[Openid-specs-fapi] Issue #529: Applicability of Security BCP to FAPI 2.0 (openid/fapi)
SECtim
issues-reply at bitbucket.org
Tue Jul 26 07:12:03 UTC 2022
New issue 529: Applicability of Security BCP to FAPI 2.0
https://bitbucket.org/openid/fapi/issues/529/applicability-of-security-bcp-to-fapi-20
DN:
Section “Differences to FAPI 1.0” of FAPI 2.0 says that FAPI 2.0 implementations “shall adhere to Security BCP”, which presumably refers to the “OAuth 2.0 Security Best Current Practice” draft. While some parts of the BCP draft are referenced by FAPI 2.0, it remains unclear whether implementations are required to conform to the full BCP or just the parts explicitly referenced by FAPI 2.0.
More information about the Openid-specs-fapi
mailing list