iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 21964-2:2018

(Main)

Information technology — Destruction of data carriers — Part 2: Requirements for equipment for destruction of data carriers

Information technology — Destruction of data carriers — Part 2: Requirements for equipment for destruction of data carriers

This standard applies to machines for the destruction of data carriers. This standard specifies the requirements for machines in order to ensure the safe destruction of data carriers.

Technologies de l'information — Destruction de véhicules de données — Partie 2: Exigences aux machines de destruction de véhicules de données

General Information

Status
Published
Publication Date
29-Jul-2018
ICS
35.030 - IT Security
Technical Committee
ISO/IEC JTC 1 - Information technology
Drafting Committee
ISO/IEC JTC 1 - Information technology
Current Stage
9093 - International Standard confirmed
Start Date
10-May-2025
Completion Date
17-May-2025
Ref Project

Buy Standard

ISO/IEC 21964-2:2018 - Information technology — Destruction of data carriers — Part 2: Requirements for equipment for destruction of data carriers Released:7/30/2018ISO/IEC 21964-2:2018 - Information technology — Destruction of data carriers — Part 2: Requirements for equipment for destruction of data carriers Released:7/30/2018
PreviousNext
Standard
ISO/IEC 21964-2:2018 - Information technology — Destruction of data carriers — Part 2: Requirements for equipment for destruction of data carriers Released:7/30/2018
English language
9 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 21964-2:2018 - Information technology -- Destruction of data carriersISO/IEC 21964-2:2018 - Information technology -- Destruction of data carriers
PreviousNext
Standard
ISO/IEC 21964-2:2018 - Information technology -- Destruction of data carriers
English language
9 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


INTERNATIONAL ISO/IEC
STANDARD 21964-2
First edition
2018-08
Information technology — Destruction
of data carriers —
Part 2:
Requirements for equipment for
destruction of data carriers
Technologies de l'information — Destruction de véhicules de
données —
Partie 2: Exigences aux machines de destruction de véhicules de
données
Reference number
©
ISO/IEC 2018
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

Contents Page
Foreword .iv
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Requirements . 1
4.1 Degree of destruction . 1
4.2 Materials referred to in security levels . 1
4.3 Limits for particle sizes . 2
4.4 Feed and collection apparatus . 5
4.5 Checking that destruction is complete . 6
5 Testing . 6
5.1 Ambient conditions . 6
5.2 Test material . 6
5.3 Testing the rated throughput . 6
5.4 Testing the degree of destruction . 7
5.4.1 Purpose of the test. 7
5.4.2 Feeding in the test material . 7
5.4.3 Sample quantity . 7
5.4.4 Sampling from destroyed test material . 7
5.4.5 Analysis . 7
5.4.6 Evalu ation . 8
6 Test report . 8
7 Test certificate . 8
© ISO/IEC 2018 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of document should be noted (see www .iso .org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/iso/foreword .html.
This document was prepared by DIN, German Institute for Standardization (as national standard
DIN 66399-2) and drafted in accordance with its editorial rules. It was assigned to Joint Technical
Committee ISO/IEC JTC 1, Information technology, and adopted under the “fast-track procedure”.
A list of all parts in the ISO/IEC 21964 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/members .html.
iv © ISO/IEC 2018 – All rights reserved

INTERNATIONAL STANDARD ISO/IEC 21964-2:2018(E)
Information technology — Destruction of data carriers —
Part 2:
Requirements for equipment for destruction of data
carriers
1 Scope
This standard applies to machines for the destruction of data carriers. This standard specifies the
requirements for machines in order to ensure the safe destruction of data carriers.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
DIN 19054, Transparent microfiche, size A6 — General requirements, microfilming methods, headers and
title areas in technical documents and catalogues
ISO/IEC 21964-1, Information Technology — Destruction of data carriers — Part 1: Principles and
definitions
ISO 216, Writing paper and certain classes of printed matter — Trimmed sizes — A and B series, and
indication of machine direction
3 Terms and definitions
For the purposes of this document, the terms and definitions in ISO/IEC 21964-1 apply
4 Requirements
4.1 Degree of destruction
Machines and equipment that comply with this standard shall meet at least the requirements in Tables 1
to 6 as regards the degree of destruction.
4.2 Materials referred to in security levels
P – information in original size (paper, film, printing plates etc.)
F – information in miniaturized form (microfilm/microfiche etc.)
O – information on optical data carriers (CD/DVD etc.)
T – information on magnetic data carriers (floppy discs, ID cards, magnetic tape cassettes etc.)
H – information on hard drives with magnetic data carriers (hard drives)
E – information on electronic data carriers (memory sticks, chip cards, solid-state drives, mobile
communication equipment etc.)
© ISO/IEC 2018 – All rights reserved 1

4.3 Limits for particle sizes
The machines and equipment for destroying data carriers are classified according to the degree of
destruction, taking the type of data carrier into consideration. The following table shows the limit
values of each security level as regards the condition, shape and size after destruction.
The security level shall be tested and demonstrated in the form of a test certificate, declaration of
conformity, certificate, expertise or other assessment. This can be carried out by the manufacturer or
other competent bodies. The certificate shall be suitably enclosed with the user documentation for the
machine.
For all data carriers, the additionally specified methods for the highest security levels shall also cover
the requirements for the lower security levels.
Users should check the particle size during the operating life of the machine or equipment, because
wear or damage to the shredding tools can reduce security.
Table 1 — Information in the original size
Information in the original size
e.g. paper, film, printing plates
Condition, shape and size after
Security level Tolerance
destruction
Particle size ≤ 2 000 mm
10 % of the material may exceed the
or
P-1 specified particle size, but shall not
Strip width ≤ 12,0 mm
be more than 3 800 mm in size.
Unlimited strip length
Particle size ≤ 800 mm
10 % of the material may exceed the
or
P-2 specified particle size, but shall not
Strip width ≤ 6,0 mm
be more than 2 000 mm in size.
Unlimited strip length
Particle size ≤ 320 mm
10 % of the material may exceed the
or
P-3 specified particle size, but shall not
Strip width ≤ 2 mm
be more than 800 mm in size.
Unlimited strip length
Particle size ≤ 160 mm 10 % of the material may exceed the
P-4 and for regular particles: specified particle size, but shall not
Strip width ≤ 6 mm be more than 480 mm in size.
Particle size ≤ 30 mm 10 % of the material may exceed the
P-5 and for regular particles: specified particle size, but shall not
Strip width ≤ 2 mm be more than 90 mm in size.
Particle size ≤ 10 mm 10 % of the material may exceed the
P-6 and for regular particles: specified particle size, but shall not
Strip width ≤ 1 mm be more than 30 mm in size.
Particle size ≤ 5 mm
and for regular particles:
Strip width ≤ 1 mm
or
The particle size shall not be ex-
P-7 Dissolved
ceeded.
with particle size ≤ 5 mm
or
Shredded ash with
particle size ≤ 5 mm
2 © ISO/IEC 2018 – All rights reserved

Table 2 — Information in miniaturized form
Information in miniaturized form
e.g.: microfilm
Condition, shape and size after
Security level Tolerance
destruction
10 % of the material may exceed the spec-
F-1 Particle size ≤ 160 mm ified particle size, but shall not be more
than 480 mm in size.
10 % of the material may exceed the spec-
F-2 Particle size ≤ 30 mm ified particle size, but shall not be more
than 90 mm in size.
10 % of the material may exceed the spec-
F-3 Particle size ≤ 10 mm ified particle size, but shall not be more
than 30 mm in size.
10 % of the material may exceed the spec-
F-4 Particle size ≤ 2,5 mm ified particle size, but shall not be more
than 7,5 mm in size.
10 % of the material may exceed the spec-
F-5 Particle size ≤ 1,0 mm ified particle size, but shall not be more
than 3,0 mm in size.
Particle size ≤ 0,5 mm 10 % of the material may exceed the spec-
F-6 or ified particle size, but shall not be more
2 2
Shredded ash ≤ 0,5 mm than 1,5 mm in size.
Particle size ≤ 0,2 mm
or
F-7 Shredded ash ≤ 0,2 mm The particle size shall not be exceeded.
or
Dissolved
Table 3 — Information on optical data carriers
Information on optical data carriers
e.g.: CD/DVD
Condition, shape and size after
Security level Tolerance
destruction
10 % of the material may exceed the spec-
O-1 Particle size ≤ 2 000 mm ified particle size, but shall not be more
than 3 800 mm in size.
10 % of the material may exceed the spec-
O-2 Particle size ≤ 800 mm ified particle size, but shall not be more
than 2 000 mm in size.
10 % of the material may exceed the spec-
O-3 Particle size ≤ 160 mm ified particle size, but shall not be more
than 480 mm in size.
10 % of the material may exceed the spec-
Particle size
O-4 ified particle size, but shall not be more
≤ 30 mm
than 90 mm in size.
© ISO/IEC 2018 – All rights reserved
...


INTERNATIONAL ISO/IEC
STANDARD 21964-2
First edition
2018-08
Information technology — Destruction
of data carriers —
Part 2:
Requirements for equipment for
destruction of data carriers
Technologies de l'information — Destruction de véhicules de
données —
Partie 2: Exigences aux machines de destruction de véhicules de
données
Reference number
©
ISO/IEC 2018
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

Contents Page
Foreword .iv
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Requirements . 1
4.1 Degree of destruction . 1
4.2 Materials referred to in security levels . 1
4.3 Limits for particle sizes . 2
4.4 Feed and collection apparatus . 5
4.5 Checking that destruction is complete . 6
5 Testing . 6
5.1 Ambient conditions . 6
5.2 Test material . 6
5.3 Testing the rated throughput . 6
5.4 Testing the degree of destruction . 7
5.4.1 Purpose of the test. 7
5.4.2 Feeding in the test material . 7
5.4.3 Sample quantity . 7
5.4.4 Sampling from destroyed test material . 7
5.4.5 Analysis . 7
5.4.6 Evalu ation . 8
6 Test report . 8
7 Test certificate . 8
© ISO/IEC 2018 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of document should be noted (see www .iso .org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/iso/foreword .html.
This document was prepared by DIN, German Institute for Standardization (as national standard
DIN 66399-2) and drafted in accordance with its editorial rules. It was assigned to Joint Technical
Committee ISO/IEC JTC 1, Information technology, and adopted under the “fast-track procedure”.
A list of all parts in the ISO/IEC 21964 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/members .html.
iv © ISO/IEC 2018 – All rights reserved

INTERNATIONAL STANDARD ISO/IEC 21964-2:2018(E)
Information technology — Destruction of data carriers —
Part 2:
Requirements for equipment for destruction of data
carriers
1 Scope
This standard applies to machines for the destruction of data carriers. This standard specifies the
requirements for machines in order to ensure the safe destruction of data carriers.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
DIN 19054, Transparent microfiche, size A6 — General requirements, microfilming methods, headers and
title areas in technical documents and catalogues
ISO/IEC 21964-1, Information Technology — Destruction of data carriers — Part 1: Principles and
definitions
ISO 216, Writing paper and certain classes of printed matter — Trimmed sizes — A and B series, and
indication of machine direction
3 Terms and definitions
For the purposes of this document, the terms and definitions in ISO/IEC 21964-1 apply
4 Requirements
4.1 Degree of destruction
Machines and equipment that comply with this standard shall meet at least the requirements in Tables 1
to 6 as regards the degree of destruction.
4.2 Materials referred to in security levels
P – information in original size (paper, film, printing plates etc.)
F – information in miniaturized form (microfilm/microfiche etc.)
O – information on optical data carriers (CD/DVD etc.)
T – information on magnetic data carriers (floppy discs, ID cards, magnetic tape cassettes etc.)
H – information on hard drives with magnetic data carriers (hard drives)
E – information on electronic data carriers (memory sticks, chip cards, solid-state drives, mobile
communication equipment etc.)
© ISO/IEC 2018 – All rights reserved 1

4.3 Limits for particle sizes
The machines and equipment for destroying data carriers are classified according to the degree of
destruction, taking the type of data carrier into consideration. The following table shows the limit
values of each security level as regards the condition, shape and size after destruction.
The security level shall be tested and demonstrated in the form of a test certificate, declaration of
conformity, certificate, expertise or other assessment. This can be carried out by the manufacturer or
other competent bodies. The certificate shall be suitably enclosed with the user documentation for the
machine.
For all data carriers, the additionally specified methods for the highest security levels shall also cover
the requirements for the lower security levels.
Users should check the particle size during the operating life of the machine or equipment, because
wear or damage to the shredding tools can reduce security.
Table 1 — Information in the original size
Information in the original size
e.g. paper, film, printing plates
Condition, shape and size after
Security level Tolerance
destruction
Particle size ≤ 2 000 mm
10 % of the material may exceed the
or
P-1 specified particle size, but shall not
Strip width ≤ 12,0 mm
be more than 3 800 mm in size.
Unlimited strip length
Particle size ≤ 800 mm
10 % of the material may exceed the
or
P-2 specified particle size, but shall not
Strip width ≤ 6,0 mm
be more than 2 000 mm in size.
Unlimited strip length
Particle size ≤ 320 mm
10 % of the material may exceed the
or
P-3 specified particle size, but shall not
Strip width ≤ 2 mm
be more than 800 mm in size.
Unlimited strip length
Particle size ≤ 160 mm 10 % of the material may exceed the
P-4 and for regular particles: specified particle size, but shall not
Strip width ≤ 6 mm be more than 480 mm in size.
Particle size ≤ 30 mm 10 % of the material may exceed the
P-5 and for regular particles: specified particle size, but shall not
Strip width ≤ 2 mm be more than 90 mm in size.
Particle size ≤ 10 mm 10 % of the material may exceed the
P-6 and for regular particles: specified particle size, but shall not
Strip width ≤ 1 mm be more than 30 mm in size.
Particle size ≤ 5 mm
and for regular particles:
Strip width ≤ 1 mm
or
The particle size shall not be ex-
P-7 Dissolved
ceeded.
with particle size ≤ 5 mm
or
Shredded ash with
particle size ≤ 5 mm
2 © ISO/IEC 2018 – All rights reserved

Table 2 — Information in miniaturized form
Information in miniaturized form
e.g.: microfilm
Condition, shape and size after
Security level Tolerance
destruction
10 % of the material may exceed the spec-
F-1 Particle size ≤ 160 mm ified particle size, but shall not be more
than 480 mm in size.
10 % of the material may exceed the spec-
F-2 Particle size ≤ 30 mm ified particle size, but shall not be more
than 90 mm in size.
10 % of the material may exceed the spec-
F-3 Particle size ≤ 10 mm ified particle size, but shall not be more
than 30 mm in size.
10 % of the material may exceed the spec-
F-4 Particle size ≤ 2,5 mm ified particle size, but shall not be more
than 7,5 mm in size.
10 % of the material may exceed the spec-
F-5 Particle size ≤ 1,0 mm ified particle size, but shall not be more
than 3,0 mm in size.
Particle size ≤ 0,5 mm 10 % of the material may exceed the spec-
F-6 or ified particle size, but shall not be more
2 2
Shredded ash ≤ 0,5 mm than 1,5 mm in size.
Particle size ≤ 0,2 mm
or
F-7 Shredded ash ≤ 0,2 mm The particle size shall not be exceeded.
or
Dissolved
Table 3 — Information on optical data carriers
Information on optical data carriers
e.g.: CD/DVD
Condition, shape and size after
Security level Tolerance
destruction
10 % of the material may exceed the spec-
O-1 Particle size ≤ 2 000 mm ified particle size, but shall not be more
than 3 800 mm in size.
10 % of the material may exceed the spec-
O-2 Particle size ≤ 800 mm ified particle size, but shall not be more
than 2 000 mm in size.
10 % of the material may exceed the spec-
O-3 Particle size ≤ 160 mm ified particle size, but shall not be more
than 480 mm in size.
10 % of the material may exceed the spec-
Particle size
O-4 ified particle size, but shall not be more
≤ 30 mm
than 90 mm in size.
© ISO/IEC 2018 – All rights reserved
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 20153:2025(Main)
Information technology — OASIS Common Security Advisory Framework (CSAF) v2.0 Specification
  • Standard
    115 pages
    English language
    sale 15% off
ISO
ISO/IEC 26136:2024(Main)
Information technology — OpenID connect — OpenID connect front-channel logout 1.0

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines a logout mechanism that uses front-channel communication via the User Agent between the OP and RPs being logged out that does not need an OpenID Provider iframe on Relying Party pages. Other protocols have used HTTP GETs to RP URLs that clear login state to achieve this. This document does the same thing.

  • Standard
    10 pages
    English language
    sale 15% off
ISO
ISO/IEC 26134:2024(Main)
Information technology — OpenID connect — OpenID connect RP-initiated logout 1.0

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines a mechanism for a Relying Party to request that an OpenID Provider log out the End-User.

  • Standard
    10 pages
    English language
    sale 15% off
ISO
ISO/IEC 26135:2024(Main)
Information technology — OpenID connect — OpenID connect session management 1.0

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document describes how to manage sessions for OpenID Connect, including when to log out the End-User.

  • Standard
    12 pages
    English language
    sale 15% off
ISO
ISO/IEC 26137:2024(Main)
Information technology — OpenID connect — OpenID connect back-channel logout 1.0 incorporating errata set 1

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines a logout mechanism that uses direct back-channel communication between the OP and RPs being logged out; this differs from front-channel logout mechanisms, which communicate logout requests from the OP to RPs via the User Agent.

  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO/IEC 26131:2024(Main)
Information technology — OpenID connect — OpenID connect core 1.0 incorporating errata set 2

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate information about the End-User. It also describes the security and privacy considerations for using OpenID Connect.

  • Standard
    146 pages
    English language
    sale 15% off
ISO
ISO/IEC 26132:2024(Main)
Information technology — OpenID connect — OpenID connect discovery 1.0 incorporating errata set 2

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines a mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.

  • Standard
    29 pages
    English language
    sale 15% off
ISO
ISO/IEC 26139:2024(Main)
Information technology — OpenID connect — OAuth 2.0 form post response mode

This document defines the Form Post Response Mode. In this mode, Authorization Response parameters are encoded as HTML form values that are auto-submitted in the User Agent, and thus are transmitted via the HTTP POST method to the Client, with the result parameters being encoded in the body using the application/x-www-form-urlencoded format.

  • Standard
    5 pages
    English language
    sale 15% off
ISO
ISO/IEC 26133:2024(Main)
Information technology — OpenID connect — OpenID connect dynamic client registration 1.0 incorporating errata set 2

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document defines how an OpenID Connect Relying Party can dynamically register with the End-User's OpenID Provider, providing information about itself to the OpenID Provider, and obtaining information needed to use it, including the OAuth 2.0 Client ID for this Relying Party.

  • Standard
    31 pages
    English language
    sale 15% off
ISO
ISO/IEC 26138:2024(Main)
Information technology — OpenID connect — OAuth 2.0 multiple response type encoding practices

This document provides guidance on the proper encoding of responses to OAuth 2.0 Authorization Requests in which the request uses a Response Type value that includes space characters. Furthermore, this document registers several new Response Type values in the OAuth Authorization Endpoint Response Types registry. This document also defines a Response Mode Authorization Request parameter that informs the Authorization Server of the mechanism to be used for returning Authorization Response parameters from the Authorization Endpoint.

  • Standard
    11 pages
    English language
    sale 15% off