[Openid-specs-mobile-profile] preliminary notes July 15th 2015 MODRNA WG Call
philippe.clement at orange.com
philippe.clement at orange.com
Wed Jul 15 15:28:56 UTC 2015
Dear all,
Here are the preliminary notes of our call.
Due to bad conditions in some phone communications, please complete your missing parts.
Participants: John, Torsten, Joerg, Bjorn, Gonzalo, Matthieu, Philippe
Agenda:
1. PoCs: Spain, US, Germany (information and requirements towards WG)
2. Status/next steps discovery spec
3. Status registration spec
4. Status/next steps authentication spec
Discussions:
1. PoCs: Spain, US, Germany (information and requirements towards WG)
Gonzalo (Spain)
ID Gateway implemented in-house. SPs are provided with an App through OAuth.
Spam code has been inserted, and ID token is signed.
2 authenticators are delivered: SMS (OTP or URL) and SIM applet.
Architecture: reuse of TDAF (Telefonica digital architecture framework), MSSP is outside the TDAF perimeter
SP integrated with OneAPI Exchange, do not use the credential management
Matthieu (Spain)
Project to be launched end of this year
First phase (SIM applet only for Orange Services): Orange Spain doesn't need an ID Gateway, nor OpenID Connect. Next phase will, components will be mutualized.
Existing OpenID Connect gates exposing features with existing APIs will have to combine with MC.
New trials scheduled in France for Authorization services
Bjorn (US) -To be completed due to a bad liaison-
POC in US, with a GSMA partnership. Project divided in 3 phases, phase 2 has just started, exposing OpenID Connect to SP, testing different auth options, among them FIDO features
Questions regarding the scalability of OneApiExchange.
Torsten (Germany)
Telefonica having suspended its activities in the frame, DT and Voda are experiencing.
DT tests its Id Management system with MC specificities on the OIDC basic client profile.
2 authenticators: login/password as primary, and SIM applet as a second factor.
Objective to test MC with Vodaphone and improve protocol to facilitate SP - OP interfaces.
First phase should be up and running next month.
2. Status/next steps discovery spec
Document to be updated, collaboration by the group is proposed after circulating
3. Status registration spec
Document to update and comment
4. Status/next steps authentication spec
Torsten suggest to create a separate issue and a new section for security considerations.
Discussions about a possible confusion between authorization context and authentication context. Terminology to adapt.
Questions about authorization and consent overlap.
Matthieu to summarize
John evokes a working group about contracts exchange, see KDDI
Kind regards,
Philippe
-----Rendez-vous d'origine-----
De : Lodderstedt, Torsten [mailto:t.lodderstedt at telekom.de]
Envoyé : mardi 14 juillet 2015 10:16
À : Lodderstedt, Torsten; openid-specs-mobile-profile at lists.openid.net
Objet : [Openid-specs-mobile-profile] MODRNA WG Call
Date : mercredi 15 juillet 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Berne, Rome, Stockholm, Vienne.
Où : https://global.gotomeeting.com/join/764054389
Zeit: Mittwoch, 15. Juli 2015 16:00-17:00 (UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien.
Ort: https://global.gotomeeting.com/join/764054389
Hinweis: Die oben angegebene Abweichung von GMT berücksichtigt keine Anpassungen für Sommerzeit.
*~*~*~*~*~*~*~*~*~*
Hi all,
I propose the following agenda:
1. PoCs: Spain, US, Germany (information and requirements towards WG)
1. Status/next steps discovery spec
1. Status registration spec
1. Status/next steps authentication spec
best regards,
Torsten.
<< Fichier: ATT00001.txt >>
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150715/f71f9008/attachment.html>
More information about the Openid-specs-mobile-profile
mailing list