[Openid-specs-mobile-profile] MODRNA WG preliminary minutes on June 12th 2018

Tue Jun 12 15:41:26 UTC 2018

Dear all,
Please find below the preliminary minutes of our MODRNA call on June 12th, 2018.
Due to a disconnecting of my gotomeeting closed to the end, I was not able to take notes when discussing of issue tracker. If relevant, please send me yours to update issue tracker paragraph.

Roll Call
 Nat Sakimura,  John Bradley, Alex Chong (PSG Solutions), Gonzalo,  Julie Maas (EMR Direct),  Petteri (Ubisecure), Philippe Clement (Orange),  Siva(GSMA)
(from GoTOMeeting participants. For more details, please update names and company directly on GoToMeeting)

Adoption of the Agenda [Bjorn/John]
agreed

Liaisons Updates
*       GSMA [Siva]
CPAS : 2 topics are under work
-  adaptation of the polling mechanism. Approval is awaited for end of June
-  token binding: work on progress for insertion into Mobile Connect specs. Mandatory for interoperability
4.      Working Group Updates
*       FAPI WG [John/Dave]
John : open banking workshop last week. CIBA is a good thing for several use cases they have. Lot of discussions on interactions between Point of sale terminals, web browser and banks, and limitations for the redirect flow.
2 kinds of UC exist, in the first one the TPP exchanges an identifier with the user. The 2nd one where user provides a QR code to the TPP. Does the RP already know an identifier for the person ? Ex: point of sale in a supermarket.
Gonzalo reminds the question whether the authentication has to be done directly by the bank.
In the risk  assessment done by the bank, should the RP have to pass along the IP address, geoloc or other things ?
Banks don't see a role for MNOs in their Use Cases. However cases exist where MNOs can check things directly with the user, for the benefit of banks.
Standard ways to pass information from the device to RP to banks are at stake.

Dave :
FAPI draft of the CIBA profile, some work on it.
Both MODRNA and FAPI spec are under rewiewing, few issues to fix on MODRNA.
==>     Dave to review comments coming from CIBA

Issue Tracker
*
*       CIBA [Gonzalo]
*       Authentication Profile [Joerg]
*       Other - Account Porting

AOB
==>     Bjorn and John to check with uploading concerns of docs by Gonzalo.
Next call on july 10th  2018

Best regards,
Philippe

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20180612/20505102/attachment-0001.html>