Skip to content

FAPI2: [Attacker Model ISO/IEC 26083-2 Review Comments] General and Editorial updates #838

Description

@bitbucket-import-issues

Originally submitted by M V (Mark Verstege) on 2026-01-28

ISO has approved FAPI 2.0 Attacker Model as a Publicly Available Specification (PAS) subject to the following modifications.

The table below proposes whether this is an errata for FAPI 2.0 Attacker Model, or simply a modification of the ISO PAS submission but it would not result in an errata.

Comment # Section ISO Comment ISO Proposed Change Errata/PAS Only Change
1 Not specified Update PAS document title to align with FAPI 1.0 submission. Modify the title of this document to “Information technology — OpenID Connect FAPI Security Profile 2.0 — Part 2: Attacker Model” PAS only

|
| 2 | 2 | Normative references should be in the clause 2. | Move the clause 11’s normative references to the clause 2. | Errata
|
| 3 | 4 | The ISO House style states that “If the full form of an abbreviated term is not a proper noun, the abbreviated term is generally presented in capital letters, e.g. DMA, but the full written form is not given initial capital letters, e.g. decision-making application and not Decision-Making Application.” | Un-capitalize the full written form of the abbreviated terms. | PAS only
|
| 4 | 11 | As an ISO/IEC document obviously meets the "requirements" of ISO/IEC Directives Part 2, it is not positioned as informative documents. | Remove "ISODIR2 ISO/IEC Directives Part 2" from the Normative References. | PAS Only
|
| 5 | all | The colour of the texts is not black. | Fix the colour of the texts to black. | PAS only
|
| 6 | all | There should be a space between “RFC”/”ISO” and its number. | Insert a space between “RFC”/”ISO” and the numbers afterwards. | Errata
|
| 7 | all | NOTEs do not have to be in bold. | Un-bold “NOTE” in the document. | Errata
|
| 8 | Appendix A | Acknowledgements" in original document is not necessary for ISO/IEC document. | Remove the Appendix A. | PAS only
|
| 9 | Appendix B | Appendix B" corresponds to "Annex B" in ISO/IEC document and the rules of ISO/IEC Directives Part 2, Clause 20 applies. Each annex shall be explicitly referred to within the text. Suggests FAPI specification is changed to refer to Annexes, nor Appendixes, or only the PAS document is updated | Replace "Appendix B. Notices" with "Annex A (informative) Notices". Insert "See Annex A." or corresponding explanation where Annex A is referred within this document. | Errata
|
| 10 | Author’s Addresses | Author’s Addresses" in original document is not necessary for ISO/IEC document. | Remove "Author’s Addresses" | PAS only
|
| 11 | Notational Conventions | As this is an ISO document, there is no need to clarify the notational conventions. | Remove the Notational Conventions clause. | PAS only
|
| 12 | Warning | It states that the document is still a draft. | Remove the Warning clause. | PAS only
|

WG Accept / Reject: to be discussed and handling agreed for each comment.

When commenting on individual comments, can WG members please indicate if it is designated an errata, or it only relates to the PAS submission, but not the specification. Also indicate whether you Accept/Partially Accept/Reject the proposed change.


Bitbucket status: new

Bitbucket origin: issue 850

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions