[Openid-specs-fapi] Lodging Intent & Request Object
Anders Rundgren
anders.rundgren.net at gmail.com
Thu May 23 05:30:36 UTC 2019
On 2019-04-20 20:20, Torsten Lodderstedt via Openid-specs-fapi wrote:
> Hi all,
>
> as announced I just published my thoughts on the different ways to cope with transaction authorization.
>
> Please find the article here: https://medium.com/oauth-2/transaction-authorization-or-why-we-need-to-re-think-oauth-scopes-2326e2038948
>
> I look forward to getting your feedback.
Hi Torsten,
I'm definitely *not* an authority on OAuth2, but this guy is:
https://auth0.com/blog/on-the-nature-of-oauth2-scopes/
It was somewhat funny to see that he had already identified the "Hammer" syndrome which I mentioned on the list a while ago.
I remain faithful to my claim that "Consumer Payments" and "Financial Services" have little in common and would gain by being run as *separate tracks*. For "Consumer Payments" an entirely different architecture building on extending the payment card concept seems plausible. In fact, I believe it is more or less a de-facto standard for mobile payment systems but I can't prove that since everything out there is secret and NDA-protected.
How well your proposal fits "Financial Services" is beyond my knowledge since I have no relevant experience in that area.
> kind regards,
U2
Anders
> Torsten.
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>
More information about the Openid-specs-fapi
mailing list