A problem with outsourced/delegated authorization is that it presumes that the customer database is available for the TPP.
If the issuer issues X.509 certificates instead of public keys only, it should be possible for an external verifier to only need
- CA root
- Decryption private key(s)
Certificates would contain account numbers.
The impact on the FWP client would be minimal.
A problem with outsourced/delegated authorization is that it presumes that the customer database is available for the TPP.
If the issuer issues X.509 certificates instead of public keys only, it should be possible for an external verifier to only need
Certificates would contain account numbers.
The impact on the FWP client would be minimal.