Therecanbeonlyone1969
commented
2 years ago @atoulme indeed not clear. It should read:
A JWS may be used for initial authentication and authorization between BPIs.
Good enough?
Closed atoulme closed 2 years ago
Therecanbeonlyone1969
commented
2 years ago @atoulme indeed not clear. It should read:
A JWS may be used for initial authentication and authorization between BPIs.
Good enough?
atoulme
commented
2 years ago That clarifies the discussion, thanks.
Therecanbeonlyone1969
commented
2 years ago Closing. Addressed with merged PR https://github.com/eea-oasis/baseline-standard/pull/173
D20 states:
A JWS may be used for establishing a secure tunnel between BPIs to reduce the number of messages required.It is unclear how this relates to the rest of the requirement. It's also unclear when or where the tunnel technique is useful here. Finally, it's unclear how this reduces the number of messages required. Are they required for authentication and authorization, or something else? Please help clarify.