Device Identifier Meeting Minutes 2024-09-06

DRAFT

Attendees & Representation

Name	Company	Attendee
Eric Murray	Vodafone
Sachin Kumar	Vodafone (moderator)	X
Kevin Smith	Vodafone
Alex Ferreira	Phronesis
Matthew Hornsey	Phronesis
Matthew Hand	Phronesis
Sébastien Synold	Intersec
S, Vigneshwaran	Cognizant
Karthik Raj Rethinakumar	Cognizant
Manish Jain	Cognizant
Huub Appelboom	KPN
Rafal Artych	DT	X
Axel Nennker	DT
Abhisek Das	Infosys
Brian Smith	Shabodi
Umair Ali Rashid	Shabodi
Foo Ming Hui	Singtel
Vilim Duganic	Infobip
Surajj Jaggernath	Vodacom
Walid Trabelsi	Sofrecom (Orange)
Aleksander Brankovic	Ipification

Agenda

Review of previous meeting minutes
- Approved
Review of Device Identifier API status
- PRs
- Issues
- Discussions
AOB

Review of Device Identifier API status

Current "work in progress" version can be found here

PRs

New PRs	PR #72: Initial Test Definitions for DeviceIdentifier retrieve identifier Proposal for test definitions in response to Issue #68 Final review required by more API participants MEETING UPDATE 06 Sept 2024 : No discussion PR #73: Add EUDI Wallet and Mobile Device Insurance User Stories Additional user stories for Device Identifier Adds a use case where the physical device itself requests its own IMEI (because OS will not provide it to the app) Review required by API participants MEETING UPDATE 06 Sept 2024: No discussion PR #78: remove misleading sentence on from where the API can be called Proposal to remove description text stating that API can be called by "an application server or other 3rd party server" Discussion and revision required as the API clearly can be called by an application or other 3rd party server MEETING UPDATE 06 Sept 2024: No discussion
Existing PRs
Closed PRs	PR #81: Remove 405 error response from YAML Removes 405 error response from YAML as this is not compliant with Commonalities API Design Guidelines MEETING UPDATE 06 Sept 2024 : PR merged on 20 Aug 2024 as this fixes a CAMARA non-compliance PR #77: Reduce telco language in the API description Removes reference to UE / User Equipment in description and replaces with "physical mobile device" MEETING UPDATE 06 Sept 2024 : PR merged on 13 Aug 2024 as no comments on proposed wording PR #76: Rewrite text around treatment of primary / secondary MSISDN Removes reference to a specific implementation of this, and rewrites using more generic language Treatment of MSISDNs as `phoneNumber` remains the same - the `phoneNumber` will be treated as the secondary MSISDN, and can thus be used to identify the IMEI of all devices MEETING UPDATE 06 Sept 2024 : PR merged on 13 Aug 2024 as no comments on proposed rewording PR #75: Fixes the missing required property in the the error response schema Fixes the missing `required` property in the the error response schema MEETING UPDATE 06 Sept 2024 : PR merged on 12 Aug 2024 as this was a clear non-compliance with the Commonalities common JSON definitions PR #67: Update CAMARA Mobile Device Identifier API.yaml Commonalities v0.4.0 allows x-correlator to be any string, and not restricted to being a uuid. Therefore "`format: uuid"` needs to be removed from the definition. MEETING UPDATE 02 Aug 2024 : No update MEETING UPDATE 06 Sept 2024 : PR merged on 13 Aug 2024 as no further comments PR #66: Update CAMARA Mobile Device Identifier API.yaml Update `info` section of OAS to comply with Commonalities guidelines v0.4.0 MEETING UPDATE 02 Aug 2024 : No update ACTIONS: PR merged on 13 Aug 2024 as no further comments PR #64: Incorporate Commonalities WG recommendations on Simplification of Device object Add Commonalities WG recommended text on "Identifying a device from the access token" Add 422 error response option Explicitly define request body as optional Description updated to replace `device` with `mobile subscription identifier` as appropriate MEETING UPDATE 02 Aug 2024 : Huub commented that line 71 implies the access token follows a certain implementation `"The server will extract the mobile subscription identifier (e.g. MSISDN) from the access token, if available."` This text needs to be revised to be more implementation neutral. `MSISDN` to be replaced by `phone number`. Keep PR open until 09 Aug 2024 to see if Commonalities revise current solution for `Device` object handling MEETING UPDATE 06 Sept 2024 : Merged on 09 Aug 2024 as no further comments

Issues

New Issues	Issue #71: Why "The API can be called by an application server or other 3rd party server" Issue associated with PR #78 MEETING UPDATE 06 Sept 2024 : No discussion Issue #79: Use API name as file name of the the YAML and with the info.title field Naming standard has been informally adopted for meta-release APIs, but not yet formally defined by Commonalities MEETING UPDATE 06 Sept 2024 : No discussion Issue #80: Purpose of the lastChecked field in the response? `lastChecked` response field is not clear to all potential API consumers This is the last time that the API provider checked which IMEI was being used by a specific MSISDN Could be "now", or could be some minutes ago. Implementation dependent. How to fix? Rename field (maybe to `lastConfirmed`)? Better description in YAML itself? MEETING UPDATE 06 Sept 2024 : No discussion
Existing Issues	Issue #68: API Test Cases Required to be Defined See Commonalities API Testing Guidelines MEETING UPDATE 06 Sept 2024 : See PR #72 Issue can be closed when above PR is merged Issue #21: API Definition Terminology Issue is out of date MEETING UPDATE 02 Aug 2024 : No update MEETING UPDATE 06 Sept 2024 : No discussion ACTIONS: Eric to update issue text (still open)
Closed Issues	Issue #61: Simplification of Device object - short term solution Commonalties proposes to revise DeviceObject Should be optional, with 3-legged access token normally used to identify the mobile subscription If 2-legged token is used, device object should be provided to API Network Access Identifier (3GPP External Id) option to be removed as support not common Will be closed by PR #64

Discussions

New Discussions	None
Existing Discussions	Discussion #36: Alternative device identifiers An alternative proposal is to salt the IMEI with an API consumer specific salt and then hash it This would a less useful identifier (only useful to the API consumer) but easier to justify providing under an opt-out or no consent basis Use cases for such an alternative identifier are not clear MEETING UPDATE 06 Sept 2024 : Discussion updated by Axel Nennker with proposal to include PPID as a 3rd device identifier that can be requested (in addition to IMEI or TAC)
Closed Discussions	None

Other Issues

None

AOB

Next meeting proposed to be held Friday 4th October 2024 @ 09:00 BST using Zoom

Space shortcuts

Page tree

DRAFT

Attendees & Representation

Agenda

Review of Device Identifier API status

PRs

PR #72: Initial Test Definitions for DeviceIdentifier retrieve identifier

PR #73: Add EUDI Wallet and Mobile Device Insurance User Stories

PR #78: remove misleading sentence on from where the API can be called

PR #81: Remove 405 error response from YAML

PR #77: Reduce telco language in the API description

PR #76: Rewrite text around treatment of primary / secondary MSISDN

PR #75: Fixes the missing required property in the the error response schema

PR #67: Update CAMARA Mobile Device Identifier API.yaml

PR #66: Update CAMARA Mobile Device Identifier API.yaml

PR #64: Incorporate Commonalities WG recommendations on Simplification of Device object

Issues

Issue #71: Why "The API can be called by an application server or other 3rd party server"

Issue #79: Use API name as file name of the the YAML and with the info.title field

Issue #80: Purpose of the lastChecked field in the response?

Issue #68: API Test Cases Required to be Defined

Issue #21: API Definition Terminology

Issue #61: Simplification of Device object - short term solution

Discussions

Discussion #36: Alternative device identifiers

AOB