[Openid-specs-fapi] Name change and FAPI Evolution

Daniel Fett fett at danielfett.de
Thu Feb 20 13:30:21 UTC 2020


Yes, it should be Baseline.

-Daniel

Am 20.02.20 um 14:19 schrieb n-sakimura:
> Thanks. That sounds good, though the name that was talked about in the
> room in the F2F London was “Baseline” instead of “Basic”. 
>
> Best, 
>
> Nat
>
> PLEASE READ:This e-mail is confidential and intended for
> the named recipient only. If you are not an intended recipient,
> please notify the sender and delete this e-mail.
>
>> 2020/02/19 15:59、Daniel Fett via Openid-specs-fapi
>> <openid-specs-fapi at lists.openid.net>のメール:
>>
>> 
>> +1
>>
>> FWIW, I'm currently preparing a first draft for 2.0. I currently
>> expect 2.0 to consist of separate documents for the attacker model,
>> the two profiles, grant management and potentially CIBA.
>>
>> -Daniel
>>
>> Am 19.02.20 um 16:34 schrieb Dave Tonge via Openid-specs-fapi:
>>> Dear WG
>>>
>>> We had a good discussion on the call today around the next steps for
>>> FAPI and came to the following conclusion:
>>>
>>> 1. We should use versioning to indicate that the FAPI evolution is a
>>> new major version
>>> 2. We need to keep support for the current FAPI-R and FAPI-RW for
>>> some time as they have been implemented by many people and have a
>>> good suite of conformance tests.
>>> 3. There were no objections to the names of "Basic" and "Advanced"
>>>
>>> With this in mind we propose:
>>>
>>> 1. The current "Financial-grade API - Part 1: Read-Only API Security
>>> Profile" (FAPI Read) spec should be changed to "Financial-grade API
>>> 1.0 - Part 1: Read-Only API Security Profile (FAPI 1.0 Read)
>>> 2. The current "Financial-grade API - Part 2: Read and Write API
>>> Security Profile" (FAPI Read/Write) spec should be changed to
>>> "Financial-grade API 1.0 - Part 2: Read and Write API Security
>>> Profile (FAPI 1.0 Read/Write)
>>> 3. We introduce two new documents:
>>>  - Financial-grade API 2.0 - Basic Security Profile" (FAPI 2.0 Basic)
>>>  - Financial-grade API 2.0 - Advanced Security Profile" (FAPI 2.0
>>> Advanced)
>>>
>>> This will allow us to maintain the existing specs (and their
>>> associated conformance suites). It will also allow the evolution of
>>> FAPI that we've been discussing to move ahead - including with new
>>> names to signal use-cases beyond financial read and financial
>>> read/write. The new documents (2.0 Basic and 2.0 Advanced) can be
>>> re-ordered and won't need to maintain backwards compatibility to the
>>> numbering of sections and list items.
>>>
>>> It would be good to get feedback from the WG about this proposal as
>>> we are keen to move forward.
>>>
>>> Thanks
>>>
>>> Dave
>>>
>>> -- 
>>> Dave Tonge
>>> FAPI Co-Chair
>>>
>>>
>>> _______________________________________________
>>> Openid-specs-fapi mailing list
>>> Openid-specs-fapi at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>>
>>
>> _______________________________________________
>> Openid-specs-fapi mailing list
>> Openid-specs-fapi at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-fapi


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20200220/9a413895/attachment.html>


More information about the Openid-specs-fapi mailing list