|
Work item:
|
X.2311 (ex X.f2am)
|
|
Subject/title:
|
Financial-grade API (FAPI) 2.0 attacker model
|
|
Status:
|
Determined on 2026-06-10
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2026-06 (Medium priority)
|
|
Liaison:
|
OpenID Foundation
|
|
Supporting members:
|
NEC Corpration, Thales Cybersecurity and Digital Identity
|
|
Summary:
|
Financial-grade application programming interface (FAPI) 2.0 attacker model is an API security profile suitable for high-security applications based on [IETF RFC 6749]. This Recommendation describes an attacker model that informs the decisions on security mechanisms employed by the FAPI security profiles.
This Recommendation is technically aligned with OpenID Foundation specification [b-OpenID.FAPI2am].
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2025-12-11 21:11:52
|
|
Last update:
2026-06-26 11:47:11
|