<head>
<style>
code {
font-family: SFMono-Regular, Menlo, Consolas, "PT Mono", "Liberation Mono", Courier, monospace;
}
p {
border-radius: 0px;
}
ol.custom-editor-ordered-list-class {
padding-inline-start: 0px;
margin: 1px 0px;
padding-inline-start: 24px;
min-height: calc(1.5em + 6px);
}
ul.custom-editor-bullet-list-class {
padding-inline-start: 0px;
margin: 1px 0px;
padding-inline-start: 24px;
min-height: calc(1.5em + 6px);
}
pre.custom-editor-code-block-class {
flex-shrink: 1;
text-align: left;
font-family: SFMono-Regular, Menlo, Consolas, "PT Mono", "Liberation Mono", Courier, monospace;
font-size: 13.6px;
tab-size: 2;
padding: 34px 16px 32px 32px;
min-height: 1em;
white-space: pre;
border-radius: 4px;
text-align: left;
position: relative;
background: rgba(135,131,120,.15);
min-width: 0px;
width: 100%;
box-sizing: border-box;
}
hr.custom-editor-divider-class {
border: none;
border-top: 1px solid rgba(135,131,120,.15);
width: 100%;
}
blockquote {
border-left: 3px solid currentcolor;
padding-inline-start: 14px;
margin: 0px;
margin-top: 4px;
font-size: 1em;
padding-right: 2px;
padding-top: 3px;
padding-bottom: 3px;
padding-left: 14px;
}
blockquote.light {
border-left-color: rgba(55, 53, 47, 0.16);
}
blockquote.dark {
border-left-color: rgba(255, 255, 255, 0.13);
}
aside {
display: flex;
width: 100%;
max-width: 100%;
box-sizing: border-box;
border-radius: 4px;
background: rgba(135,131,120,.15);
padding: 16px 16px 16px 12px;
white-space: pre-wrap;
word-break: break-word;
}
.callout-emoji {
user-select: none;
display: flex;
align-items: center;
justify-content: center;
height: 24px;
width: 24px;
font-size: 21.6px;
box-sizing: border-box;
margin-top: -3px;
border-radius: 0.25em;
flex-shrink: 0;
flex-grow: 0;
}
.callout-emoji > img {
height: 18px;
width: 18px;
margin-top: auto;
margin-bottom: auto;
}
.callout-content {
margin-left: 8px;
margin-top: auto;
display: table;
width: 100%;
}
.custom-editor-task-list-class {
list-style: none;
padding: 0;
margin: 0;
}
.custom-editor-task-item-class {
display: flex;
align-items: center;
}
.custom-editor-task-item-class > label {
margin-right: 0.5rem;
cursor: pointer;
user-select: none;
display: flex;
align-items: center;
}
.custom-editor-task-item-class > label > input[type="checkbox"] {
margin-right: 0.5rem;
}
.custom-editor-task-item-checked-class > * {
text-decoration: line-through rgba(55, 53, 47, 0.42);
color: rgba(55, 53, 47, 0.65);
}
.custom-editor-rendered-mention {
opacity: 0.6;
color: unset;
}
.custom-editor-rendered-mention > a {
color: unset;
}
.custom-editor-rendered-mention-page {
font-weight: 500;
max-width: 200px;
}
.custom-editor-rendered-mention-page > a {
color: unset;
}
.custom-editor-rendered-mention-page-link {
border-bottom: 0.05em solid rgba(95, 94, 91, 1);
text-decoration: none !important;
}
pre {
flex-shrink: 1;
text-align: left;
font-family: SFMono-Regular, Menlo, Consolas, "PT Mono", "Liberation Mono", Courier, monospace;
font-size: 13.6px;
tab-size: 2;
padding: 34px 16px 32px 32px;
min-height: 1em;
white-space: pre;
border-radius: 4px;
text-align: left;
position: relative;
background: rgb(247, 246, 243);
min-width: 0px;
width: 100%;
box-sizing: border-box;
text-wrap: wrap;
}
a.custom-editor-link-class {
color: rgba(120, 119, 116, 1);
cursor: pointer;
text-decoration-thickness: 0.05em;
text-underline-offset: 3px;
}
</style>
<style>
* {
-webkit-tap-highlight-color: rgba(0, 0, 0, 0);
-webkit-font-smoothing: antialiased;
line-height: 1.3;
font-family: ui-sans-serif, -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, "Apple Color Emoji", Arial, sans-serif, "Segoe UI Emoji", "Segoe UI Symbol";
}
p {
margin: 0px 0px 0px 0px !important;
min-height: 19.5px; /* Set a minimum height so empty p tags still take up vertical space; matches gmail empty line height */
}
</style>
</head>
<body>
<p dir="auto">IPSIE WG,</p><p dir="auto"></p><p dir="auto">As discussed on the past few calls, I’ve started a draft of the common requirements for IPSIE compliant services. This document pulls common guidance (e.g. use TLS) out of individual documents, such as the OpenID Connect SL1 profile, and embeds them in the common requirements. This will prevent us from having to rewrite these requirements in multiple profiles. Further, it includes security requirements from NIST SP800-63C rev4 at FAL2 where they are appropriate for the federation and identity synchronization profiles of IPSIE.</p><p dir="auto"></p><p dir="auto">You can find the latest draft in my GitHub <a target="_blank" rel="noopener noreferrer nofollow" class="custom-editor-link-class" href="https://github.com/deansaxe/draft-saxe-ipsie-common-requirements-profile">repo</a> as markdown, along with an <a target="_blank" rel="noopener noreferrer nofollow" class="custom-editor-link-class" href="https://deansaxe.github.io/draft-saxe-ipsie-common-requirements-profile/draft-saxe-ipsie-common-requirements-profile.html">editor’s copy</a>. I’ve also attached the editor’s copy as an HTML document for review. Note that there are a number of related <a target="_blank" rel="noopener noreferrer nofollow" class="custom-editor-link-class" href="https://github.com/openid/ipsie/issues">issues</a> for IPSIE that this document will close if it is adopted by the WG. I will be going through issues today and adding a “pending closure” label to all of the issues that the document resolves. This will serve as a placeholder for the chairs to close these issues at a later date.</p><p dir="auto"></p><p dir="auto">If there are any questions about the draft document or related issues, please let me know.</p><p dir="auto"></p><p dir="auto">Thank you,</p><p dir="auto">-dhs</p><p dir="auto"></p><div class="signature"><p dir="auto">--</p><div dir="auto"><p dir="auto">Dean H. Saxe</p></div><div dir="auto"><p dir="auto"><a target="_blank" rel="noopener noreferrer nofollow" class="custom-editor-link-class" href="mailto:dean@thesax.es">dean@thesax.es</a></p></div></div>
</body>