[Openid-specs-mobile-profile] MODRNA WG on Oct 30th 2018 preliminary minutes

philippe.clement at orange.com philippe.clement at orange.com
Wed Oct 31 10:10:44 UTC 2018

Dear all,

Please find here the preliminary minutes of our call on Oct 30th. In case of errors or misunderstanding, please let me know.

Roll Call (extract from GotoMeeting roll call)
Dave.Tonge (Moneyhub), Philippe Clement (Orange), Bjorn Hjelm (Verizon), Brian Campbell (Ping), Geoffrey Graham, Petteri (Ubisecure), Torsten Lodderstedt (yes.com), Todd Nelson, John Bradley

Adoption of the Agenda [Bjorn/John]
Agenda agreed

External Organizations

GSMA [Siva]
Not addressed

Spec. Status

CIBA  Core/MODRNA [Dave/Brian/Gonzalo/Axel]

Pull request on progress, we are close to finish the 2 drafts.
==>     Dave to achieve the split

Discovery [John/Torsten]
*       Torsten : Work on progress, editorial updates and restructuration of the document ongoing.

Issue Tracker
6.      #106: CIBA: Means to request claims to be embedded in the issued ID token<https://bitbucket.org/openid/mobile/issues/106/ciba-means-to-request-claims-to-be>
7.      #103: CIBA: Means to require "acr" as "essential"<https://bitbucket.org/openid/mobile/issues/103/ciba-means-to-require-acr-as-essential>
8.      Questions addressed about CIBA dealing with claim parameters, passed through scopes or in other ways, impacts on UI and the way to work on that.
9.      How to bind the sessions between authentication and consumption devices and complexity for immediate user consent in a CIBA usage.
10.     --> John and Brian to meet on that, Torsten to join.
11.     To leave open and see again at next meeting.
13.     #62: CIBA - Support for Spam Prevention code in Authentication Request<https://bitbucket.org/openid/mobile/issues/62/ciba-support-for-spam-prevention-code-in>
14.     Petteri : 2 parameters are suggested, one on OP side to mention the support of user code.and another one on RP side used at registration time to mention the usage (or not) of the user code by the RP.
15.     In some times, due to absence of existing trusted relations, the RP will have to request the step-up consent (usage of user code).
16.     --> Petteri to explain in the pull request<https://bitbucket.org/openid/mobile/pull-requests/39/default/diff> what is the context of the step-up consent in terms of roles and responsibilities of RP and OP.

7.      Next meeting: skip next week (IETF collision), our next meeting is scheduled then on the following week, Nov 13th.

Best regards,


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20181031/4928d737/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list