn (US)
U.S. POC. GSMA partnered with the four major U.S. MNOs to pilot a common approach to use mobile devices for secure, privacy-enhancing identity and access management as part of NSTIC (http://www.nist.gov/itl/nstic-091714.cfm). The project, MC4US, leverages Mobile Connect and is divided into 3 phases (https://www.idecosystem.org/filedepot_download/172/1650). Phase 2 architecture design work has just started allowing for both a Hub and MNO identity gateway architecture, exposing OpenID Connect interface to SP, to be supported. The work in MODRNA WG is important to address the implementation and scalability of OneAPI Exchange.

Torsten (Germany)
Telefonica having suspended its activities in the frame, DT and Voda are experiencing.
DT tests its Id Management system with MC specificities on the OIDC basic client profile.
2 authenticators: login/password as primary, and SIM applet as a second factor.
Objective to test MC with Vodaphone and improve protocol to facilitate SP - OP interfaces.

2.      Status/next steps discovery spec
Document to be updated, collaboration by the group is proposed after circulating

3.      Status registration spec
Document to update and comment

4.      Status/next steps authentication spec
Torsten suggest to create a separate issue and a new section for security considerations.
Discussions about a possible confusion between authorization context and authentication context. Terminology to adapt.
Questions about authorization and consent overlap.
Matthieu to summarize
John evokes a working group about contracts exchange, see KDDI

Kind regards,

-----Rendez-vous d'origine-----
De : Lodderstedt, Torsten [mailto:t.lodderstedt at telekom.de]
Envoyé : mardi 14 juillet 2015 10:16
À : Lodderstedt, Torsten; openid-specs-mobile-profile at lists.openid.net<mailto:openid-specs-mobile-profile at lists.openid.net>
Objet : [Openid-specs-mobile-profile] MODRNA WG Call
Date : mercredi 15 juillet 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Berne, Rome, Stockholm, Vienne.
Où : https://global.gotomeeting.com/join/764054389

Zeit: Mittwoch, 15. Juli 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien.
Ort: https://global.gotomeeting.com/join/764054389

Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine Anpassungen für Sommerzeit.


Hi all,

I propose the following agenda:

1.      PoCs: Spain, US, Germany (information and requirements towards WG)
1.      Status/next steps discovery spec
1.      Status registration spec
1.      Status/next steps authentication spec

best regards,
  << Fichier: ATT00001.txt >>


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150723/079b9920/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list