[Openid-specs-mobile-profile] [E] MODRNA WG Call on oct 19th 2016 preliminary notes
Bjorn.Hjelm at VerizonWireless.com
Fri Oct 21 20:43:37 UTC 2016
I updated the slides with the proposed changes (with a few editorial liberties).
From: Torsten.Lodderstedt at telekom.de [mailto:Torsten.Lodderstedt at telekom.de]
Sent: Thursday, October 20, 2016 11:12 PM
To: Hjelm, Bjorn; openid-specs-mobile-profile at lists.openid.net
Subject: AW: [Openid-specs-mobile-profile] [E] MODRNA WG Call on oct 19th 2016 preliminary notes
here are my comments:
- "Developing a profile of OpenID Connect for use by MNOs providing identity services." I suggest to make that "Developing a profile of and extensions to OpenID Connect for use by MNOs providing identity services."
- I suggest to add GlobalSign in the member list
This slide needs to be updated - here is my proposal:
- Mobile Connect Profile 1.2 partly incorporates MODRNA Authentication spec.
- Raised and solved security issue with original GSMA account migration proposal, started to work towards OIDC account migration in MODRNA
- Discovery/Credential Management:
o Mobile Connect Release 2 now utilizes and favors OIDC openid_configuration over endpoint URLs from OneAPI Exchange.
o MODRNA specs input to ongoing discussions about architecture evolutions towards more distributed approach (drivers: security, privacy, operations)
- New specs for transaction authorization and server-initiated authentication (for later adoption by GSMA)
- Regular technical workshops with GSMA/CPAS (latest in Sept. in Paris) significantly improved cooperation
- I think this slide should go to directly after slide 6 since we currently focusing on the "additional" stuff very much.
- I would remove the word "additional".
- Account Migration currently (formally) has two proposals (account-migration and account-porting) - Since we are leaning towards account-porting, I suggest to change information regarding editors/authors as follows: Editors: James Manger, Torsten Lodderstedt, Arne Gleditsch
- What is the message of the last bullet? I think it can be removed
Von: Openid-specs-mobile-profile [mailto:openid-specs-mobile-profile-bounces at lists.openid.net] Im Auftrag von Hjelm, Bjorn
Gesendet: Mittwoch, 19. Oktober 2016 22:58
An: openid-specs-mobile-profile at lists.openid.net<mailto:openid-specs-mobile-profile at lists.openid.net>
Betreff: Re: [Openid-specs-mobile-profile] [E] MODRNA WG Call on oct 19th 2016 preliminary notes
Please see attached draft MODRNA WG update for the OpenID Foundation Workshop on Oct. 24. Comments and feedback are welcome.
From: Openid-specs-mobile-profile [mailto:openid-specs-mobile-profile-bounces at lists.openid.net] On Behalf Of philippe.clement at orange.com<mailto:philippe.clement at orange.com>
Sent: Wednesday, October 19, 2016 8:56 AM
To: Torsten.Lodderstedt at telekom.de<mailto:Torsten.Lodderstedt at telekom.de>; openid-specs-mobile-profile at lists.openid.net<mailto:openid-specs-mobile-profile at lists.openid.net>
Subject: [E] [Openid-specs-mobile-profile] MODRNA WG Call on oct 19th 2016 preliminary notes
please find below the preliminary notes of our call today. Any error or misunderstanding, please let me know.
Torsten, John, Siva, Philippe, Nicolas, Celestin, Bjorn,
· status of 3 drafts
User Questionning API
Status of Orange headways:
· a draft version 3, on which some exchanges occurred in the last hours. Updates are going on towards a draft version 4
· development of a prototype: first API for UQ up and running, the pull flow is working well
· Possibilities offered to the RP regarding question and answers
· the client is responsible for the wording of the question, and understands the answer of the user
· how much freedom for the client to formulate the question ?
· in the specs, simple to enable a multivalued question in regard of several answers, under the responsibility of the client
· Should we and how to address the capabilities of the device to display the question and multiple possible answers ?
· solutions to authenticate the user could not be sufficient for questioning the user
· Security: do we separate authentication and security (pin, biometrics...) of the formatting of the question ?
· Are there a unique mecanism for questioning and authenticating ?
· From an authentication point of view, they could be the same
· --> implementation considerations to add in the specs regarding components
· qcr and qmr:
· hard to see the difference with acr and amr...
· --> give concrete exemples in the specs to illustrate
· Is there a multi step exchange between RP and OP to agree on the means to question the user ? No, It should only be a question of features discovering
· Should UQ work with sim applet ? Yes, but with restrictions
· The specs does not take care of the different authenticators of the OP to the user. With UQ: we use sim applet (limited), but the prototype works with SMS URLs
· --> Insert these examples into the specs.
· Everyone on the list to give a feedback regarding this draft
no update at this time
DT planned to implement the prototype of SIBA mechanism (server initiated backchannel authentication)
John: will be raised in a next OAuth meeting, to fetch potential support. Remaining correlative questions on the device flow
coming up next week, before the IIW.
Bjorn to send on the list a draft version of the status of documents we are working on
Zeit: Mittwoch, 19. Oktober 2016 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien.
Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine Anpassungen für Sommerzeit.
please post topic suggestions to the list.
I see the following topics for today:
· Status of SIBA, UQ and Migration/Porting
· Decision: Account Migration move vs. link
· Prototypes / Implementers Draft
· Next workshop
<< Fichier: ATT00001.txt >>
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
-------------- next part --------------
An HTML attachment was scrubbed...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OIDF MODRNA WG Overview_R1.pptx
Size: 253429 bytes
Desc: OIDF MODRNA WG Overview_R1.pptx
More information about the Openid-specs-mobile-profile