[Openid-specs-fapi] Publishing FAPI 1.0 advanced errata set to openid.net/specs/

Nat Sakimura nat at sakimura.org
Sat Apr 26 11:16:25 UTC 2025 

It is not exactly like a normal diff where only the changed part is shown.
This is the entire file where the changed portion is marked up in Pink (now
being cherry blossom season.)
So it is not as bad as it seems initially.

2025年4月24日(木) 1:52 Brian Campbell <bcampbell at pingidentity.com>:

> Thanks Nat,
>
> I have to be honest though, I only glanced at the document and my first
> and only thought was that a 28 page pdf diff is unlikely to have content
> appropriate for errata.
>
>
>
> On Wed, Apr 23, 2025 at 9:40 AM Nat Sakimura <nat at sakimura.org> wrote:
>
>> As I have promised in the call today, I have created a file highlighting
>> the differences between the final and proposed errata.
>>
>> Clearly, the newly added "Abstract" does not work. The text does not
>> represent Part 2.
>> Also, "Abstract" should not be there as for FAPI 1 at least, we are
>> drafting according to the ISO Directive Part 2.
>> Adding it does not help. It should be removed.
>>
>> Besides that, I spotted that BCP195 needs to be added to the Normative
>> reference as it is referred to with a "shall" now.
>>
>> Finally, I note that this is not a "corresponding update", as I
>> understand.
>>
>> Cheers,
>>
>> Nat
>>
>> 2025年4月23日(水) 21:29 Brian Campbell via Openid-specs-fapi <
>> openid-specs-fapi at lists.openid.net>:
>>
>>> I do think it's problematic to publish what are effectively breaking
>>> changes as errata. With little to no indication that there are substantive
>>> changes or even what they are. That comment is really in regard to the
>>> errata updates to OpenID Connect Core and CIBA Core (corresponding WG's
>>> cc'd). I'd suggest those actions be revisited to at least provide readers
>>> some indication of the breaking change.
>>>
>>> Although the prospective FAPI 1.0 errata were described as corresponding
>>> updates, I don't see what I would have expected in the document based on my
>>> understanding of corresponding. Maybe I missed it or my understanding is
>>> wrong. It is difficult to assess what has changed when the errata update
>>> includes a whole reformatting of the document.
>>>
>>> On Mon, Apr 14, 2025 at 12:44 PM Michael Jones via Openid-specs-fapi <
>>> openid-specs-fapi at lists.openid.net> wrote:
>>>
>>>> The proposed errata changes to FAPI 1.0 Advanced are at
>>>> https://openid.bitbucket.io/fapi/openid-financial-api-part-2-1_0.html
>>>> but not yet published to openid.net/specs/.  I think it makes sense to
>>>> do so.
>>>>
>>>>
>>>>
>>>> I’ll note that the corresponding errata updates to OpenID Connect Core
>>>> and CIBA Core have been published there.  See
>>>> https://openid.net/specs/openid-connect-core-1_0-36.html and
>>>> https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-06.html
>>>> .
>>>>
>>>>
>>>>
>>>> Is the working group supportive of publishing draft 10 to
>>>> openid.net/specs/?
>>>>
>>>>
>>>>
>>>> I do have one editorial question.  Why is it that the title in the
>>>> source
>>>> <https://bitbucket.org/openid/fapi/raw/92a88dfb26fc6d95f22f305f85eb2308fec0f5f3/FAPI_1.0/openid-financial-api-part-2-1_0.md>
>>>> is
>>>>
>>>> title: FAPI security profile 1.0 - Part 2: Advanced - draft 10
>>>> incorporating errata set 1
>>>>
>>>> whereas the title in the draft
>>>> <https://openid.bitbucket.io/fapi/openid-financial-api-part-2-1_0.html>
>>>> is
>>>>
>>>> *FAPI security profile 1.0 - Part 2: Advanced - draft 10 incorporating
>>>> errata set 1 - 1*
>>>>
>>>> (with the extra “ – 1” at the end)?
>>>>
>>>>
>>>>
>>>>                                                                 Thanks,
>>>>
>>>>                                                                 -- Mike
>>>>
>>>>
>>>> _______________________________________________
>>>> Openid-specs-fapi mailing list
>>>> Openid-specs-fapi at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/openid-specs-fapi
>>>>
>>>
>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>> privileged material for the sole use of the intended recipient(s). Any
>>> review, use, distribution or disclosure by others is strictly prohibited.
>>> If you have received this communication in error, please notify the sender
>>> immediately by e-mail and delete the message and any file attachments from
>>> your computer. Thank you.*
>>> _______________________________________________
>>> Openid-specs-fapi mailing list
>>> Openid-specs-fapi at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/openid-specs-fapi
>>>
>>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20250426/c2c1fddd/attachment.htm>

More information about the Openid-specs-fapi mailing list