[Openid-specs-heart] HEART WG AGENDA Monday April 20, 2020
Steinar Noem
steinar at udelt.no
Tue Apr 21 14:16:46 UTC 2020
Just a comment regarding FAPI. The FAPI WG is working on FAPI version 2
which has a different wording and approach.
https://bitbucket.org/openid/fapi/src/master/FAPI_2_0_Baseline_Profile.md
"OIDF FAPI 2.0 is an API security profile based on the OAuth 2.0
Authorization Framework"
In my opinion it doesn't make sense to specify another OAuth security
profile for HEART. I think that if we see a reason to either ease up or
tighten the requirements specified in FAPI this could be solved by adding
specific amendments (not sure if that is the correct word to use in this
context).
Could we invite Daniel Fett from the FAPI WG to do a presentation of FAPI
to the HEART WG to get a common understanding?
-Steinar
man. 20. apr. 2020 kl. 19:31 skrev Adrian Gropper <agropper at healthurl.com>:
> Thanks for putting up a straw charter, Tom.
>
> I disagree with the FAPI reference.
>
> Here is what FAPI says at https://openid.net/wg/fapi :
> 'Specifically, the FAPI WG aims to provide JSON data schemas, security
> and privacy recommendations and protocols to:
>
> - enable applications to utilize the data stored in the financial
> account,
> - enable applications to interact with the financial account, and
> - enable users to control the security and privacy settings.'
>
> The word "users" would need to be "applications" in order to enable the
> UMA2 "wide ecosystem" model at the core of a patient-centered system.
> Patients need the ability to specify the agent of their choice. UMA2 (and
> future OAuth3 deigns) should be used to do this.
>
> - Adrian
>
> On Mon, Apr 20, 2020 at 12:35 PM Tom Jones <thomasclinganjones at gmail.com>
> wrote:
>
>> I haven't seen any ideas, so i offer this as a starting point. It is
>> intentionally brief to try to focus on the big ideas first.
>> Peace ..tom
>>
>>
>> On Fri, Apr 17, 2020 at 7:16 AM Debbie Bucci <debbucci at gmail.com> wrote:
>>
>>> Hello Everyone,
>>>
>>> REMINDER:
>>>
>>> When: 1 PM PST/4 PM EST
>>> Where: Gotomeeting – https://global.gotomeeting.com/join/785234357
>>> GoToMeeting software is available on Mac, PC, iPhone, and Android Phone.
>>> Using VoIP option of GoToMeeting is preferred. If you must use a plain
>>> old telephone for some reason, here is the US phone number: +1 (619)
>>> 550-0003. Access Code 785-234-357
>>> *Please Note: Participation in the call is limited to the 20 most active
>>> members at the discretion of the chairs due to the number of lines
>>> available.*
>>>
>>> *AGENDA:*
>>> *Create/Update HEART Charter - link of existing for reference *
>>> https://openid.net/wg/heart/charter/
>>>
>>> Hope you will join us!
>>>
>>>
>>> _______________________________________________
>>> Openid-specs-heart mailing list
>>> Openid-specs-heart at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>>>
>> _______________________________________________
>> Openid-specs-heart mailing list
>> Openid-specs-heart at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
--
Vennlig hilsen
Steinar Noem
Partner Udelt AS
Systemutvikler
| steinar at udelt.no | hei at udelt.no | +47 955 21 620 | www.udelt.no |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20200421/6b302efd/attachment.html>
More information about the Openid-specs-heart
mailing list