OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

coel message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Groups - Action Item "COEL-26 Describe approach to protecting high risk API methods in MMI" added


Action Item Subject: COEL-26 Describe approach to protecting high risk API methods in MMI
Item Number: #0035

Description
Describe the 2FA callback approach to be used for high risk items in MMI. (see COEL-26)

Note that the Operator can initiate a call to forget a consumer or reassign a device, but the Service Provider must provide the final go-ahead through a callback mechanism (e.g. email). The Operators call to the MMI does not block waiting for the Service Provider, it returns immediately to the caller, who cannot tell if it has been approved at this point.

(Note that reassignDevice is not in the MMI yet - we should put in a placeholder?)

Note that COEL-12 seems similar to this (look before you leap) but the email callback mechanism might be confusing, better to use a more standard RESTful approach of returning a URI which can be used by the caller to retrieve the data in batches.

Owner: Dr. David Snelling
Status: Open
Priority: Medium
Due Date: N/A


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]