[Openid-specs-mobile-profile] MODRNA WG on April 16th 2019 preliminary minutes
philippe.clement at orange.com
philippe.clement at orange.com
Tue Apr 23 08:11:15 UTC 2019
Please find below the preliminary minutes of our MODRNA call on April 16th 2019.
In case of error or misunderstanding, please let me know.
Roll Call (extract from gotomeeting list)
Bjorn Hjelm (Verizon), Dave.Tonge (Moneyhub), Philippe Clement (Orange), Brian Campbell, Petteri (Ubisecure), Geoffrey Graham, Julie Maas
Adoption of the Agenda [Bjorn/John]
Working Group Updates
FAPI WG [Dave]
FAPI WG is unlocking issues for FAPI / CIBA.
Extra meetings or intermediate calls may happen
MODRNA CIBA Profile [Dave/Gonzalo/Axel]
Update from Dave
Authentication Profile [Joerg]
MODRNA CIBA Profile<https://bitbucket.org/openid/mobile/issues?status=new&status=open&component=MODRNA%20Profile%20CIBA> [Dave/Gonzalo/Axel]
#97: CIBA - Clarify privacy issues with login_hint_token and discovery service<https://bitbucket.org/openid/mobile/issues/97/ciba-clarify-privacy-issues-with>
Dave to look at and make a proposal
CIBA Core<https://bitbucket.org/openid/mobile/issues?status=new&status=open&component=CIBA> (Post-Implementer's Draft) [Dave/Brian/Gonzalo/Axel]
* #136: "interval" and "slow_down" may not give the OP enough control<https://bitbucket.org/openid/mobile/issues/136/interval-and-slow_down-may-not-give-the-op>
* Interval between the last response and the next request is at stake.
* Petterri mentions several scenario, like short polling or long polling. And the client would have to know if the AS implemented short or long polling.
* Petteri mentions existing implementations of these kinds of polling. Have a note that the client be prepared to short or long polling ?. We can add a note/clarification.
==> Petteri to prepare a text for this issue.
#135: token endpoint response when client polls quicker than 'internal' may be unclear<https://bitbucket.org/openid/mobile/issues/135/token-endpoint-response-when-client-polls>
Do we need a special error code ? Brian thinks it's not necessary.
==> Bjorn to reach out to Joseph for this issue.
#152: Guidance around verification of ownership of keys at jwks_uri for PPID<https://bitbucket.org/openid/mobile/issues/152/guidance-around-verification-of-ownership>
Discussion kept open
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-mobile-profile