[Openid-specs-fapi] FAPI 2 Advanced Profile / Recommendations for signing resource requests/responses

Daniel Fett fett at danielfett.de
Fri Jun 5 08:19:56 UTC 2020


Hi all,

I prepared a first (rough) draft of the FAPI 2 Advanced profile and
would welcome your feedback:
https://bitbucket.org/openid/fapi/src/c28fc020e7ab9377d96501f2b4daa9a9da8f2128/FAPI_2_0_Advanced_Profile.md?at=danielfett%2Ffapi2%2Fadvanced

One open question is whether we can give recommendations regarding
resource request and response signing. We currently have
https://bitbucket.org/openid/fapi/src/master/Financial_API_HTTP_Signing.md
which lists "typical requirements" but does not give concrete advice.

eTSI is developding JAdES and there is some work ongoing in the IETF
HTTP group as well.

What are other options that we should take a look at?

-Daniel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20200605/c75301f0/attachment.html>


More information about the Openid-specs-fapi mailing list