[Openid-specs-mobile-profile] New Revision of Discovery Draft

philippe.clement at orange.com philippe.clement at orange.com
Thu Jul 23 12:50:05 UTC 2015


Hi torsten,

Thanks a lot for this document, here are my comments

2. Overview:
-  "*a RP may not process the MSISDN in the course of the discovery process"
I think that in some cases, the RP will have this MSISDN, and that this one will be secured at the RP by a real secured process (challenge with a phone call, confirmation by OTP...). Case of banks for example, but they are not alone.
As this MSISDN at RP exist, we should use it to simplify the user journey at the discovery stage and not risk to re-ask to the user some information regarding his MNO. Indeed, in some cases, the discovery service will have, in absence of user/MNO data, to ask to the user pieces of information (MSISDN, MCC/MNC...).
This could be added in § 2.1 C : "Moreover, the client may pass MCC, MNC or IMSI as part of the discovery request."

- "OpenID Connect Clients using this specification are encouraged to use the OpenID Account chooser service [Account.Chooser]. This allows them to bypass discovery for users that already have account information cached."
Are we confident that Account Chooser can endorse the discovery mechanism of an MNO for a specific user ? In other words, do we know exactly what should be the changes at Account Chooser level and at MNO level to bypass the discovery process ?

Hope this helps,
Philippe

-----Message d'origine-----
De : Openid-specs-mobile-profile [mailto:openid-specs-mobile-profile-bounces at lists.openid.net] De la part de Torsten Lodderstedt
Envoyé : samedi 18 juillet 2015 19:41
À : openid-specs-mobile-profile at lists.openid.net
Objet : [Openid-specs-mobile-profile] New Revision of Discovery Draft

Hi all,

I just posted a new revision of the discovery draft to the repository.
The HTML version can also be found here:
http://openid.net/wordpress-content/uploads/2014/04/draft-mobile-discovery-01.html

I revision reflects the current discovery design for both web and native apps as described in the web sequence diagrams. I also added an overview and restructured the document.

Please review it and give feedback to the list.

kind regards,
Torsten.
_______________________________________________
Openid-specs-mobile-profile mailing list Openid-specs-mobile-profile at lists.openid.net<mailto:Openid-specs-mobile-profile at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20150723/667efef2/attachment.html>


More information about the Openid-specs-mobile-profile mailing list