- changed status to open
FAPI certification conformance profile definitions needed
Issue #224
wontfix
There are currently not specifications of the FAPI certification conformance profiles separate from the certification code itself. By comparison, the OpenID Connect certification profiles were specified by the working group separately from the code implementing them. See https://openid.net/wordpress-content/uploads/2018/06/OpenID-Connect-Conformance-Profiles.docx and https://openid.net/wordpress-content/uploads/2018/06/OpenID-Connect-Conformance-Profiles.pdf. (Yes, the Connect ones could be more complete.)
Having profile definitions that are independent of the code helps both the working group and testers.
Note that Joseph wrote some notes on what is and isn’t currently tested at https://gitlab.com/openid/conformance-suite/wikis/OP-FAPI-RW-Test-Status .
Comments (9)
-
-
-
assigned issue to
Joseph Heenan
There are currently not specifications of the FAPI certification conformance profiles separate from the certification code itself. By comparison, the OpenID Connect certification profiles were specified by the working group separately from the code implementing them. See https://openid.net/wordpress-content/uploads/2018/06/OpenID-Connect-Conformance-Profiles.docx and https://openid.net/wordpress-content/uploads/2018/06/OpenID-Connect-Conformance-Profiles.pdf. (Yes, the Connect ones could be more complete.)
Having profile definitions that are independent of the code helps both the working group and testers.
Note that Joseph wrote some notes on what is and isn’t currently tested at https://gitlab.com/openid/conformance-suite/wikis/OP-FAPI-RW-Test-Status .
-
assigned issue to
-
Joseph and Nat - I’m not sure what to do with this issue
-
I’m not sure either.
The document Mike refers to does two things:
- Requires implementations (for certification) to implement things that are not mandatory in the specs
- Documents what is tested
“1” is, hopefully, not applicable to FAPI-RW 1.0 final, as we’ve tried to make sure the spec is comprehensive.
“2” is, in my opinion, better covered in the suite itself, trying to maintain it as a separate document is much harder and often means the code and the document don’t actually agree, as we saw with the OIDC one. The frontend of the conformance suite already presents much or all of the information.
-
I suggest we discuss on the call and then close this issue
-
- changed status to wontfix
FAPI Spec itself works as conformance profile adequately.
-
- changed component to Part 2: Advanced
-
- changed component to FAPI 1 – Part 2: Advanced
-
- changed component to FAPI 1: Advanced
- Log in to comment
