[Openid-specs-mobile-profile] OIDC Mobile profile call Nov 5th: preliminary notes

Lodderstedt, Torsten t.lodderstedt at telekom.de
Wed Nov 5 17:14:59 UTC 2014


Hi all,

please find below the draft minutes of today's call.

Best regards,
Torsten.


Participants:
Philippe Clement, Orange
Bjorn Hjelm, Verizon Wireless
John Bradley, Ping Identity
Torsten Lodderstedt, Deutsche Telekom

Discovery - Discussion about way forward and content of discovery spec - results:
- explanation of assumptions
  - discovery service across MNOs needed
  - different deployment options shall be supported (e.g. global provided by GSMA OneAPI Exchange, local per market or group of operators)
  - all deplyoments shall speak the same protocol (that's the scope of our WG)
- different needs/capabilities for different types of apps (native vs. web)
Topics:
- basic discovery options - mnc/mcc, IP, MSISDN
- add on 1 - account chooser (probably pre-populated)
  - allows user to directly select account with operator
  - RP is directly provided with MNOs issuer URL
  - no additional discovery step required, no need to enter further data (such as MSISDN) -> privacy and convenient
  - approach is best suited for Web Apps
  - account chooser could also offer an option to add MNO account to the list -> privacy (disovery data is only entered in account chooser)
- add on 2 - UI for entering MSISDN/selecting Operator
  - no real improvement as App can get access to the MSISDN anyway + entering an MSISDN is a user consent
- returning a privacy protected login hint (e.g. encrypted MSISDN) to improve user experience in the login flow
- authorization: not neccessary (as long as there are no respective business requirements)
- discovery shall be independent of client credential management
- John will draft a first version next week

Dyn. Registration
Bjorn will outline options & questions and we will discuss it on the list (and/or in the next call)





DEUTSCHE TELEKOM AG
Products & Innovation
Dr.-Ing. Torsten Lodderstedt
Head of Development
Customer Platforms
T-Online Allee 1, 64295 Darmstadt
+49 6151 680 7038 (Tel.)
E-Mail: t.lodderstedt at telekom.de<mailto:t.lodderstedt at telekom.de>
www.telekom.com<http://www.telekom.com>
ERLEBEN, WAS VERBINDET.
Die gesetzlichen Pflichtangaben finden Sie unter:
www.telekom.com/pflichtangaben<http://www.telekom.com/pflichtangaben>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20141105/1bcfd766/attachment.html>


More information about the Openid-specs-mobile-profile mailing list