[Openid-specs-fapi] Issue #425: FAPI 2.0 Purpose and FAPI WG Scope (openid/fapi)
dgtonge
issues-reply at bitbucket.org
Wed Jun 23 15:57:13 UTC 2021
New issue 425: FAPI 2.0 Purpose and FAPI WG Scope
https://bitbucket.org/openid/fapi/issues/425/fapi-20-purpose-and-fapi-wg-scope
Dave Tonge:
There was some discussion on the call today about the purpose of FAPI 2.0 and how it fits with the WG Charter.
The current charter - [https://openid.net/wg/fapi/charter/](https://openid.net/wg/fapi/charter/) is a little outdated, but is fairly broad in its remit. I don’t personally think that the charter prevents us from producing specifications based on OIDC / OAuth 2 that aid interoperability and security.
The purpose for FAPI 2.0 as expressed in our [FAQ](https://openid.net/wg/fapi/faq/) is:
* complete interoperability at the interface between client and authorization server as well as interoperable security mechanisms at the interface between client and resource server.
* easier to use than FAPI 1.0
* alignment with OAuth Security BCP
* clear attacker model
It would be good to get any feedback on this.
More information about the Openid-specs-fapi
mailing list