[Openid-specs-heart] HEART WG AGENDA Monday April 20, 2020

Tue Apr 21 14:59:41 UTC 2020

Agree we are generally heading in that direction but there may be a Diff
between what FAPI covers in near term and addition requirements ( examples;
Delegation, support of different client types) (?)

On Tue, Apr 21, 2020 at 10:56 AM Justin Richer <jricher at mit.edu> wrote:

> This is what I proposed on the call yesterday, to adopt FAPI as the
> “mechanical” specification base for HEART going forward.
>
> We only defined HEART’s mechanical specifications because there weren’t
> any at the time — we were the first vertically-focused group within OIDF.
> FAPI is now seeking to position themselves as a general purpose baseline
> across different verticals. It’s up to HEART wether to adopt that or not.
>
>
>  — Justin
>
> On Apr 21, 2020, at 10:16 AM, Steinar Noem <steinar at udelt.no> wrote:
>
> Just a comment regarding FAPI. The FAPI WG is working on FAPI version 2
> which has a different wording and approach.
> https://bitbucket.org/openid/fapi/src/master/FAPI_2_0_Baseline_Profile.md
> "OIDF FAPI 2.0 is an API security profile based on the OAuth 2.0
> Authorization Framework"
>
> In my opinion it doesn't make sense to specify another OAuth security
> profile for HEART. I think that if we see a reason to either ease up or
> tighten the requirements specified in FAPI this could be solved by adding
> specific amendments (not sure if that is the correct word to use in this
> context).
>
> Could we invite Daniel Fett from the FAPI WG to do a presentation of FAPI
> to the HEART WG to get a common understanding?
>
> -Steinar
>
> man. 20. apr. 2020 kl. 19:31 skrev Adrian Gropper <agropper at healthurl.com
> >:
>
>> Thanks for putting up a straw charter, Tom.
>>
>> I disagree with the FAPI reference.
>>
>> Here is what FAPI says at https://openid.net/wg/fapi :
>> 'Specifically, the FAPI WG aims to provide JSON data schemas, security
>> and privacy recommendations and protocols to:
>>
>>    - enable applications to utilize the data stored in the financial
>>    account,
>>    - enable applications to interact with the financial account, and
>>    - enable users to control the security and privacy settings.'
>>
>> The word "users" would need to be "applications" in order to enable the
>> UMA2 "wide ecosystem" model at the core of a patient-centered system.
>> Patients need the ability to specify the agent of their choice. UMA2 (and
>> future OAuth3 deigns) should be used to do this.
>>
>> - Adrian
>>
>> On Mon, Apr 20, 2020 at 12:35 PM Tom Jones <thomasclinganjones at gmail.com>
>> wrote:
>>
>>> I haven't seen any ideas, so i offer this as a starting point. It is
>>> intentionally brief to try to focus on the big ideas first.
>>> Peace ..tom
>>>
>>>
>>> On Fri, Apr 17, 2020 at 7:16 AM Debbie Bucci <debbucci at gmail.com> wrote:
>>>
>>>> Hello Everyone,
>>>>
>>>> REMINDER:
>>>>
>>>> When: 1 PM PST/4 PM EST
>>>> Where: Gotomeeting  – https://global.gotomeeting.com/join/785234357
>>>> GoToMeeting software is available on Mac, PC, iPhone, and Android Phone.
>>>> Using VoIP option of GoToMeeting is preferred. If you must use a plain
>>>> old telephone for some reason, here is the US phone number: +1 (619)
>>>> 550-0003. Access Code 785-234-357
>>>> *Please Note: Participation in the call is limited to the 20 most
>>>> active members at the discretion of the chairs due to the number of lines
>>>> available.*
>>>>
>>>> *AGENDA:*
>>>> *Create/Update HEART Charter - link of existing for reference *
>>>> https://openid.net/wg/heart/charter/
>>>>
>>>> Hope you will join us!
>>>>
>>>>
>>>> _______________________________________________
>>>> Openid-specs-heart mailing list
>>>> Openid-specs-heart at lists.openid.net
>>>> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>>>>
>>> _______________________________________________
>>> Openid-specs-heart mailing list
>>> Openid-specs-heart at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>>>
>> _______________________________________________
>> Openid-specs-heart mailing list
>> Openid-specs-heart at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>>
>
>
> --
> Vennlig hilsen
>
> Steinar Noem
> Partner Udelt AS
> Systemutvikler
>
> | steinar at udelt.no | hei at udelt.no  | +47 955 21 620 | www.udelt.no |
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20200421/680424e8/attachment.html>