mobile OpenID and role of mobile carriers

Laurent Michel | AF83 laurent.michel at af83.com
Sun Oct 7 17:17:18 UTC 2007 

Hi all,

I am currently working on "bringing OpenID to mobile" : that is allowing 
the use of OpenID authentification to sign in / up on compliant xHTML 
wap sites / relaying parties.

So far i've encountered 2 issues :

1) to type in the OpenID URL on a wap site login form. It's impossible 
to ask endusers to type in such an url (even i-names) with a mobile 
keyboard .. This may sound like a minor issue ... but it's actually a 
crucial one .. and OpenID could also help on this field too.
2) to use mobile operators/carriers as OpenID Providers .. or allow 
existing OpenID providers to delegate the authentification dialog to the 
mobile operator. I think this is quite a strategic issue for OpenID : if 
OpenID tends to offer more reliable authentification, then mobile 
networks have something strong to offer : the ability to strongly 
auto-identify the enduser on each wap session.

But my main concern these days is 1) :
I am thinking of proposing the following scheme : a public API allowing 
mobile RPs to automatically discover wether the enduser has an (or many) 
OpenID account(s).
The API would do the following :
- the RP transmitts to the API the IP of the mobile enduser + a 
session-ID (most operators use a "x-nokia-gid" paramater transmitted on 
HTTP headers)
- the API detects if this IP corresponds to a mobile operator gateway
- if yes : the API asks the mobile operator (API to define and implement 
by mobile operators) if the enduser associated with the sessionID has an 
OpenID accout ...
- if yes, the API returns to the RP this OpenID

This assumes that :
- endusers declare to their mobile tellco their OpenID urls
- mobile teclos implement the described api


Does anyone have heard of a similar approach ? Any feedback ?

Thanks !



-- 

*Laurent Michel | AF83*
42, boulevard de Sébastopol | 75003 Paris | France
Tél. : +33 1 40 27 83 83 | Mobile : +33 6 79 72 0800
Web : _www.af83.com_ <http://www.af83.com/> | Skype : laurent_michel
---
This email is: [ ] bloggable [ ] ask first [X] private

More information about the specs mailing list