[Openid-specs-mobile-profile] MODRNA WG call on 11th September 2018 preliminary minutes
philippe.clement at orange.com
philippe.clement at orange.com
Wed Sep 12 15:02:08 UTC 2018
Please find below the preliminary minutes of our call.
In any case of error or misunderstanding, please let me know.
Bjorn Hjelm, Dave.Tonge (Moneyhub), John Bradley, Philippe Clement (Orange), Brian Campbell (Ping Identity), Nicolas AILLERY (Orange), Petteri (Ubisecure), Siva(GSMA)
Adoption of the Agenda [Bjorn/John]
1. Suggestion of petterri to have a MODRNA F2F meeting during the OIF workshop. Bjorn to see if possible.
2. issues 66<https://bitbucket.org/openid/mobile/issues/66/ciba-new-notification-only-modehttps:/bitbucket.org/openid/mobile/issues/66/ciba-new-notification-only-mode> (new notif only mode) and 82<https://bitbucket.org/openid/mobile/issues/82/ciba-naming-of-the-3-modes> (naming of the 3 modes)
3. issues resolved: the tokens can be retrieved in a Poll, Ping or Push mode, defined at registration of the client.
Issue 67<https://bitbucket.org/openid/mobile/issues/67/clarify-ciba-authentication-request-format> (CIBA auth request format)
The group decides to use form-urlencoded, for compliance with authentication methods from the client at registration time.
Issue 84<https://bitbucket.org/openid/mobile/issues/84/ciba-redirects-and-the-client-notification> (Redirects and Client Notification Endpoint)
Discussions around "SHOULD" and "MUST". The group agrees that no redirect is possible.
Issue 78<https://bitbucket.org/openid/mobile/issues/78/ciba-expiration-time> (CIBA expiration time)
Discussions around the responsibilities of RP or OP to track the expiration time, and subsequent error codes to manage from both sides.
Consensus on the fact that the RP has to track the expiration time in an authentication request, and manage the state accordingly.
==> Dave and brian to update the issue tracker
* Siva: issue 46<https://bitbucket.org/openid/mobile/issues/46/provide-feedback-review-specification-of> ? to mention by email to Bjorn, to be added to the agenda for next call
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-mobile-profile