Skip to content

DSB Maintenance Iteration 21: Meeting notes (2 October 2024)

Jump to bottom
Mark Verstege edited this page Oct 15, 2024 · 1 revision

Meeting Notes

  • This meeting was the second for MI 21. The purpose of this meeting was to confirm the iteration candidates and commence discussing the change requests.
  • Participants also reviewed the issues backlog and performed prioritisation and grooming on the oldest issues.

Maintenance Iteration 21 Candidate Discussion

663 - Maintenance Iteration 21 Holistic Feedback

  • Discussed current list of minor changes

659 - Enhancing CDR Adoption: Streamlining Account Selection and Improving Data Transparency

660 - Revise the Availability Requirements NFRs

  • ADR participant raised the proposal that outages including a technical message for ADRs not just a customer facing message
  • Including the list of endpoints affected during the outage supported by a Data Holder participant and ADRs
  • Options discussed:
    • Option 1 - 99.5% availability to include planned outages
    • Option 2 - Commensurate to digital channels
    • Option 3 - Secondary NFR - when scheduled outages are included
    • Option 4 - CX standard to require DHs to communicate outages to consumers before and during outages
  • Secondary data holder noted that there are needs for regular scheduled outages. High availability limits including planned outages could push a change in architecture if they are set too stringently. Where data doesn't change often, it was also noted that an outage would have less impact.

655 - Get Metrics V5 error metrics documentation

  • The proposed change was reviewed and no feedback was provided.

649 - Inconsistent JARM error responses

  • One Data Holder noted they have implemented a cancel button for redirection back to the ADR. The DH noted that they considered stopping the journey without an explicit cancel button was necessary for security reasons.
  • The DSB noted that when a user is redirected back to the ADR, it is mandatory for an error or success response to be provided according to the specifications.
  • DSB mentioned possibly making a ‘cancel’ button mandatory.
  • ACTION: Data Holders to provide views on whether they provide a 'cancel' button, and whether it should be mandatory to do so.

666 - Retirement of OIDC Hybrid Flow

  • It was noted that some DHs continue advertising hybrid flow
  • It was noted by one ADR participant that errors were occurring when trying to update client registration to remove hybrid flow registration

Backlog issues

#527

  • Noted by the DSB this shall be closed in 1.32.0

528

  • Keep open
  • Some DHs notes they have two different JWKS endpoints (one in config and one in Register)

531

  • Addressed in DP338

539

  • Keep open
  • Related to timezone defaults
  • If pure local time, don’t know how to convert
  • How does the ADR know the actual time the holder posted the transaction because of daylight savings

542

  • Keep open
  • Dealt with in auth uplift

557

  • Leave open
  • Relates to CX guidelines
  • Can be progressed once August rules are made

552

  • Leave open
  • Could be dealt with in MI21

554

  • Leave open
  • Some OTP delivery timeframes will be out of the control of the DH
  • Suggested exploring ways to remove friction from the consumer experience and maybe having a metric that's focused on this could help do that just by indicating when a bad OTP mechanism has been implemented
  • Noted that some OTP delivery channels like SMS are out of the control of DHs

Other business

None

Next Steps

Getting Started

Meetings

Maintenance Iterations

CDR Implementation Call

Clone this wiki locally