[Openid-specs-fapi] Title change of Part 1 and Part 2.

Ralph Bragg ralph.bragg at raidiam.com
Thu Oct 24 16:50:22 UTC 2019


And it leaves room for “extreme” “draconian” and other profiles to be slotted around the “substantial” and “high”. Perhaps a key document will be required to offer clarity.

“low”
“substantial”
“high”
“extreme”
“draconian”

Or should it be draconian and then extreme… ☺

From: Openid-specs-fapi <openid-specs-fapi-bounces at lists.openid.net> on behalf of Steinar Noem via Openid-specs-fapi <openid-specs-fapi at lists.openid.net>
Reply to: Financial API Working Group List <openid-specs-fapi at lists.openid.net>
Date: Thursday, 24 October 2019 at 17:45
To: Financial API Working Group List <openid-specs-fapi at lists.openid.net>
Cc: Steinar Noem <steinar at udelt.no>, Rob Otto <robotto at pingidentity.com>
Subject: Re: [Openid-specs-fapi] Title change of Part 1 and Part 2.

I like it a lot.

For me “High” and «Substantial» maps to the LoA from eIDAS. And an unprofiled use of OAuth perhaps would map to “Low”.

tor. 24. okt. 2019 kl. 18:19 skrev Rob Otto via Openid-specs-fapi <openid-specs-fapi at lists.openid.net<mailto:openid-specs-fapi at lists.openid.net>>:
Hi folks. I agree that we should definitely re-look these names!

I must admit, to me it was not immediately clear how "substantial" and "high" related to one another since there is no natural ordering of these terms in English. Turns out that "high" should be interpreted as more secure than "substantial" but that wasn't clear to me on first reading. Is this just me, or do others find the same thing?

Best regards
Rob


On Thu, 24 Oct 2019 at 16:34, Nat Sakimura via Openid-specs-fapi <openid-specs-fapi at lists.openid.net<mailto:openid-specs-fapi at lists.openid.net>> wrote:
Hi

Back in the IIW, I discussed with Torsten about the potential title
change of Part 1 and Part 2. Currently, they are Read Only and
Read&Write respectively but there are cases where the read only data is
very sensitive while write operation is not of high value.

Thus, we agreed that the current name may not be representing the real
intention: Medium and High security profile respectively.

During the discussion, we came up with the name:

- Substantial (for Part 1)
- High (for Part 2)

It follows eIDAS marking.

More details are recorded in the ticket #271.

https://bitbucket.org/openid/fapi/issues/271/rename-and-adjust-fapi-profiles

The participants in the Oct. 9 call all agreed to it.
This mail is to solicit wider opinions on it.

Please let us know of your opinions.

Best,

Nat Sakimura
Chair, FAPI WG.
_______________________________________________
Openid-specs-fapi mailing list
Openid-specs-fapi at lists.openid.net<mailto:Openid-specs-fapi at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-fapi


--
[Image removed by sender. Ping Identity]<https://www.pingidentity.com/>
Rob Otto
EMEA Field CTO/Solutions Architect
robertotto at pingidentity.com<mailto:robertotto at pingidentity.com>

c: +44 (0) 777 135 6092
Connect with us:
[Image removed by sender. Glassdoor logo]<https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm>[Image removed by sender. LinkedIn logo]<https://www.linkedin.com/company/21870>[Image removed by sender. twitter logo]<https://twitter.com/pingidentity>[Image removed by sender. facebook logo]<https://www.facebook.com/pingidentitypage>[Image removed by sender. youtube logo]<https://www.youtube.com/user/PingIdentityTV>[Image removed by sender. Google+ logo]<https://plus.google.com/u/0/114266977739397708540>[Image removed by sender. Blog logo]<https://www.pingidentity.com/en/blog.html>
[Image removed by sender.]<https://www.pingidentity.com/en/events/d/identify-2019.html>

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
Openid-specs-fapi mailing list
Openid-specs-fapi at lists.openid.net<mailto:Openid-specs-fapi at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-fapi
--
Vennlig hilsen

Steinar Noem
Partner Udelt AS
Systemutvikler

| steinar at udelt.no<mailto:steinar at udelt.no> | hei at udelt.no<mailto:hei at udelt.no>  | +47 955 21 620 | www.udelt.no<http://www.udelt.no/> |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20191024/b5f128c9/attachment-0001.html>


More information about the Openid-specs-fapi mailing list