DRAFT
Attendees & Representation
Name | Company | Attendee |
---|---|---|
Eric Murray | Vodafone (moderator) | |
Sachin Kumar | Vodafone | |
Kevin Smith | Vodafone | |
Alex Ferreira | Phronesis | |
Matthew Hornsey | Phronesis | |
Matthew Hand | Phronesis | |
Sébastien Synold | Intersec | |
S, Vigneshwaran | Cognizant | |
Karthik Raj Rethinakumar | Cognizant | |
Manish Jain | Cognizant | |
Huub Appelboom | KPN | |
Rafal Artych | DT | |
Abhisek Das | Infosys | |
Brian Smith | Shabodi | |
Umair Ali Rashid | Shabodi | |
Foo Ming Hui | Singtel | |
Vilim Duganic | Infobip | |
Surajj Jaggernath | Vodacom |
Agenda
- Review of previous meeting minutes
- [ Decision ]
- Review of Device Identifier API status
- Discussion on requirements for IMEI Fraud
- AOB
Review of Device Identifier API status
- Current "work in progress" version can be found here
PRs
- New PRs:
- None
- Existing PRs:
- None
- Closed PRs:
- PR #54: Update API to match common schema definitions
- Updates
Device
schema to match that in CAMARA_common.yaml - Identifying device by IPv6 must be single IPv6 address
- Updates
- PR #54: Update API to match common schema definitions
- PR #53: Add X-Correlator to OAS and update linting rules
- Requirement in latest version of API Design Guidelines
- Linting rules agreed in Commonalities, but still not merged
- PR #53: Add X-Correlator to OAS and update linting rules
- PR #51: Add Identity & Consent header
- Adds mandatory identity & consent header to API information
- This will be a requirement of v0.1.0 of Identity & Consent documentation
- PR #51: Add Identity & Consent header
Issues
- New Issues
- None
- Existing Issues
- Issue #47: Add ageOfInformation field to API response
- Follows on from Discussion #35
- Current API response gives no indication of when the physical device information was collected for the specified subscription identifier (e.g.
phoneNumber
). Dependent on the backend implementation, this information could have been collected some time earlier, and potentially be out of date
- Issue #47: Add ageOfInformation field to API response
ISSUE UPDATE:
- Current proposal is to introduce
lastChecked
response parameter, defined as follows:
- Current proposal is to introduce
lastChecked:
description: Last time that the associated device identity was checked and updated if necessary
type: string
format: date-time
MEETING UPDATE:
- Issue #30: Defined scopes and meanings, being discussed in Issue
- The two use cases (retrieve all parameters or only tac / manufacturer / model), two separate scopes are required
- Should they be two scopes of same endpoint, or associated with separate endpoints
- Issue #30: Defined scopes and meanings, being discussed in Issue
ISSUE UPDATE:
Updated proposal is to have two separate endpoints as follows:
get-identifier
with scopedevice-identifier:get-identifier
which returns:- imeisv
- imei
- tac
- model
- manufacturer
get-type
with scopedevice-identifier:get-type
which returns:- tac
- model
- manufacturer
MEETING UPDATE:
- Issue #21: API Definition Terminology
- Issue is out of date
- Issue #21: API Definition Terminology
ACTION: Eric to update issue text (still open)
- Closed Issues
Discussions
- New Discussions
- None
- Existing Discussions:
- Discussion #36: Alternative device identifiers
- An alternative proposal is to salt the IMEI with an API consumer specific salt and then hash it
- This would a less useful identifier (only useful to the API consumer) but easier to justify providing under an opt-out or no consent basis
- Use cases for such an alternative identifier are not clear
- Discussion #36: Alternative device identifiers
AGREEMENT: Leave discussion open for now, but prioritise returning IMEI / IMEISV
- Closed Discussions
- None
Other Issues
- Kevin raised the point that YAML schemas should use the common schemas defined in CAMARA_common.yaml where appropriate. Ideally, they could be directly referenced, though this can cause issues with some OAS viewers.
- ACTION: Kevin to check how OAS viewers handle external references
Discussion on IMEI Fraud API
This API will not be further discussed until API proponents attend the sub-project meetings
- See API Proposal submission here
- Open Discussions:
- #37: IMEI Fraud API Input
- Proposal is just to use a single "IMEI" field, which would accept either IMEI or IMEISV
- #34: What values should the IMEI Fraud API respond with to indicate reported ownership status?
- The GSMA appear to have an existing Device Check service, which includes an API. How does the CAMARA proposal differ from this?
- Kevin highlighted a GSMA video on their Device Check service.
- #37: IMEI Fraud API Input
AGREEMENT: MTN / Huawei will join sub-project meetings from next year, so can then drive these discussion
AOB
- Issue #48: Additional sub-project codeowner required
- UPDATE: No additional codeowner yet identified
- Next meeting to be held Friday 23rd February 2024 @ 16:00 GMT.
- One day, meetings will be held using the LFX Zoom service, but not yet