[Openid-specs-fapi] Issue #354: Numbering: FAPI Part 2 Section 5.2 (openid/fapi)

Takahiko Kawasaki issues-reply at bitbucket.org
Sat Dec 26 10:02:08 UTC 2020


New issue 354: Numbering: FAPI Part 2 Section 5.2
https://bitbucket.org/openid/fapi/issues/354/numbering-fapi-part-2-section-52

Takahiko Kawasaki:

The change of section numbering made between ID2 and Final has made it difficult to compare the differences.

ID2 \([https://openid.net/specs/openid-financial-api-part-2-ID2.html](https://openid.net/specs/openid-financial-api-part-2-ID2.html)\)

* Section 5.2.3. Public client
* Section 5.2.4. Confidential client
* Section 5.2.5. JWT Secured Authorization Response Mode

Proposed Final \([https://openid.net/specs/openid-financial-api-part-2-wd-07.html](https://openid.net/specs/openid-financial-api-part-2-wd-07.html)\)

* Section 5.2.3. ID Token as detached signature
* Section 5.2.4. JARM
* Section 5.2.5. Confidential client
* Section 5.2.6. ID Token as detached signature
* Section 5.2.7. JARM
* Section 5.2.8. \(withdrawn\)
* Section 5.2.9. \(withdrawn\)

One way to mitigate this problem would be to number the sections like below.

* Section 5.2.3. \(withdrawn; merged into 5.2.4\)
* Section 5.2.4. Confidential client
* Section 5.2.5. \(withdrawn\) or use the content of ID2’s Section 5.2.5 // The proposed final does not have the content which corresponds to ID2’s Section 5.2.5, but is it necessary to drop the content?
* Section 5.2.6. ID Token as detached signature
* Section 5.2.7. JARM
* Section 5.2.8. ID Token as detached signature // if it’s necessary to create an independent section separately for requirements regarding “ID Token as detached signature” for “client” \(not authorization server\). Can’t they be merged into one section?
* Section 5.2.9. JARM // if it’s necessary to create an independent section separately for requirements regarding “JARM” for “client” \(not authorization server\). Can’t they be merged into one section?

However, considering the schedule for voting \([https://openid.net/2020/11/30/notice-of-vote-for-proposed-final-fapi-1-0-part-1-and-part-2-specifications/](https://openid.net/2020/11/30/notice-of-vote-for-proposed-final-fapi-1-0-part-1-and-part-2-specifications/)\), it may be too late to point out the problem now. If the schedule has higher priority, I have no mind to stick to this issue. I just wanted to report the problem which implementers like me would face in future.

‌




More information about the Openid-specs-fapi mailing list