openid / fapi / issues / #597 - Add text about conformance testing to FAPI2 — Bitbucket

Issue #597 resolved

Joseph Heenan created an issue 2023-04-26

FAPI1 contains some text talking about conformance testing:

https://openid.net/specs/openid-financial-api-part-2-1_0-final.html#incomplete-or-incorrect-implementations-of-the-specifications

We probably want to add something along similar lines to the various FAPI2 specs too.

Comments (4)

Dave Tonge
- assigned issue to
  
  Daniel Fett
We agreed this would be good to have in.

As well as 8.7 we also have some intro text around this

Although it is possible to code an OpenID Provider and Relying Party from first principles using this specification, the main audience for this specification is parties who already have a certified implementation of OpenID Connect and want to achieve a higher level of security. Implementers are encouraged to understand the security considerations contained in Section 8.7 before embarking on a 'from scratch' implementation.

‌
- 2023-05-03T14:26:41+00:00
Dave Tonge
- changed status to open
- 2023-05-03T14:28:15+00:00
Daniel Fett
PR: https://bitbucket.org/openid/fapi/pull-requests/436
- 2023-10-04T14:36:54+00:00
Dave Tonge
- changed status to resolved
PR merged
- 2023-11-29T16:48:50+00:00
Log in to comment

Assignee: Daniel Fett

Type: bug

Priority: major

Status: resolved

Component: FAPI2: Security Profile

Milestone: –

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!