ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 30th of June 2022
When: Weekly every Thursday at 3pm-4.30pm AEST
Location: WebEx, quick dial +61-2-9338-2221,,1650705270##
Meeting Details:
Desktop or Mobile Devices
https://treasuryau.webex.com/treasuryau/j.php?MTID=m9614a7c6166155d3d950a8999e437f9f
Once connected to your meeting remember to start your audio and video
Please mute when you are not speaking.
Video Conferencing (VC) Rooms
Use the remote control or touch panel and dial the number indicated below:
External VC Room: [email protected]
Phones - AUDIO ONLY
- Primary Australia: +61-2-9338-2221
- Quick Dial: +61-2-9338-2221,,1650705270##
- Other Global Numbers: https://treasuryau.webex.com/cmp3300/webcomponents/widget/globalcallin/globalcallin.do?MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&serviceType=MC&serviceType=MC&serviceType=MC&siteurl=treasuryau&siteurl=treasuryau&siteurl=treasuryau&apiname=globalcallin.php&apiname=globalcallin.php&apiname=globalcallin.php&rnd=6124483603&rnd=6124483603&rnd=6124483603&tollFree=0&tollFree=0&tollFree=0&ED=1403111402&ED=1403111402&ED=1403111402&needFilter=false&needFilter=false&needFilter=false&actappname=cmp3300&actappname=cmp3300&actname=/webcomponents/widget/globalcallin/gcnredirector.do&actname=/webcomponents/widget/globalcallin/gcnredirector.do&renewticket=0
- Meeting Number/Access Code: 165 070 5270
- Introductions
- Actions
- CDR Stream updates
- Presentation
- Q&A
- Any other business
- 5 min will be allowed for participants to join the call.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may [email protected] should they have any further questions or wish to have any material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.17.0 Published | Link to change log here |
| Maintenance | DSB Maintenance Iteration 11: Agenda & Meeting Notes on 29th of June 2022 | Link to the agenda and minutes |
| Maintenance | Maintenance Iteration 12 | Planned to Commence on the 20th of July 2022 |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 10th of June 2022 | View in browser here |
| DSB Newsletter | 24th of June 2022 | View in browser here |
| Consultation | Normative Standards Review (2021) | No Close Date Link to consultation |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Consultation | Decision Proposal 255 - Approach to Telco Sector Standards | Link to consultation |
| Consultation | Decision Proposal 256 - Telco Endpoints | Link to consultation |
| Consultation | Decision Proposal 257 - Customer Data Payloads for Telco | Link to consultation |
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CDR Register | Emma Harvey |
| ACCC | CTS | Andrea Gibney |
| DSB | CX Standards | Michael Palmyre |
| DSB | Technical Standards - Energy & MI11 | Hemang Rathod |
| DSB | Technical Standards - Register | Ivan Hosgood |
| DSB | Technical Standards - Banking | Mark Verstege |
| DSB | Technical Standards - Engineering | James Bligh |
None this week.
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 1599 | Private Key handling If an unrestricted ADR support the OSP model for its clients or sponsor/affiliate model, what are the recommended ways for unrestricted ADR to use the Private Keys of the clients for different cryptographic purposes? |
The Consumer Data Standards do not define key management security practices. The expectation is that participants will follow industry best practices and engage security expertise as required. |
| 1603 | We noticed here https://cdr-support.zendesk.com/hc/en-us/articles/900001928026?input_string=example+ssa+for+cdr+registration and https://consumerdatastandardsaustralia.github.io/standards/?examples#client-registration provide sample SSA for testing, but when we tried to decode them, they don't match with decoded SSA in DCR registration example { "alg": "PS256", "kid": "b8facf2ff39444f781e0be5db4b14f16", "typ": "JWT" } { "iss": "cdr-register", "iat": 1571808167, "exp": 2147483646, "jti": "3bc205a1ebc943fbb624b14fcb241196", "legal_entity_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C7", "legal_entity_name": "Mock Company Pty Ltd.", "org_id": "3B0B0A7B-3E7B-4A2C-9497- E357A71D07C8", "org_name": "Mock Company Brand", "client_name": "Mock Software", "client_description": "A mock software product for testing SSA", "client_uri": "https://www.mockcompany.com.au/", "redirect_uris": [ "https://www.mockcompany.com.au/redirects/redirect1", "https://www.mockcompany.com.au/redirects/redirect2" ], "sector_identifier_uri": "https://www.mockcompany.com.au/sector_identifier", "logo_uri": "https://www.mockcompany.com.au/logos/logo1.png", "tos_uri": "https://www.mockcompany.com.au/tos.html", "policy_uri": "https://www.mockcompany.com.au/policy.html", "jwks_uri": "https://www.mockcompany.com.au/jwks", "revocation_uri": "https://www.mockcompany.com.au/revocation", "recipient_base_uri": "https://www.mockcompany.com.au/", "software_id": "740C368F-ECF9-4D29-A2EA-0514A66B0CDE", "software_roles": "data-recipient-software-product", "scope": "openid profile bank:accounts.basic:read bank:accounts.detail:read bank:transactions:read bank:payees:read bank:regular_payments:read common:customer.basic:read common:customer.detail:read cdr:registration" } can we get valid/ same SSA with the example above for our testing for DCR registration API? Since this sample SSA is not valid/ different for registration as per API specification and validation https://consumerdatastandardsaustralia.github.io/standards/?examples#client-registration |
The non-normative examples are not really intended for testing but rather provide context that the SSA needs to be decoded. That said, there is an opportunity to bring the non-normative examples up to date and issue 197 has been raised to address this. Can I recommend you take a look at the Mock Register implementation provided by the ACCC to aid in your testing? This will give you the flexibility to change the SSA fields and see them reflected in the SSA generated. |
View a number of informative and useful links in the Consumer Data Standards Implementation Guide on Information Links.