(registered 2019-02-12, last updated 2019-02-12)

Scheme name: mss

Status: 'Provisional'

Scheme syntax: mss:Brand:Operation:LoA:SSCD#Fragment 
Examples: mss:ficom.fi:authn:loa4:UICC
          mss:ficom.fi:authn:loa4:UICC#rsa&2048
          mss:ficom.fi:consent:loa4:any

Applications/protocols that use this scheme name: Protocol between MSSP (Mobile 
Signature Service Provider) [1][2][3] and other MSSPs or MSSP clients (web 
applications, and libraries). Protocols are defined in ETSI TS 102 204 [4][7] 
and ETSI TS 102 207 [6].

Scheme semantics: "mss" scheme provides a systematic way for MSS clients to 
define a signature profile (mss:SignatureProfile) used when requesting a 
signature (MSS_SignatureReq) from the MSSP platform. The signature profile 
defines reason and quality of the requested signature. Therefore,
the signature profile should be self-descriptive and simple to construct.

Semantics:
          Brand: Brand name of the mobile signature service 
          Operation: PKI operation (sign, authn, consent, encrypt, pop etc)
          Level of Assurance (LoA): ISO/IEC 2915
          Secure Signature-Creation Device (SSCD): CWA 14169 (2004): Secure
                                                   Signature-Creation Devices

When an URI element (authority, path etc.) is not important, then it may be 
replaced with "any" literal. All trailing any-literals can be left away to 
simplify the URI representation. Fragment part of the URI can be used for 
optional technical details.

Encoding considerations: The commercial brand name, which requires special
characters, must be percent-encoded. Therefore, only the ASCII characters for 
the lowercase and uppercase letters of the modern English alphabet, the Arabic 
numerals, hyphen, period, and underscore are recommended.

Interoperability considerations: URI level interoperability is required already
in signature roaming solutions. Therefore, all MSSPs should support this 
signature profile URI scheme without interoperability issues.

Security considerations: General security consideration is defined here [5]. 
The signature profile assurance level should be mandatory, when there are 
various assurance level devices available.

Contact: Jarmo Miettinen <jarmo(dot)miettinen(at)methics(dot)fi>; 
Scheme creator: Methics Oy, (www.methics.fi).

Change controller: The contact defined in the previous answer or someone who is 
verified to represent the scheme creator.

References: 
	[1] https://en.wikipedia.org/wiki/Mobile_Signature_Service
	[2] https://en.wikipedia.org/wiki/Mobile_signature 
	[3] ETSI; Mobile Commerce; Mobile signatures; business and functional 
        requirements. Technical report 102 203, May 2003a.
	[4] ETSI; Mobile Commerce; Mobile signatures; Web service interface.
        TS 102 204, August 2003b.
	[5] ETSI; Mobile Commerce; Mobile signatures; security framework;
        TR 102 206, August 2003c.
	[6] ETSI; Mobile Commerce (M-COMM); Mobile signatures; Specifications for 
        roaming in mobile signature services. TS 102 207, August 2003d.
	[7] Finnish Federation for Telecommunications and Teleinformatics. 
        Application Guideline for ETSI’s MSS Standards. Ficom, V2.2. March 2014.