[Openid-specs-fapi] Name change and FAPI Evolution

Daniel Fett fett at danielfett.de
Wed Feb 19 15:44:07 UTC 2020


+1

FWIW, I'm currently preparing a first draft for 2.0. I currently expect
2.0 to consist of separate documents for the attacker model, the two
profiles, grant management and potentially CIBA.

-Daniel

Am 19.02.20 um 16:34 schrieb Dave Tonge via Openid-specs-fapi:
> Dear WG
>
> We had a good discussion on the call today around the next steps for
> FAPI and came to the following conclusion:
>
> 1. We should use versioning to indicate that the FAPI evolution is a
> new major version
> 2. We need to keep support for the current FAPI-R and FAPI-RW for some
> time as they have been implemented by many people and have a good
> suite of conformance tests.
> 3. There were no objections to the names of "Basic" and "Advanced"
>
> With this in mind we propose:
>
> 1. The current "Financial-grade API - Part 1: Read-Only API Security
> Profile" (FAPI Read) spec should be changed to "Financial-grade API
> 1.0 - Part 1: Read-Only API Security Profile (FAPI 1.0 Read)
> 2. The current "Financial-grade API - Part 2: Read and Write API
> Security Profile" (FAPI Read/Write) spec should be changed to
> "Financial-grade API 1.0 - Part 2: Read and Write API Security Profile
> (FAPI 1.0 Read/Write)
> 3. We introduce two new documents:
>  - Financial-grade API 2.0 - Basic Security Profile" (FAPI 2.0 Basic)
>  - Financial-grade API 2.0 - Advanced Security Profile" (FAPI 2.0
> Advanced)
>
> This will allow us to maintain the existing specs (and their
> associated conformance suites). It will also allow the evolution of
> FAPI that we've been discussing to move ahead - including with new
> names to signal use-cases beyond financial read and financial
> read/write. The new documents (2.0 Basic and 2.0 Advanced) can be
> re-ordered and won't need to maintain backwards compatibility to the
> numbering of sections and list items.
>
> It would be good to get feedback from the WG about this proposal as we
> are keen to move forward.
>
> Thanks
>
> Dave
>
> -- 
> Dave Tonge
> FAPI Co-Chair
>
>
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20200219/99a50556/attachment-0001.html>


More information about the Openid-specs-fapi mailing list