TI WG 2011-09-07-8 F2F (Lannion)

Kantara TI WG F2F Meeting, Lannion (Brittany) France

Host: Orange

Date: 7-8 Sep. '11

Attendees:

  • Gaël Gourmelen, Orange (voting)
  • Fulup Ar Foll, self-represented (non-voting)
  • Jonas Högberg, Ericsson (voting)
  • Keith Uber, Ubisecure (voting) (over the phone)
  • Ingo Friese, DT (voting)
  • Philippe Clement, Orange (non-voting) (partly)
  • Benoit Bailleux, Orange (non-voting) (partly)
  • Sebastian Brault, Orange (non-voting) (partly)
  • Charles Marais, Orange (non-voting) (partly)

Regrets:

  • Thanh Van Do, Telenor (non-voting)

Staff:

  • None

Agenda:

  -       Session #1 : Current work items

o       Telco requirements document (update from Ingo?)

o       Network APIs state of the art

o       Cookbook for massively scalable IdM Telco architecture (update from Keith on “SP on-boarding and meta data exchange arrangements”?)

o       REST SOAP Harmonization proposal (update from Gaël)

o       ENISA WP (review of the MSS proposal from Keith)

-       Session #2 : Define clearly the objectives and outcomes/topics for the year ahead

o       Update on WAC (Ingo)

o       ULX WG AND ISA - Telco relevance? (Philippe)

o      

Meeting Room number for the F2F: WG 026

Confcall bridge: +(33) 2 31 15 09 50  / Room number: 052037

Notes:

Roll Call

Quorum was met with 4 out of 4 voting members present.

Minute Taker

Minutes were taken by Jonas Högberg.

AP Review

COMPLETED SINCE LAST MEETING:

ACTION POINT: 20110616-02: for Keith to write a chapter on service provider on-boarding and metadata exchange arrangements.

ACTION POINT: 20110616-05: for Keith to write MSS section for ENISA whitepaper. Comment: Not that urgent as we haven't received the template from Marnix (ENISA).

ACTION POINT: 20110630-01: Gaël to send a friendly reminder to Marnix of ENISA on the template for the white paper on 'Login to a Web Site from a Smart-Phone.' Comment: Still no news as at 25.8.2011, Gaël will contact Marnix again, or possibly another contact (ENISA).

ACTION POINT: 20110825-02: Gaël to send recommended hotel and driving details to others by email. Gaël will send telephone bridge details on the day to Keith.

ACTION POINT: 20110825-03: Gaël to prepare and send preliminary agenda for F2F.

OUTSTANDING:

ACTION POINT: 20110210-01: Jonas and Gael to put forward the revised and proofread IMS document to the Kantara Leadership Council for approval. To request the help of Anna to ensure correct process for the ballot. Comment; Jonas to do the remaining work.

ACTION POINT: 20110616-04: Ingo to send first draft of Telco requirements to the group for review. Comment: Still in progress.

ACTION POINT: 20110728-02: All to review the Network APIs. Wait for comments from Gaël & Ingo, make edits, do a 2 week review with the TI WG and then submit to LC. ' Comment: Conclusion chapter is missing and needs to be done. The conclusion could include a table summarizing the various APIs by functionality and protocol.

NEW APs ARISING FROM THIS MEETING:

ACTION POINT: 20110907-01: Jonas to create a template for the cook book and integrate Keith's work into it.

ACTION POINT: 20110908-01: Gaël to update document and distribute on e-mail list for further review.

Session Nr. 1

TELCO REQUIREMENTS:

Ingo presents the work. Should an explanatory text be provided to the reqs? Fulup: what's wrong today could justify a req. Disc. on detail level, some technical explanation/justification should be given. Ingo handles one req. group and then circulates that on the list to see if the level of detail is ok. Then take care of the other req. groups.

NETWORK APIS STATE OF THE ART:

Conclusion chapter remains incomplete. Jonas to take care of integration and proof-reading before distribution on the WG's e-mail list. After that wait for comments from Gaël & Ingo, make edits, do a 2 week review with the TI WG and then submit to the LC.

COOK BOOK FOR MASSIVELY SCALABLE IDM TELCO ARCHITECTURE:

We need to create a document template. Jonas will have a go at this. Focus on slide nr. 4 in Gaël's deck. Keith has written a chapter on SP on-boarding and meta data exchange arrangements. To be integrated into the template.

ACTION POINT: 20110907-01: Jonas to create a template for the cook book and integrate Keith's work into it.

REST SOAP HARMONISATION:

Gaël presents the latest version and all discuss Jonas's comments. Gaël to do an update and improve layout and use the Kantara template.

ACTION POINT: 20110908-01: Gaël to update document and distribute on e-mail list for further review.

KI VERSION OF IMS & DIGID WP:

Jonas to do the remaining work. Document template can be found here.

ENISA WP:

ENISA has had this on hold over the summer due to priorities. Marnix will eventually send us the 1st draft.  Keith has distributed a draft chapter on ETSI MSS by email to the group.

Session Nr. 2

WAC:

Ingo talks about a (WAC) cross operator project. It's more or less a summary of possible IdM topics in a cross-operator context DT is thinking about, like Roamed Telco Services. DT intends to set up an R&D project with these topics. WAC is a good candidate for a Telco club addressing IdM topics like SIM-based Authentication in a common cross operator approach. Some topics are good candidates for the massive scalable architecture, e.g., trust frameworks or centralized vs. mashed id services.

Topics to be covered:

  • Telco Auth.
  • Telco Attributes
  • Trust FWs
  • Pre-provisioning

ULX WG AND ISA - TELCO RELEVANCE:

Philippe presents history of IdP Selector, ISA and ULX work.

Before the ISA (Identity Selector) group merged with the ULX, ISA group had clear goals for a desired outcome. So far only the graphical aspect has been addressed to date. The protocol discussion and question of metadata has not been fully addressed. The ISA in the network vs ISA in the device discussion has not been achieved.

Does the concept of a pure Telco ISA make sense? Telcos should have their own ISA, as they have specific authentication technology. Telcos must work together to compete with Over the Top players (OTT), such as Google. There are synergies with the Massively Scalable Architecture work. This is seen as an item for discussion together within the Telco WG.

Authentication means are more simple than social login (implicit network authentication, SMS OTP, OTP, QR code, GBA, etc) making it very straightforward. Supports LoA from basic to advanced.

Trust FWs could easily be made for Telcos, such has been made for roaming in the mobile world.

Telcos have business opportunities. First they should reclaim the authentication space now taken by Google etc. Alone they may not succeed, but if the Telcos work together they can compete. Telcos are best-in-class in authentication and need to work together to have a first level of agreement.

We already have a wide range of Telco APIs that could justify the business case, particularly mentioned billing and privacy.

We need to compare this as to what has done in WAC (Wholesale Application Community), which is a collection of mobile providers and others. WAC could be one candidate for ISA model.

We need to align our work also with the other Kantara WGs, e.g., trust FWs, APIs, etc. At the same time determine what is in our scope, and what is the scope of other, even external organizations, such as WAC.

LOOSE DISCUSSIONS:

DT Labs & Orange Labs to collaborate, e.g., on IdM.

Euro5: Orange, DT, Tfca, TIM and Vfe - CEOs of these meet regularly to discuss important topics. IdM has been discussed. Maybe GBA can be pushed in some way? SIM cards should be used more than just for voice authentication.

Telco Club: Telcos need a club, name is not so important. WAC, Eurescom, or? However, control is needed. Linux, Android (Google) and IOS (Apple) is under control. Java was under control in Sun.

Telco Trusted FW: STORK is looking for money for ph. 2, ENISA refers to STORK. STORK has implemented SAML2 proxy. An ex. where a Telco trusted FW is needed is for transactions involving more than 100 €uros on LoA2, the only ones that can do it are Telcos. The threat to Telcos is Google, FB and PayPal.

ROADMAP:

Architecture for Cook Book:

  • 3 WAC ones from DT; Telcos as IdP -> 3 archs. => issues/problems to be solved -=> solutions = chapters in Cook Book.
  • Mobile as universal credential provider -> issues.
  • Internal IdP architecture. How dows it scale? Country/regional context. Break TTV/Internet/IMS/etc. silos.

ACTION POINT: 20110908-02: Gaël and Jonas to prepare some slides on this.

7. Next F2F

Helsinki at Ubisecure in the Nov.-Dec. timeframe was loosly mentioned.

8. Next Teleconference

The next call is on Th. 22 September, 2011.

9. AOB

- None

10. Adjourn

Meeting adjourned on 8 Sep. '11 at 17:10 CEST.

Next Meeting

  • Conference Call:
  • Date: 22 Sep. '11 
  • Time: 07:00 PDT | 10:00 EDT | 14:00 UTC/GMT | 16:00 CEST (Time Chart)
  • Dial In: Skype: +9900827044630912 | Austria +43 (0) 720881948 | Belgium +32 (0) 70357134 | Canada +1 (201) 793-9022 | France +33 (0) 826109071 | Germany +49 01805009527 | Ireland +353 (0) 818270968 | Italy +39 848390177 | Spain +34 (9) 02885791 | Switzerland +41 (0) 848560397 | United Kingdom +44 (0) 8454018081 | USA: +1-201-793-9022

  Room Code: 4630912