[Openid-specs-mobile-profile] MODRNA WG call on feb 5th 2019 preliminary minutes

philippe.clement at orange.com philippe.clement at orange.com
Wed Feb 6 10:57:24 UTC 2019

Dear all,
Please find below the preliminary minutes of our call on feb 5th 2019. Please let me know of any error or misunderstanding.

Roll Call (extract from gotomeeting service)
John Bradley, Philippe Clement (Orange), Bjorn Hjelm (Verizon), Brian Campbell, Dave.Tonge (Moneyhub), Geoffrey Graham, Joseph Heenan, Petteri (Ubisecure), Siva(GSMA)

Adoption of the Agenda [Bjorn/John]

External Organizations

  GSMA [Siva]
Discussions ongoing on clarifications concerning front channel versus back channel operations, usage of PKI and LOA4 activities, finalizing User Questioning, Client credential flow to be implemented by operators.

Working Group Updates

  FAPI WG [Dave]
Discussions and work ongoing on FAPI profile for CIBA.

Spec. Status

  CIBA  Core/MODRNA Profile [Dave/Brian/Gonzalo/Axel]
*       CIBA Core Implementer's Draft voting result: https://openid.net/2019/02/04/implementers-draft-of-openid-connect-client-initiated-backchannel-authentication-ciba-core-approved/

  MODRNA Profile status.
*       Dave mentions the draft in the Bitbucket repository. Help would be appreciated for text edition.
==>     Dave to send a mail to the list for reviewing/editing the draft

  Authentication Profile [Joerg]
Not addressed.

Issue Tracker

  Authentication Profile<https://bitbucket.org/openid/mobile/issues?status=new&status=open&component=Authentication> [Joerg]

Not addressed

  MODRNA CIBA Profile<https://bitbucket.org/openid/mobile/issues?status=new&status=open&component=MODRNA%20Profile%20CIBA>  [Dave/Brian/Gonzalo/Axel]
*       2 issues are discussed :

#126: CIBA Mobile Profile: SimAppletExample<https://bitbucket.org/openid/mobile/issues/126/ciba-mobile-profile-simappletexample>
#97: CIBA - Clarify privacy issues with login_hint_token and discovery service<https://bitbucket.org/openid/mobile/issues/97/ciba-clarify-privacy-issues-with>
o       Comments to be inserted to mention ready to be closed, as components moved to MODRNA Profile CIBA<https://bitbucket.org/openid/mobile/issues?component=MODRNA+Profile+CIBA>. To be reviewed at next call

  CIBA Core<https://bitbucket.org/openid/mobile/issues?status=new&status=open&component=CIBA> (Post-Implementer's Draft) [Dave/Brian/Gonzalo/Axel]

#153: Change examples to use public key crypto for auth<https://bitbucket.org/openid/mobile/issues/153/change-examples-to-use-public-key-crypto>
o       Issue assigned to Brian for examples.

#152: Guidance around verification of ownership of keys at jwks_uri for PPID<https://bitbucket.org/openid/mobile/issues/152/guidance-around-verification-of-ownership>
After a lot of discussions, and questions about the applicability of the proposal, the issue is kept open.
#151: Define authentication device before first use<https://bitbucket.org/openid/mobile/issues/151/define-authentication-device-before-first>
==>     Dave: Editorial point. Explanation of each term (authentication and consumption) and terminology required.

#150: should auth_req_id have limits on allowable characters?<https://bitbucket.org/openid/mobile/issues/150/should-auth_req_id-have-limits-on>
No issues found in similar contexts.
Comments to put into the issue tracker about limited character set proposed by Joseph.

Next meeting in 2 weeks.

Best regards,


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20190206/ad0b9229/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list