<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from rtf -->
<style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<font face="Arial" size="2"><span style="font-size:10pt;">
<div>Dear all,</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div>Please find below the preliminary notes of our call on March 8<font size="1"><span style="font-size:6.65pt;"><sup>th</sup></span></font> 2017</div>
<div>Any error or misunderstanding, please let me know.</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><u>Participants:</u></div>
<div>John, Philippe, Nicolas, Charles, Siva, Bjorn, Nat, Gonzalo, Alex Chong, Hubert Mariotte</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><u>Agenda:</u></div>
<div>• Brief summary of discussions with FAPI WG. [John]</div>
<div>• Continue discussion on asynchronous/synchronous modes and user consent/authentication for token retrieval. [All]</div>
<div>• AOB</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><u>Discussion:</u></div>
<div>• Brief summary of discussions with FAPI WG. [John]</div>
<div>UK case described by John about Open Banking group and API(s), that evolve and work towards transaction processing mechanisms. In this case, banks have authenticated their customer by their own and outside of OpenID Connect. At payment time, user is requested
to provide a consent on the transaction, potentially on a second channel. Summarizing the case, looks similar to a server to server exchange, going through the MNO to get the user statement.</div>
<div>Potential usage of a signed request object is mentioned, that could convey transaction details. Potential usage of User Questioning API is also addressed to get and provide back the user response.</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<ul style="margin:0;padding-left:36pt;">
<li>John to provide information on how the banks are working in UK case.</li></ul>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<ul style="margin:0;padding-left:36pt;">
<li>Orange volunteers to sketchup some flows describing the correlation of the UK Open Banking case to things addressed in MODRNA (or OAuth), like using the request object, the JWT assertion specs, using front or back channel, conveying the context of transaction
and usage of a non-consumption device (2<font size="1"><span style="font-size:6.65pt;"><sup>nd</sup></span></font> channel).</li></ul>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div>• Continue discussion on asynchronous/synchronous modes and user consent/authentication for token retrieval. [All]</div>
<div>CPAS feedback (Siva) : decision to go ahead with 2 specs, in asynchronous and synchronous modes.</div>
<div>A suggestion is made to use JWT assertions in both modes, But attention to keep on authentication (not allowed, but not forbidden by JWT assertion), and also for access token and primary consent retrieval.</div>
<div>An asynchronous mode is considered as useful (also by FAPI) for long delay responses.</div>
<ul style="margin:0;padding-left:36pt;">
<li>Proposal made to put ideas on the table (Orange has presented some) and see where it’s worth to work on. To be part of the agenda for the next call </li></ul>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div>Kind regards,</div>
<div>Philippe</div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><font face="Tahoma">-----Rendez-vous d'origine-----<br>
<b>De :</b> Hjelm, Bjorn [<a href="mailto:Bjorn.Hjelm@VerizonWireless.com">mailto:Bjorn.Hjelm@VerizonWireless.com</a>]
<br>
<b>Envoyé :</b> mardi 7 mars 2017 13:47<br>
<b>À :</b> Hjelm, Bjorn; openid-specs-mobile-profile@lists.openid.net<br>
<b>Objet :</b> [Openid-specs-mobile-profile] Mobile Profile WG Call<br>
<b>Date :</b> mercredi 8 mars 2017 16:00-17:00 Europe/Berlin.<br>
<b>Où :</b> <a href="https://global.gotomeeting.com/join/927253461">https://global.gotomeeting.com/join/927253461</a></font></div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;">1. <font color="#1F497D">Agenda</font></span></font></div>
<div><font face="Calibri" size="2" color="#1F497D"><span style="font-size:11pt;"> </span></font></div>
<ul style="margin:0;">
<font face="Calibri" size="2" color="#1F497D"><span style="font-size:11pt;">
<li style="margin-top:5pt;margin-bottom:5pt;">Brief summary of discussions with FAPI WG. [John]</li><li style="margin-top:5pt;margin-bottom:5pt;">Continue discussion on asynchronous/synchronous modes and user consent/authentication for token retrieval. [All]</li><li style="margin-top:5pt;margin-bottom:5pt;">AOB</li></span></font>
</ul>
<div><font face="Calibri" size="2" color="#1F497D"><span style="font-size:11pt;"> </span></font></div>
<div><font face="Calibri" size="2" color="#1F497D"><span style="font-size:11pt;">BR,</span></font></div>
<div><font face="Calibri" size="2" color="#1F497D"><span style="font-size:11pt;">Bjorn<font color="black"> </font></span></font></div>
<div><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="text-indent:-18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> Please join my meeting, Sep 24, 2015 at 10:00 AM EDT. <a href="https://global.gotomeeting.com/join/764054389"><font face="Arial" size="2" color="blue"><span style="font-size:10pt;"><u>https://global.gotomeeting.com/join/927253461</u></span></font></a></span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">2. Use your microphone and speakers (VoIP) - a headset is recommended. Or, call in using your telephone.</span></font></div>
<div style="padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">United States: +1 (626) 521-0013</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Australia: +61 2 8355 1034</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Austria: +43 (0) 7 2088 1036</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Belgium: +32 (0) 28 08 9460</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Canada: +1 (647) 497-9376</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Denmark: +45 (0) 89 88 03 61</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Finland: +358 (0) 942 45 0382</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">France: +33 (0) 170 950 586</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Germany: +49 (0) 811 8899 6931</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Ireland: +353 (0) 15 255 598</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Italy: +39 0 694 80 31 28</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Netherlands: +31 (0) 208 084 055</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">New Zealand: +64 (0) 9 887 3469</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Norway: +47 23 96 01 18</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Spain: +34 932 20 0506</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Sweden: +46 (0) 840 839 467</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Switzerland: +41 (0) 435 0824 78</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">United Kingdom: +44 (0) 330 221 0098</span></font></div>
<div style="padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Access Code: 764-054-389</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Audio PIN: Shown after joining the meeting</span></font></div>
<div style="padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="margin-top:24pt;padding-left:18pt;"><font face="Cambria" size="4" color="#365F91"><span style="font-size:14pt;"><b>Meeting ID: 927-253-461</b></span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">GoToMeeting®</span></font></div>
<div style="text-indent:-18pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Online Meetings Made Easy®</span></font></div>
<div style="padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
<div style="padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;">Not at your computer? Click the link to join this meeting from your iPhone®, iPad®, Android® or Windows Phone® device via the GoToMeeting app.</span></font></div>
<div style="margin-top:6pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> << Fichier: ATT00001.txt >> </span></font></div>
<div style="margin-top:6pt;padding-left:18pt;"><font face="Calibri" size="2"><span style="font-size:11pt;"> </span></font></div>
</span></font>
<PRE>_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
</PRE></body>
</html>