[Openid-specs-fapi] Conference & Consultation on eIDAS & PSD2

Wed Jan 31 09:35:27 UTC 2018

Interesting. Thanks. 

It is colliding with IETF London though, and OIDF meeting @ London on
the March 21 ... 

Lots of things going on ... 

---
Nat Sakimura
Research Fellow, Nomura Research Institute
Chairman of the Board, OpenID Foundation

On 2018-01-31 10:04, Dave Tonge via Openid-specs-fapi wrote: 

> Hi, 
> 
> This conference may be of interest: 
> https://www.openbankingeurope.eu/eidas-meets-psd2-securing-access-financial-services-qualified-certificates/ [2] 
> 
> The spec for consultation is here: 
> https://docbox.etsi.org/ESI/Open/Latest_Drafts/ts_119495v000003_for-public-review.pdf [3]
> 
> From a brief scan it seems that they are proposing that: 
> 
>> The PSD2 specific attributes shall be included in a QCStatement within the qcStatements extension as specified in clause 3.2.6 of IETF RFC 3739 [6].
> 
> The general idea is that a TPP (third party provider): 
> 1. registers with the regulator, 
> 2. goes to a special type of CA called a QTSP (qualified trust service provider) 
> 3. the QTSP verifies their identity and registration status with the regulator and issues a certificate with PSD2 claims embedded 
> 4. the TPP then uses that certificate to call a banks APIs over mutual TLS 
> 
> Regards 
> -- 
> 
> Dave Tonge 
> CTO 
> [4] 
> 10 Temple Back, Bristol, BS1 6FL t: +44 (0)117 280 5120 
> 
> Moneyhub Enterprise is a trading style of Momentum Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Momentum Financial Technology is entered on the Financial Services Register (FRN 561538) at fca.org.uk/register [5]. Momentum Financial Technology is registered in England & Wales, company registration number 06909772 (c) . Momentum Financial Technology Limited 2016. DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or 
 in any
attachments) are those of the author and do not necessarily represent the opinions of Momentum Financial Technology Limited or of any other group company. 
> 
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi [1]

Links:
------
[1] http://lists.openid.net/mailman/listinfo/openid-specs-fapi
[2]
https://www.openbankingeurope.eu/eidas-meets-psd2-securing-access-financial-services-qualified-certificates/
[3]
https://docbox.etsi.org/ESI/Open/Latest_Drafts/ts_119495v000003_for-public-review.pdf
[4]
http://www.google.com/url?q=http%3A%2F%2Fmoneyhubenterprise.com%2F&sa=D&sntz=1&usg=AFQjCNGUnR5opJv5S1uZOVg8aISwPKAv3A
[5] http://fca.org.uk/register
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20180131/83bef333/attachment-0001.html>