[Openid-specs-fapi] Issue #631: shall vs shall only (openid/fapi)
dgtonge
issues-reply at bitbucket.org
Wed Nov 22 15:10:03 UTC 2023
New issue 631: shall vs shall only
https://bitbucket.org/openid/fapi/issues/631/shall-vs-shall-only
Dave Tonge:
From the discussion here: [https://bitbucket.org/openid/fapi/pull-requests/442](https://bitbucket.org/openid/fapi/pull-requests/442)
Lukasz made a good point that we don’t appear to be consistent with our use of shall and shall only, for example:
**shall** support confidential clients as defined in \[@!RFC6749\];
**shall only** issue sender-constrained access tokens;
We discussed on the call today that while not recommended, it should be possible for a FAPI2 compliant AS to support non-FAPI2 flows - we should bear this in mind when considering this issue.
More information about the Openid-specs-fapi
mailing list