-
Notifications
You must be signed in to change notification settings - Fork 55
DSB Maintenance Iteration 14: Agenda & Minutes (22 February 2023)
Date and time: 22/02/2023, 2:00pm – 4:00pm AEDT
Location: Microsoft Teams Meeting
Dial-in details:
- https://teams.microsoft.com/l/meetup-join/19%3ameeting_MTRiYjhhMGUtYmZhNS00NjBmLWIzODgtMWI2ODExMWIyNjUw%40thread.v2/0?context=%7b%22Tid%22%3a%22214f1646-2021-47cc-8397-e3d3a7ba7d9d%22%2c%22Oid%22%3a%2257cd8c59-9b50-4670-bc85-25281a11ec8d%22%7d
- Meeting ID: 461 357 467 375
- Passcode: UrWjgq
- Dial In Number: +61 2 9161 1229
- Phone Conference ID: 689 954 982#
Chair: Hemang Rathod, DSB
Maintenance overview: Further information
Maintenance project board: See here
Decision Proposal: This maintenance iteration is being consulted on under Decision Proposal 281: Maintenance Iteration 14
The Maintenance Iteration Calls are recorded for note taking purposes only. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material will be provided without the participant's consent. Participants may email contact@consumerdatastandards.gov.au should they have any further questions or wish to have any material redacted from the record.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
Question for the community: are reminders with a link to the agenda before each meeting useful?
- Introductions
- Outstanding Actions
- Release plan
- Open Consultations
- Future Plan
- Maintenance Iteration 14 Issues
- Any other business
Meeting notes
The purpose of this meeting is to
- Confirm iteration candidates for Maintenance Iteration 14
- Retailers to raise a ticket on energy usage data covering multiple FRMPs. DSB to table this in their discussions with AEMO.
- DSB to review all Banking change requests to determine if there are related items that could be addressed at the same time as #567 and #569.
- Latest/current version of standards is 1.22.0 which incorporates changes from MI13
The following decision proposals are open for community feedback
| DP # | Consultation | Closing date |
|---|---|---|
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Consultation | Decision Proposal 267 - Telco Data Language | TBD Link to consultation |
| Consultation | Decision Proposal 275 - Holistic Feedback on Telco Standards | TBD Link to consultation |
| Consultation | Noting Paper 276 - Proposed V5 Rules: Standards Impacts | TBD Link to consultation |
| Consultation | Noting Paper 291 - Workshop for simple Payments Initiation |
Workshop on 7 March 2023 Link to consultation |
| Consultation | Noting Paper 292 - Approach to developing standards for the Non-Bank Lending Sector |
24 March 2023 Link to consultation |
Review of January-March Quarter and new changes: https://github.com/ConsumerDataStandardsAustralia/future-plan/projects/1
All open change requests can be found here: Standards Maintenance Issues.
The standards maintenance backlog can be found here: Data Standards Maintenance
- Issue #522 OpenID Provider Configuration End Point parameter requirements
- Issue #535 Standard appears to redefine requirements for private_key_jwt authentication
- Issue #576 Change id token encryption documentation to allow for use in Hybrid flow and ACF
- Issue #567 BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined
- Issue #569 Home Loan Revert rate and product is not available
- DSB to review all Banking change requests to determine if there are related items that could be addressed at the same time as #567 and #569.
- Issue #508 Provide APIs to automate onboarding of software products and provisioning of certificates
- This item is related and linked to Issue #427 Standards & Guidelines regarding Sponsored Accreditation
- Issue #577 Updates to Certificate Management
- Issue #565 Maintenance Iteration 14 Holistic Feedback
- Issue #532 Update x-fapi-auth-date description for Customer APIs
The following change requests are not related to DSBs remit to change the Standards however they are of significant interest to the community from a standards perspective. A watching brief will be kept on them throughout this iteration.
- Issue #558 The Data Holder PVT Problem
- Anyone interested in discussing this issue can contact David Renzella david.renzella@accc.gov.au
- Issue #566 Optionality of critical fields is facilitating data quality issues across Data Holder implementations
- Issue #568 OTP SMS codes for CDR consent should be independent of online banking SMS settings
- Issue #538 Payload conventions; optional fields with null values aren't defined in schemas
- Issue #496 Unauthenticated energy routes have unclear header documentation
We canvassed the opinion of attendees to determine the value of sending calendar reminders before each meeting, we had 3 likes. As a result we'll cease sending reminders for the time being and will continue to post links to the agenda on the Maintenance Iteration Decision Proposal.
- DSB to review all Banking change requests to determine if there are related items that could be addressed at the same time as #567 and #569.
- Review of related items outstanding.
- Discussion on creating a 'holistic CR' for 'Get Product Detail' API to group related changes.
- Agreement to trial holistic CRs for a single API in this MI.
- DSB to create holistic CR for issues related to Get Account Detail and Get Product Detail APIs
- See Other Business for actions taken on OAS Discussion.
The following candidates were discussed:
- Issue #574 Additional functionality to support multiple account selection
- Purpose is to simplify account selection where many accounts exist, such as C&I consumers in the Energy Sector.
-
Issue #522 OpenID Provider Configuration End Point parameter requirements
- Carried over from MI13. Intention is to consider, and simplify where possible, the way in which upstream standards are represented.
- Two principles were discussed - Being consistent and being non-specific in standards unless there is a good reason to do so
- Action Initiation might present an opportunity to reassess related issues.
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide.
-
Issue #535 Standard appears to redefine requirements for private_key_jwt authentication
- Discussion on misalignment with international standards
- Request is to remove requirement for client_id in client assertion as RFC describes it as optional. This was discussed in the last MI where an agreement on the FDO was not reached. Complicated by implementation effort and anticipated FAPI 2 uplift.
- DSB to assess implications of changing requirement of client_id to ‘SHOULD’, consider permutations and propose a solution for the community to consider.
-
Issue #576 Change id token encryption documentation to allow for use in Hybrid flow and ACF
- Agreement between attendees and DSB:
- Request the DSB Chair treat this change as URGENT
- Update description of "id_token_encrypted_response_alg" and "id_token_encrypted_response_enc" to "SHOULD" for transition period;
- "SHOULD" will change to "MUST" after the transition period.
- DSB to advise when this change could be made if the Chair approves the request to make it URGENT.
- Agreement between attendees and DSB:
-
Issue #520 Stepped solar feed in tariffs in Energy
- Open for discussion, keen to see comments from the community posted on the issue.
- DSB to review seasonality aspect of Issue #520 and discuss with interested parties, AER and DELWP.
-
Issue #572 Ergon Energy's fixed quarterly GreenPower amounts are not supported by the spec
- This item has been added to the Iteration Candidates
- Issue #567 BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined
- Issue #569 Home Loan Revert rate and product is not available
- Various options and their merits were discussed with no clear consensus or pathway.
- DSB to raise a holistic CR to address issues related to the same APIs (Get Account Detail and Get Product Detail APIs) as these CRs for consultation on in this MI. See outcome on Outstanding action for Banking.
-
Issue #508 Provide APIs to automate onboarding of software products and provisioning of certificates
- This issue was raised in response to community feedback however it relates to functions of the Registrar in general. Work will not progress on this issue while the DSB and ACCC are in discussion on the strategic direction for the Register Standards Revision (refer placeholder DP #289). However, we welcome feedback from the community on the benefits and expected features to feed into our analysis and understanding of the problem space. This issue may be accommodated within the Decision Proposal.
-
Issue #577 Updates to Certificate Management
- Multiple nuanced aspects of certificate management (which is not strictly a standards issue) have been proposed in this issue.
- A related suggestion made during the meeting was the ability to automate a certificate request via an API.
- The community is encouraged to consider the issue and provide comment.
The following change requests were not discussed however are recorded here for completeness as a watching brief will be kept on them throughout this iteration.
- Issue #558 The Data Holder PVT Problem
- Anyone interested in discussing this issue can contact David Renzella david.renzella@accc.gov.au
- Issue #566 Optionality of critical fields is facilitating data quality issues across Data Holder implementations
- Issue #568 OTP SMS codes for CDR consent should be independent of online banking SMS settings
OpenAPI Specification (OAS) Discussion on leveraging OAS to manage change in API versions.
- DSB to look at ways to use OAS3 spec to better manage API versioning
- Stuart - Raise a CR for introducing a discriminator in APIs - #587
InfoSec
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide with regard to Issue #522 OpenID Provider Configuration End Point parameter requirements.
- DSB to assess implications of changing requirement of client_id to ‘SHOULD’ for Issue #535, consider permutations and propose a solution for the community to consider.
- DSB to advise when a change to accommodate Issue #576 Change id token encryption documentation to allow for use in Hybrid flow and ACF could be made if the Chair approves the request to make it URGENT.
Energy
- DSB to review seasonality aspect of Issue #520 and discuss with interested parties, AER and DELWP.
Banking
- DSB to create holistic CR for issues related to Get Account Detail and Get Product Detail APIs
Other Business
- DSB to look at ways to use OAS3 spec to better manage API versioning
Community to consider their requirements for relevant candidates and post details for DSB to consider in proposing a solution. The next Maintenance Iteration meeting is scheduled for 8 March 2023.