[BCP OAuth2] |
T. Lodderstedt, J. Bradley, A. Labunets, D. Fett (2020), OAuth 2.0 Security Best Current Practice draft-ietf-oauth-security-topics-16 |
|
https://tools.ietf.org/html/draft-ietf-oauth-security-topics-16 (Status: 03-17-2021) |
[BDD] |
Specflow (n.D.), Getting Started with Behavior Driven Development |
|
https://specflow.org/bdd/ (Status 03-18-2021) |
[CryptoLen] |
Damien Giry, Prof. Jean-Jacques Quisquater (2020), Cryptographic Key Length Recommendation |
|
https://www.keylength.com/en (Status 03-18-2021) |
[DID SIOP] |
DIF Working Group (n.d.), Self-Issued OpenID Connect Provider DID Profile v0.1 |
|
https://identity.foundation/did-siop/ (Status: 02-18-2021) |
[DIDComm.Msg] |
Daniel Hardman (n.D.), DIDComm Messaging |
|
https://identity.foundation/didcomm-messaging/spec/ (Status 02-26-2021) |
[EUCS] |
European Union Agency for Cybersecurity (ENISA) (2020), EUCS – Cloud Services Scheme |
|
https://www.enisa.europa.eu/publications/eucs-cloud-service-scheme (Status: 03-29-2021) |
[FIPS-140-2] |
NIST (2001) FIPS 140–2, Security Requirements for Cryptographic Modules |
|
http://csrc.nist.gov/publications/PubsFIPS.html#140-2 (Status 03-18-2021) |
[IDM.AO] |
Gaia-X WP1[1] (2021), Architecture Overview |
|
https://www.gxfs.eu/idm-trust-architecture/ (Status: 08-04-2022) |
[ISO25000] |
ISO 25000 Portal (n.d.), ISO/IEC 25010 |
|
https://iso25000.com/index.php/en/iso-25000-standards/iso-25010 (Status: 03-17-2021) |
[IDM.TSA] |
Specification for Gaia-X Federation Service Identity & Trust - Trust Services API |
|
https://www.gxfs.eu/trust-services-api/ (Status: 08-04-2022) |
[OIDC.Core] |
N. Sakimura, J. Bradley, M. Jones, B. de Medeiros, C. Mortimore (2014), OpenID Connect Core 1.0 incorporating errata set 1 |
|
https://openid.net/specs/openid-connect-core-1_0.html (Status: 03-11-2021) |
[OIDC.CIBA] |
G. Fernandez, F. Walter, A. Nennker, D. Tonge, B. Campbell (2020), OpenID Connect Client Initiated Backchannel Authentication Flow - Core 1.0 draft-03 |
|
https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html (Status: 03-11-2021) |
[OIDC.Conformance] |
OpenID Connect Working Group, OpenID Foundation (2018), OpenID Connect Conformance Profiles v3.0 |
|
https://openid.net/wordpress-content/uploads/2018/06/OpenID-Connect-Conformance-Profiles.pdf (Status: 03-11-2021) |
[OIDC.Discovery] |
N. Sakimura, J. Bradley, M. Jones, E. Jay (2014), OpenID Connect Discovery 1.0 incorporating errata set 1 |
|
https://openid.net/specs/openid-connect-discovery-1_0.html (Status: 03-11-2021) |
[PRD] |
Gaia-X, European Association for Data and Cloud, AISBL: Gaia-X Policy Rules Document |
|
https://gaia-x.eu/wp-content/uploads/2022/05/Gaia-X_Policy-Rules_Document_v22.04_Final.pdf (Status: 04-11-2022) |
[RFC6749] |
Internet Engineering Task Force (IETF) (2012), The OAuth 2.0 Authorization Framework |
|
https://tools.ietf.org/html/rfc6749/ (Status 08-05-2022) |
[RFC7519] |
Internet Engineering Task Force (IETF) (2015), JSON Web Token (JWT) |
|
https://tools.ietf.org/html/rfc7519/ (Status 08-05-2022) |
[RFC6750] |
Internet Engineering Task Force (IETF) (2012), The OAuth 2.0 Authorization Framework: Bearer Token Usage |
|
https://tools.ietf.org/html/rfc6750 (Status: 03-11-2021) |
[RFC7591] |
Internet Engineering Task Force (IETF) (2015), OAuth 2.0 Dynamic Client Registration Protocol |
|
https://tools.ietf.org/html/rfc7591 (Status: 03-11-2021) |
[RFC7807] |
Internet Engineering Task Force (IETF) (2016), Problem Details for HTTP APIs |
|
https://tools.ietf.org/html/rfc7807 (Status: 03-11-2021) |
[RFC5789] |
Internet Engineering Task Force (IETF) (2010), PATCH Method for HTTP |
|
https://tools.ietf.org/html/rfc5789 (Status: 03-11-2021) |
[RFC7231] |
Internet Engineering Task Force (IETF) (2014), Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content |
|
https://tools.ietf.org/html/rfc7231 (Status: 03-11-2021) |
[RFC3161] |
C. Adams, P. Cain, D. Pinkas, R. Zuccherato (2001), Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP) |
|
https://www.ietf.org/rfc/rfc3161.txt (Status: 03-17-2021) |
[RFC2119] |
Network Working Group (1997) Key words for use in RFCs to Indicate Requirement Levels |
|
https://tools.ietf.org/html/rfc2119 (Status 03-18-2021) |
[SOG-IS] |
SOG-IS Crypto Working Group (2020), SOG-IS Crypto Evaluation Scheme - Agreed Cryptographic Mechanisms |
|
https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf (Status 03-18-2021) |
[TR02102-1] |
BSI (2020), Cryptographic Mechanisms: Recommendations and Key Lengths BSI TR-02102-1 |
|
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile&v=2 (Status 03-18-2021) |
[TR02102-2] |
BSI (2020), Cryptographic Mechanisms: Recommendations and Key Lengths: Use of Transport Layer Security (TLS) BSI TR-02102-2, |
|
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-2.pdf?__blob=publicationFile&v=2 (Status 03-18-2021) |
[TAD] |
Gaia-X, European Association for Data and Cloud, AISBL: Gaia-X Architecture Document |
|
https://docs.gaia-x.eu/technical-committee/architecture-document/22.04/ (Status: 08-04-2022) |