CMI 5 Working Group Meeting Minutes – August 22nd, 2014

Attendees

William A. McDonald – Boeing Flight Services
Bruce Williamson – Boeing Defense Systems
William Shook – Boeing Defense Systems
Bernard Bouyt - Airbus
Ray Lowery – Pratt & Whitney
Art Werkenthin – RISC Technology
Ben Clark – Rustici Software
Andy Johnson – ADL
Tyler Mulligan - ADL
Chris Handorf – Pearson
Henry Ryng – INXSOL

(Please let know if anyone was missed)

Notes

The group had an abbreviated meeting due to schedule conflicts.

The discussion focused on how the authentication token would be passed to the content from the LMS at launch time. (the alternative to using OAuth)

As per the past meeting the, the “Fetch URL” (a limited use URL to be used by the content to retrieve the authentication token for the LRS) was discussed as a more secure method.

The original idea was to pass the fetch URL in State API “launchParameters”, but this would require that the content connect to the LRS before having a token. (which would be problematic !)

So it was agreed that the URL launchLine would need to be modified to place the “Fetch URL” on it instead of using the State API to retrieve it.

Chris Handorf proposed an alternative method using 2 tokens, but after some discussion, the group determined that the “Fetch URL” approach was more elegant and more likely to work with “3rd party” LRS’s used in conjunction with an LMS.

Proposed change to CMI-5 Runtime Specification - 8.1.1 Launch Method: Change “auth” name/value pair to be “fetch”

All Previous CMI-5 Meeting Minutes (Prior to June 6th): http://aicccmi5.wikispaces.com/AICC+CMI5+Specification

All Previous CMI-5 Meeting Minutes (After June 6th): https://github.com/AICC/CMI-5_Spec_Current/wiki

CMI-5 on GitHub: https://github.com/AICC

CMI 5 Working Group Meeting Minutes – August 22nd, 2014 - AICC/CMI-5_Spec_Current GitHub Wiki