[Openid-specs-fapi] FAPI CIBA Profile
dave.tonge at momentumft.co.uk
Tue Jan 8 14:51:42 UTC 2019
boilerplate copy/paste :-)
I'll remove them.
On Tue, 8 Jan 2019 at 15:49, Brian Campbell <bcampbell at pingidentity.com>
> Looks like there are quite a few things listed in the 'Normative
> references' section that aren't actually used elsewhere in the document. Is
> that intentional? Or boilerplate copy/paste carryover?
> On Fri, Jan 4, 2019 at 1:53 AM Dave Tonge <dave.tonge at momentumft.co.uk>
>> Dear WG
>> We are keen to finish the FAPI profile of CIBA (Client Initiated
>> Backchannel Authentication) as soon as possible.
>> The core CIBA draft is here:
>> The current FAPI profile draft is here:
>> We currently have these issues open:
>> Should the FAPI profile mandate the use of signed authentication requests
>> (note this would be for non-repudiation rather than for authentication or
>> integrity protection).
>> Query about the alignment between FAPI RW and FAPI CIBA re acr/amr
>> Should FAPI CIBA poll mode have this requirement:
>> > "shall not reject or return 'slow_down' to clients that are polling at
>> an interval of 100ms or longer (except in exceptional circumstances where
>> unexpected and unprecedented server load is present), this requirement
>> shall not apply if CIBA ping mode is supported"
>> Should we require the use of login_hint_tokens rather than just
>> Please can I ask WG members to read the drafts, comment on the above
>> issues (and raise any additional issues) by *next Friday (11 Jan)*. I
>> would like to finalise discussions on the FAPI CIBA profile on the next
>> Atlantic call (16 Jan) if possible so that ideally we can start a review
>> process before the end of the month.
>> Dave Tonge
>> FAPI WG Co-Chair
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*
[image: Moneyhub Enterprise]
Moneyhub Financial Technology, 5th Floor, 10 Temple Back, Bristol, BS1 6FL
t: +44 (0)117 280 5120
Moneyhub Enterprise is a trading style of Moneyhub Financial Technology
Limited which is authorised and regulated by the Financial Conduct
Authority ("FCA"). Moneyhub Financial Technology is entered on the
Financial Services Register (FRN 809360) at fca.org.uk/register.
Technology is registered in England & Wales, company registration number
Moneyhub Financial Technology Limited 2018 ©
DISCLAIMER: This email (including any attachments) is subject to copyright,
and the information in it is confidential. Use of this email or of any
information in it other than by the addressee is unauthorised and unlawful.
Whilst reasonable efforts are made to ensure that any attachments are
virus-free, it is the recipient's sole responsibility to scan all
attachments for viruses. All calls and emails to and from this company may
be monitored and recorded for legitimate purposes relating to this
company's business. Any opinions expressed in this email (or in any
attachments) are those of the author and do not necessarily represent the
opinions of Moneyhub Financial Technology Limited or of any other group
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-fapi