[Openid-specs-mobile-profile] WG description

Torsten Lodderstedt torsten at lodderstedt.net
Sun Oct 5 15:50:09 UTC 2014


Hi all,

Don Thibeau (OIDF Executive Director) asked me for a (brief) description 
of the WG to be used for marketing purposes. Please find below my 
proposal. I would very much appreciate to get your feedback until Oct 12th.

thanks in advance,
Torsten.

-----

Mobile network operators increasingly want to become identity providers 
that way leveraging their reach and specific technical capabilities to 
partners. The Mobile Profile working group aims to create a profile of 
OpenID Connect tailored to the specific needs of mobile networks and 
devices thus enabling usage of operator ID services in an interoperable 
way. The specific challenges the working group is aiming to cope with are:

To start with, OpenID Connect basically relies on the e-mail address to 
determine an user's OpenID provider (OP). In the context of mobile 
identity, the mobile phone number or other suitable mobile network data 
are considered more appropriate. The working group will propose 
extensions to the OpenID discovery function to use this data to 
determine the operator's OP, taking also into consideration protection 
of this data's privacy (esp. mobile phone number).

Given that regions are typically served by multiple, independent mobile 
network operators (including virtual network operators), the number of 
potential mobile OPs a particular relying party needs to setup a trust 
relationship with could be very high. The working group will propose an 
appropriate and efficient model for trust and client credential 
management based on existing OpenID Connect specifications, which also 
ensures fulfillment of the respective privacy, operational, and security 
requirements of all involved parties.

As service providers may have different requirements regarding a certain 
authentication transaction, the profile will also define a set of 
authentication policies operator OP's are recommended to implement and 
service providers can choose from.

This working group has been setup in cooperation with the GSMA in order 
to support GSMA's mobile connect project. Intermediary working group 
results will be proposed to this project and participating operators for 
adoption (e.g. in pilots) but can also be adopted by any other 
interested party. The experiences gathered during early adoption will 
influence further work.



More information about the Openid-specs-mobile-profile mailing list