[Openid-specs-ipsie] Initial Draft of IPSIE Common Requirements
Dean H. Saxe
dean at thesax.es
Wed Jul 9 20:03:07 UTC 2025
IPSIE WG,
As discussed on the past few calls, I’ve started a draft of the common
requirements for IPSIE compliant services. This document pulls common
guidance (e.g. use TLS) out of individual documents, such as the OpenID
Connect SL1 profile, and embeds them in the common requirements. This will
prevent us from having to rewrite these requirements in multiple
profiles. Further, it includes security requirements from NIST SP800-63C
rev4 at FAL2 where they are appropriate for the federation and identity
synchronization profiles of IPSIE.
You can find the latest draft in my GitHub repo
<https://github.com/deansaxe/draft-saxe-ipsie-common-requirements-profile>
as markdown, along with an editor’s copy
<https://deansaxe.github.io/draft-saxe-ipsie-common-requirements-profile/draft-saxe-ipsie-common-requirements-profile.html>.
I’ve
also attached the editor’s copy as an HTML document for review. Note that
there are a number of related issues
<https://github.com/openid/ipsie/issues> for IPSIE that this document will
close if it is adopted by the WG. I will be going through issues today and
adding a “pending closure” label to all of the issues that the document
resolves. This will serve as a placeholder for the chairs to close these
issues at a later date.
If there are any questions about the draft document or related issues,
please let me know.
Thank you,
-dhs
--
Dean H. Saxe
dean at thesax.es
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ipsie/attachments/20250709/e1fd21d8/attachment-0001.htm>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ipsie/attachments/20250709/e1fd21d8/attachment-0001.html>
More information about the Openid-specs-ipsie
mailing list