[Openid-specs-mobile-profile] Fwd: MODRNA WG Call June 1st 2016

Philippe Clément philippe.clement.ft at gmail.com
Fri Jun 3 09:04:55 UTC 2016


---------- Forwarded message ----------
From: <philippe.clement at orange.com>
Date: 2016-06-03 11:03 GMT+02:00
Subject: RE: MODRNA WG Call June 1st 2016
To: "Torsten.Lodderstedt at telekom.de" <Torsten.Lodderstedt at telekom.de>, "
openid-specs-mobile-profile at lists.openid.net" <
openid-specs-mobile-profile at lists.openid.net>, John Bradley <
jbradley at mac.com>
Cc: "philippe.clement.ft at gmail.com" <philippe.clement.ft at gmail.com>


Dear all,

Please consider below a new version of the minutes of our call, following
some suggestions from Siva, and contribute if you feel you have to.
Updates in *italics*


*Participants*: John, Bjorn, Nat, Philippe, Siva, Jörg
 *Agenda* : Progress on GSMA PCR portability, Change to MC Authorisaiton
minutes
·         Some discussions happened in CPAS about signing JWT and chain
migration from a user to different MNOs
·         John explains that signing JWT is wishable and not complex for an
MNO
·         An introspection endpoint is needed on MNO side to attest the
signed JWT to the RP. Keys rotating will be taken into account. Special
keys for the Use Case ?
·         Discussion about the PCR and the fact it must be stable in time
or different from an MNO to another regarding the same user at the same RP.
The generality of the migration process is wishable, so addressing
different PCR for the same user at an RP for different MNO is acceptable.
On the other hand, the MNO process to create PCR is not standardized yet,
and no vision is available on the delay for all MNO to change their PCR
method.
·         *Siva informed forum members that CPAS members agreed the PCR new
format (GUID, version 4, RFC 4112) and all MNOs will migrate to generate in
this format, ( few MNOs are already working on this migration). PCR new
format and migration is being executed as a separate deployment project for
the moment. (De-coupled from current Mobile Connect release).*
·         Discussions about the period while to maintain the migration open
for a user at an MNO.
·         *John explains that if we keep the same PCR for migration, then
it will be Mobile Connect specific migration, and it cannot be made as a
generic solution from OpenID Connect specifications.  (Perhaps specs can
come with multiple options/choice).*
·         Chain migration: discussions on the management of the signed JWT
and which MNOs the JWTs will be addressed to. Proposal: sent each signed
JWT to respective MNOs.
·         *Siva informed forum members of changing the wording in the
minutes regarding MC Authorisation since it is creating much confusion for
R2 activities.  Also informed that MC Authorisation is just a marketing
term w.r.t. Mobile Connect, whereas it is “Contextual Authentication” with
additional features, which is well aligned with OIDC protocol and fit for
purpose in R2.   Joerg informed that there would not be a problem to change
the minutes.*
·         *If agreed/required all Mobile Connect improvements/discussions
apply to Mobile Connect future releases only.*
·         Discussions in CPAS to be led by Siva

Best regards,
Philippe

_____________________________________________
*De :* CLEMENT Philippe IMT TECHNO
*Envoyé :* jeudi 2 juin 2016 09:41
*À :* Torsten.Lodderstedt at telekom.de;
openid-specs-mobile-profile at lists.openid.net; John Bradley
*Cc :* philippe.clement.ft at gmail.com
*Objet :* MODRNA WG Call June 1st 2016


Dear all,

Please find below the preliminary notes of the meeting
Any error or adjustment needed, please let me know

*Participants*: John, Bjorn, Nat, Philippe, Siva, Jörg

*Agenda* : Progress on GSMA PCR portability

Some discussions happened in CPAS about signing JWT and chain migration
from a user to different MNOs
John explains that signing JWT is wishable and not complex for an MNO
An introspection endpoint is needed on MNO side to attest the signed JWT to
the RP. Keys rotating will be taken into account. Special keys for the Use
Case ?

Discussion about the PCR and the fact it must be stable in time or
different from an MNO to another regrding the same user at the same RP. The
genericity of the migration process is wishable, so addressing different
PCR for the same user at an RP for different MNO is acceptable. On the
other hand, the MNO process to create PCR is not standardized yet, and no
vision is available on the delay for all MNO to change their PCR method.
Discussions about the period while to maintain the migration open for a
user at an MNO.
Chain migration: discussions on the management of the signed JWT and which
MNOs the JWTs will be addressed to. Proposal: sent each signed JWT to
respective MNOs.


   - Discussions in CPAS to be led by Siva


Kind regards,
Philippe

-----Rendez-vous d'origine-----
*De :* *Torsten.Lodderstedt at telekom.de* <Torsten.Lodderstedt at telekom.de> [
*mailto:Torsten.Lodderstedt at telekom.de* <Torsten.Lodderstedt at telekom.de>]
*Envoyé :* lundi 30 mai 2016 13:55
*À :* *Torsten.Lodderstedt at telekom.de* <Torsten.Lodderstedt at telekom.de>;
*openid-specs-mobile-profile at lists.openid.net*
<openid-specs-mobile-profile at lists.openid.net>
*Objet :* [Openid-specs-mobile-profile] MODRNA WG Call
*Date :* mercredi 1 juin 2016 16:00-17:00 (UTC+01:00) Amsterdam, Berlin,
Berne, Rome, Stockholm, Vienne.
*Où :* *https://global.gotomeeting.com/join/927253461*
<https://global.gotomeeting.com/join/927253461>




Zeit: Mittwoch, 1. Juni 2016 16:00-17:00 (UTC+01:00) Amsterdam, Berlin,
Bern, Rom, Stockholm, Wien.
Ort: *https://global.gotomeeting.com/join/927253461*
<https://global.gotomeeting.com/join/927253461>

Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine
Anpassungen für Sommerzeit.

*~*~*~*~*~*~*~*~*~*

Hi all,

the objective of this call is to discuss the tasks we came up with during
the technical workshop. Please take a look onto the respective issues in
our tracker in advance:
*https://bitbucket.org/openid/mobile/issues?milestone=TWS_DA_05_2016*
<https://bitbucket.org/openid/mobile/issues?milestone=TWS_DA_05_2016>


best regards,
Torsten.
  << Fichier: ATT00001.txt >>


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez
recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les
messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere,
deforme ou falsifie. Merci.

This message and its attachments may contain confidential or
privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and
delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have
been modified, changed or falsified.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20160603/de387a32/attachment.html>


More information about the Openid-specs-mobile-profile mailing list