Originally submitted by M V (Mark Verstege) on 2026-01-28
ISO has approved FAPI 2.0 Security Profile as a Publicly Available Specification (PAS) subject to the following modifications.
The table below proposes whether this is an errata for FAPI 2.0 Security Profile, or simply a modification of the ISO PAS submission but it would not result in an errata.
| Comment # |
Section |
ISO Comment |
ISO Proposed Change |
Errata/PAS Only Change |
| 1 |
Not specified |
Update PAS document title to align with FAPI 1.0 submission. |
Modify the title of this document to “Information technology — OpenID Connect FAPI Security Profile 2.0 — Part 1: Security Profile” |
PAS only |
|
| 2 | 2 | Normative references should be in the clause 2. | Move the clause 10’s normative references to the clause 2. | PAS only
|
| 3 | 4 | The ISO House style states that “If the full form of an abbreviated term is not a proper noun, the abbreviated term is generally presented in capital letters, e.g. DMA, but the full written form is not given initial capital letters, e.g. decision-making application and not Decision-Making Application.” | Un-capitalize the full written form of the abbreviated terms. | PAS only
|
| 4 | 7 | The ISO House style states that “Avoid using italics, bold and underline to give emphasis to words or paragraphs in the text”. | Un-bold the texts in the clause. | PAS only
|
| 5 | 9 | As an ISO/IEC document obviously meets the "requirements" of ISO/IEC Directives Part 2, it is not positioned as informative documents. | Remove "ISODIR2 ISO/IEC Directives Part 2" from the Normative References. | Errata
|
| 6 | 10 | According to the ISO/IEC Directives Part 2’s 10.2 Permitted referenced documents e), “Informative references shall be listed in the Bibliography”. | Create a Bibliography section (shall not have a clause number), and place the informative references there. | Errata
|
| 7 | all | The colour of the texts is not black. | Fix the colour of the texts to black. | PAS only
|
| 8 | all | There should be a space between “RFC”/”ISO” and its number. | Insert a space between “RFC”/”ISO” and the numbers afterwards. | Errata
|
| 9 | all | NOTEs do not have to be in bold. | Un-bold “NOTE” in the document. | Errata
|
| 10 | Appendix A | Acknowledgements" in original document is not necessary for ISO/IEC document. | Remove the Appendix A. | PAS only
|
| 11 | ppendix B | | Appendix B" corresponds to "Annex B" in ISO/IEC document and the rules of ISO/IEC Directives Part 2, Clause 20 applies. Each annex shall be explicitly referred to within the text. Suggests FAPI specification is changed to refer to Annexes, nor Appendixes, or only the PAS document is updated | Replace "Appendix B. Notices" with "Annex A (informative) Notices". Insert "See Annex A." or corresponding explanation where Annex A is referred within this document. | Errata
|
| 12 | Author’s Addresses | Author’s Addresses" in original document is not necessary for ISO/IEC document. | Remove "Author’s Addresses" | PAS only
|
| 13 | Notational Conventions | As this is an ISO document, there is no need to clarify the notational conventions. | Remove the Notational Conventions clause. | AS only
|
| 14 | Warning | It states that the document is still a draft. | Remove the Warning clause. | PAS only
|
WG Accept / Reject: to be discussed and handling agreed for each comment.
When commenting on individual comments, can WG members please indicate if it is designated an errata, or it only relates to the PAS submission, but not the specification. Also indicate whether you Accept/Partially Accept/Reject the proposed change.
Bitbucket status: open
Bitbucket origin: issue 849
ISO has approved FAPI 2.0 Security Profile as a Publicly Available Specification (PAS) subject to the following modifications.
The table below proposes whether this is an errata for FAPI 2.0 Security Profile, or simply a modification of the ISO PAS submission but it would not result in an errata.
|
| 2 | 2 | Normative references should be in the clause 2. | Move the clause 10’s normative references to the clause 2. | PAS only
|
| 3 | 4 | The ISO House style states that “If the full form of an abbreviated term is not a proper noun, the abbreviated term is generally presented in capital letters, e.g. DMA, but the full written form is not given initial capital letters, e.g. decision-making application and not Decision-Making Application.” | Un-capitalize the full written form of the abbreviated terms. | PAS only
|
| 4 | 7 | The ISO House style states that “Avoid using italics, bold and underline to give emphasis to words or paragraphs in the text”. | Un-bold the texts in the clause. | PAS only
|
| 5 | 9 | As an ISO/IEC document obviously meets the "requirements" of ISO/IEC Directives Part 2, it is not positioned as informative documents. | Remove "ISODIR2 ISO/IEC Directives Part 2" from the Normative References. | Errata
|
| 6 | 10 | According to the ISO/IEC Directives Part 2’s 10.2 Permitted referenced documents e), “Informative references shall be listed in the Bibliography”. | Create a Bibliography section (shall not have a clause number), and place the informative references there. | Errata
|
| 7 | all | The colour of the texts is not black. | Fix the colour of the texts to black. | PAS only
|
| 8 | all | There should be a space between “RFC”/”ISO” and its number. | Insert a space between “RFC”/”ISO” and the numbers afterwards. | Errata
|
| 9 | all | NOTEs do not have to be in bold. | Un-bold “NOTE” in the document. | Errata
|
| 10 | Appendix A | Acknowledgements" in original document is not necessary for ISO/IEC document. | Remove the Appendix A. | PAS only
|
| 11 | ppendix B | | Appendix B" corresponds to "Annex B" in ISO/IEC document and the rules of ISO/IEC Directives Part 2, Clause 20 applies. Each annex shall be explicitly referred to within the text. Suggests FAPI specification is changed to refer to Annexes, nor Appendixes, or only the PAS document is updated | Replace "Appendix B. Notices" with "Annex A (informative) Notices". Insert "See Annex A." or corresponding explanation where Annex A is referred within this document. | Errata
|
| 12 | Author’s Addresses | Author’s Addresses" in original document is not necessary for ISO/IEC document. | Remove "Author’s Addresses" | PAS only
|
| 13 | Notational Conventions | As this is an ISO document, there is no need to clarify the notational conventions. | Remove the Notational Conventions clause. | AS only
|
| 14 | Warning | It states that the document is still a draft. | Remove the Warning clause. | PAS only
|
WG Accept / Reject: to be discussed and handling agreed for each comment.
When commenting on individual comments, can WG members please indicate if it is designated an errata, or it only relates to the PAS submission, but not the specification. Also indicate whether you Accept/Partially Accept/Reject the proposed change.
Bitbucket status: open
Bitbucket origin: issue 849