Clone wiki

fapi / FAPI_Meeting_Notes_2020-01-08_Atlantic

FAPI WG Meeting Notes (2020-01-08)

Date & Time: 2020-01-08 14:00 UTC

Location: GoToMeeting

The meeting was called to order at 14:03 UTC.

1.   Roll Call

1.1.   Attending:

  1. Nat
  2. Bjorn
  3. Brian
  4. Daniel
  5. Dave
  6. Dima
  7. Ian Lowe
  8. Joseph
  9. Kousuke
  10. Rob Otto
  11. Torsten
  12. Mark Haine
  13. Nick Cuthbert

3.   Event

3.1.   Swift Conference/FAPI F2F

  • Around Feb. 18. FAPI F2F. Don is finalizing.
  • Likely to be 17th.
  • FAPI and eKYC F2F.
  • Tony is securing the room.

4.   Draft Status

4.1.   OAuth JAR (Nat)

  • Merge is bad.
  • client_id and response_type - interop. Perhapss add a note?
    • Add a note suggesting for backward compatibility, add these and match.

4.3.   OAuth RAR (Torsten)

  • Please cast +1 to the OAuth thread.
  • Need to develop Roadmap to include PAR and RAR.

4.4.   #163 Security Model (Daniel)

WG discussed the initial text created by Daniel.

They generally agreed that the attacker model is about right. Daniel also pointed out that there is one attack that we do not have a solution for. (PKCE chosen text attack.)

WG members are invited to make comments on the document and the ticket. If it is a concrete change proposal to the document, it should go to the document itself. If it is a more general discussion, it should go to ticket #163.

6.   AOB

The meeting was adjourned at 14:__ UTC.