FAPI2 and oauth-security-topics
Issue #328
resolved
Currently we have this phrase: “shall adhere to [@I-D.ietf-oauth-security-topics]”
I’m not sure about this - I would rather this spec calls out all the specific clauses from the security BCP
Comments (4)
-
-
I have updated the FAPI 2 Baseline document in the master branch - please review.
-
- changed status to resolved
The specific clauses have been incorporated into the text. I'll close this issue for now.
-
- changed component to FAPI2: Security Profile
- Log in to comment
We need to update this clause anyway: It should now read “shall implement [OAuth 2.0] and adhere to [security BCP], or implement [OAuth 2.1]”. I’d like to avoid repeating all clauses from the security BCP.