openid / ekyc-ida / issues / #1178 - MSISDN claim value — Bitbucket

Issue #1178 resolved

Bjorn Hjelm created an issue 2020-03-04

Add claim value “MSISDN”. This value is defined in OpenID Connect MODRNA Authentication Profile as “The Subscriber identifier formated according to ITU-T recommendation [E.164]”.

Comments (10)

Torsten Lodderstedt
@Bjorn Hjelm why do you think this should be added in OIDC4IDA and not MODRNA?
- 2020-05-05T06:08:25+00:00
Bjorn Hjelm reporter
As stated in the issue, the MSISDN is already defined in the MODRNA Authentication profile and as “telephone number uniquely identifying a subscription in a mobile network.” This attribute (or claim) is often request by RPs to be validated. Is there a reason why it shouldn’t be part of the OpenID Connect for Identity Assurance spec.?
- 2020-05-05T06:40:45+00:00
Torsten Lodderstedt
Basically, any claim can be used with OIDC4IDA including all claims defined in other specs.

I took a look at https://openid.net/specs/openid-connect-modrna-authentication-1_0.html and it seems to define MSISDN as element of the login_hint_token only and not as an End-User claims. The spec also does not register the claim yet with the IANA registry https://www.iana.org/assignments/jwt/jwt.xhtml#claims.

Do you plan to add the registration?
- 2020-05-05T08:36:30+00:00
Bjorn Hjelm reporter
Yes, in MODRNA Authentication profile the misisdn is used in the login_hint_token as proposed in the initial proposal that you co-authored. :-)

As stated, the proposal was to add the MSISDN as a claim using the definition in MODRNA. Now, we can always rely on the OpenID Connect Core standard claim “phone_number” and the RP will receive a ‘a phone number’ in the response but it may or not be a mobile phone number which is what RPs are commonly asking for. I thought this would be an enhancement (given the requests that MNOs receive) but if that view isn’t shared then we can default to the OpenID Connect Core standard claim.
- 2020-05-05T21:24:15+00:00
Torsten Lodderstedt
Long time ago when I contributed to this spec

I don’t mind to add MSISDN to eKYC-IDA, I just wanted to clarify that an extension of https://openid.net/specs/openid-connect-modrna-authentication-1_0.html (IANA registration) would lead to the same result.

Are there specific metadata (trust framework, verification method, …) that you would expect to be used in conjunction mit the MSISDN claim?
- 2020-05-06T08:44:15+00:00
Torsten Lodderstedt
- assigned issue to
  
  Torsten Lodderstedt
- 2020-05-13T18:24:32+00:00
Torsten Lodderstedt
- changed status to open
- 2020-06-10T14:13:37+00:00
Torsten Lodderstedt
please have a look onto #32
- 2020-06-10T14:51:23+00:00
Bjorn Hjelm reporter
I’ve reviewed and approved pr#32.
- 2020-06-17T15:18:59+00:00
Torsten Lodderstedt
- changed status to resolved
- 2020-07-01T15:59:51+00:00
Log in to comment

Assignee: Torsten Lodderstedt

Type: enhancement

Priority: minor

Status: resolved

Component: Assurance

Milestone: next stage (candidates)

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!