Re structure FAPI2 baseline

Comments (6)

1. 

   Dave Tonge reporter

   Maybe bring non-normative text in FAPI2 to point to RAR, message signing, grant management, etc.

   • 2022-05-06T09:15:43+00:00
2. 

   Dave Tonge reporter

   https://bitbucket.org/openid/fapi/pull-requests/334

   • 2022-05-06T13:57:26+00:00
3. 

   Dave Tonge reporter

   Proposed wording referring to other specs:

   This profile is the base of the FAPI 2.0 Framework. Other specifications that are
   part of this framework and may be used together with this profile include:
   
   1. FAPI Message Signing, we recommend this specification when messages are
      required to be signed for the purposes of non-repudiation.  
   1. FAPI CIBA, we recommend that this specificaiton is used when support is required for
      decoupled or cross device flows
   1. Grant Management, we recommend this specification for ecosystems that require complex 
      grant management (for example concurrent grants or strict grant lifecycles)
   1. OAuth 2.0 Rich Authorization Requests (RAR) [@!I-D.ietf-oauth-rar], we recommend that this 
      specification is used wherever the `scope` parameter is not expressive enough to convey
      the authorization that a client wants to obtain
   

   ‌

   ‌

   • 2022-05-18T14:13:03+00:00
4. 

   Dave Tonge reporter

   https://bitbucket.org/openid/fapi/pull-requests/343/change-name-from-baseline-to-security

   • 2022-06-15T14:18:07+00:00
5. 

   Dave Tonge reporter

   • changed status to resolved

   PR merged

   • 2022-06-23T17:50:58+00:00
6. 

   Nat Sakimura

   • changed component to FAPI2: Security Profile

   • 2022-12-14T15:35:26+00:00
7. Log in to comment