[Openid-specs-risc] Notes from today's call
Matt Domsch
matt.domsch at sailpoint.com
Wed Mar 31 15:50:38 UTC 2021
Re this conversation:
Compromised credentials
· Timestamp property can be the same as that used by the other CAEP events
· Is “compromised credentials” a RISC or CAEP event? It was initially thought of as a RISC event, but it can be in either.
· Based on the definition of RISC vs CAEP, it makes more sense to be a RISC event.
1) Stan, I may have missed this, but did you determine that a timestamp value is appropriate to always include in this event now? I had thought there is a case where it wasn’t known so you didn’t want to include it, which is what drove the determination last week that event_timestamp in CAEP events would have to be optional.
2) With the determination here that the event belongs in RISC (which doesn’t have a required member event_timestamp, but the event can have it it as optional in with the same definition as CAEP uses), then once again, all CAEP profile events DO require event_timestamp, and we can make it required once again in the CAEP profile.
Thanks,
Matt
Matt Domsch
VP, Engineering Fellow
matt.domsch at sailpoint.com<mailto:matt.domsch at sailpoint.com>
mobile: 512-981-6486
www.sailpoint.com<http://www.sailpoint.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20210331/69966096/attachment-0001.html>
More information about the Openid-specs-risc
mailing list