Create security and privacy consideration for FAPI 2.0 Security Profile

Comments (8)

1. 

   Nat Sakimura reporter

   It may belong to 4.5 instead, but in the security consideration, it would be good to explain why it was ok to deviate/relax from FAPI 1.0’s design principles: BCM principles, namely:

   1. All messages are authenticated.
   2. All message sources are authenticated.
   3. All message destinations are authenticated.
   4. All the messages in a protocol run are threaded using nonce so that replacing any of them will be detected.
   5. All messages are distinct so that they are not going to be mixed up with another message within FAPI 1.0 or other protocols.

   ‌

   ‌

   • 2022-06-28T09:46:25+00:00
2. 

   Nat Sakimura reporter

   • changed status to open

   • 2022-06-29T14:38:59+00:00
3. 

   Daniel Fett

   We need to say that instead of defining measures (“messages are authenticated”) we are defining the goals (Authentication/Authorization/Session Integrity) as defined in the attacker model.

   • 2022-06-29T15:15:45+00:00
4. 

   Dave Tonge

   for the privacy considerations, do we want to pull in what we had in FAPI 1?

   https://openid.net/specs/openid-financial-api-part-2-1_0.html#privacy-considerations

   • 2022-07-12T11:56:18+00:00
5. 

   Dave Tonge

   @Daniel Fett and @Nat Sakimura what do you think about pulling in the same privacy considerations as FAPI 1?

   • 2022-07-15T08:55:03+00:00
6. 

   Daniel Fett

   Yes, that’s a good starting point. I created a PR based on FAPI 1 including some changes: https://bitbucket.org/openid/fapi/pull-requests/359/privacy-considerations-based-on-fapi-1

   • 2022-07-15T10:22:04+00:00
7. 

   Dave Tonge

   • changed status to resolved

   PR merged

   • 2022-08-24T13:16:37+00:00
8. 

   Nat Sakimura reporter

   • changed component to FAPI2: Security Profile

   • 2022-12-14T15:35:25+00:00
9. Log in to comment