[Openid-specs-fapi] April 3 Meeting Notes are available now
Anders Rundgren
anders.rundgren.net at gmail.com
Wed Apr 4 12:53:48 UTC 2018
On 2018-04-04 01:39, Nat Sakimura via Openid-specs-fapi wrote:
> The meeting notes are available at
> https://bitbucket.org/openid/fapi/wiki/FAPI_Meeting_Notes_2018-04-03
"3.1. #135 Confidential client needs a strong identity for the user
to verify real world entity
It was discussed that it would be very important for the Banks to
show who is asking for the money. The client needs to be identity
proofed strongly and then authenticated strongly so that its identity
can be shown to the user before the user gives consent"
It is not very clear to me what is asked for here and when.
Is it about identification/authentication of the Merchant to the user as well as to the bank?
AFAICT, this is performed by the PISP/TTP.
There are other ways dealing with this issue but they tend to limit the PISP "value proposition".
Anders
>
> ---
> Nat Sakimura
> Research Fellow, Nomura Research Institute
> Chairman of the Board, OpenID Foundation
>
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>
More information about the Openid-specs-fapi
mailing list