[Openid-specs-fapi] Issue #431: FAPI 2.0 Baseline Attacker model not referenced. (openid/fapi)

Ralph Bragg issues-reply at bitbucket.org
Mon Jul 19 07:56:41 UTC 2021


New issue 431: FAPI 2.0 Baseline Attacker model not referenced.
https://bitbucket.org/openid/fapi/issues/431/fapi-20-baseline-attacker-model-not

Ralph Bragg:

There is a missing reference to the attacker model in the FAPI 2.0 Baseline Specification.

## [2. ](https://openid.net/specs/fapi-2_0-baseline.html#section-2)[Baseline Profile](https://openid.net/specs/fapi-2_0-baseline.html#name-baseline-profile)

OIDF FAPI is an API security profile based on the OAuth 2.0 Authorization Framework \[[RFC6749](https://openid.net/specs/fapi-2_0-baseline.html#RFC6749)\]. This Baseline Profile aims to reach the security goals laid out in the **\[Attacker Model\].**

‌



More information about the Openid-specs-fapi mailing list