DSB Maintenance Iteration 13: Agenda & Minutes (26 October 2022) - ConsumerDataStandardsAustralia/standards GitHub Wiki

Date and time: 26/10/2022, 2:00pm โ€“ 4:00pm AEDT

Location: Microsoft Teams Meeting

Dial-in details:

Chair: James Bligh, DSB

Maintenance overview: Further information

Maintenance project board: See here

Decision Proposal: This maintenance iteration is being consulted on under Decision Proposal 272: Maintenance Iteration 13

Recording

The Maintenance Iteration Calls are recorded for note taking purposes only. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material will be provided without the participant's consent. Participants may email [email protected] should they have any further questions or wish to have any material redacted from the record.

Acknowledgement of Country

We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.

We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.

Agenda

  • Introductions
  • Outstanding Actions
  • Release plan
  • Open / Active Decision Proposals
  • Proposing changes to the Standards
  • Review of new issues raised on standards-maintenance
  • Maintenance Iteration 13 Issues
  • Any other business
  • Next Steps

Meeting notes

Introductions

The purpose of this meeting is to provide the community with the opportunity to agree on the candidates for consultation in Maintenance Iteration 13.

Outstanding Actions

Energy

  • Retailers to raise a ticket on energy usage data covering multiple FRMPs. DSB to table this in their discussions with AEMO.
    • Analysis ongoing
  • DSB to liaise with AEC to organise a workshop to discuss requirements for Issue #475: Representation of Spot price based contracts for C&I customers before end of year shutdown commences.
    • This has been raised with AEC. There is no time to address it before 15/11/2022 although it is a concern for 15/05/2023 obligation date for Energy. If not addressed in this Maintenance Iteration it won't be possible to publish a solution until the conclusion of Maintenance Iteration 14 anticipated in March 2023 unless it is addressed as Decision Proposal.

InfoSec

None

CX

None

Maintenance Iteration 12 Retrospective

  • DSB to consider adding a regular agenda item or presentation to the Implementation Call midway through each Maintenance Iteration.
    • Incorporated into the CDR Implementation Call schedule.
  • DSB to consider the way emergency changes are incorporated into the Standards and advise on a planned approach.
    • Noted, will be consider at the next emergency change.
  • DSB to consider the timing of retros and advise on a planned approach.

Decision Proposals required

The following items have been created as backlog items on the future-plan board.

Release plan

  • Release 1.20.0 has been staged, Decision Proposal 259 has been circulated to DSAC and is with the Chair for Approval. Correction see Meeting Minutes

Open / Active Decision Proposals

The following decision proposals are open for community feedback

DP # Decision Proposal Closing date
Consultation Decision Proposal 229 - CDR Participant Representation Placeholder: no close date Link to consultation
Noting Paper Noting Paper 255 - Approach to Telco Sector Standards Link to consultation
Noting Paper Noting Paper 258 - Independent Information Security Review Link to consultation
Consultation Decision Proposal 267 - Telco Data Language TBD Link to consultation

Future Plan

Review of October-December Quarter and new changes: https://github.com/ConsumerDataStandardsAustralia/future-plan/projects/1

Proposing changes to the Standards

Talk to item arising in the last meeting regarding options to propose changes to the standards.

Review of new issues raised on standards-maintenance

Mid iteration review of any new issues raised for awareness and to confirm scope for this Maintenance Iteration is not impacted.

Maintenance Iteration 13 Issues

All open change requests can be found here: Standards Maintenance Issues.

The standards maintenance backlog can be found here: Data Standards Maintenance

The change requests proposed for this iteration are:

InfoSec

Energy

Banking

Register

Iteration 13 Holistic Feedback

Any Other Business

Meeting Minutes

Notes

Outstanding Actions

Energy

  • Retailers to raise a ticket on energy usage data covering multiple FRMPs. DSB to table this in their discussions with AEMO.
    • Analysis ongoing

InfoSec

None

CX

None

Maintenance Iteration 12 Retrospective

  • DSB to consider the timing of retros and advise on a planned approach.
    • The purpose of the Retro is to review the Maintenance Iteration process not the outcome of it. We'll keep this action open to revisit the discussion at the end of MI13.

Release plan

Correction to the agenda: at the time of meeting on 26 October, v1.20.0 had been staged however the DP for MI12 had not been sent to the Chair, it was undergoing a final review.

Future plan

Taken as read.

Proposing changes to the Standards

Introducing another channel to initiate change is not feasible as the DSB is constrained by consultation requirements set out in the rules. A number of options to increase awareness of changes occurring were discussed. Identifying the sort of change required for each CR early in the MI will also assist with managing expectations.

Recent changes introduced by the DSB, such as linking to the comment describing the current state of an issue in the 'DSB Proposed Solution' section, will also assist participants following issues. Where necessary an issue can span multiple MIs to assist with increased awareness and more detailed analysis.

This item will remain on the agenda for the next meeting to cover off on any other aspects that may need to be considered.

Review of new issues raised on standards-maintenance

At the mid iteration check point, four CRs have been raised since MI13 commenced:

  • two of these have been included (#547 and #551) in this iteration, and
  • two can be considered in a later iteration because they are unrelated to the current scope and not urgent (#548 and #549).

No adjustment to iteration candidates needs to be made.

Maintenance Iteration 13 Issues - Candidates for consultation

InfoSec

  • Issue #479: Clarification on Minimum Algorithm Required for JARM

    • A participant raised how to deal with ADRs that request encryption when a DH does not support encryption.
    • Discussed allowing โ€œnoneโ€ for a valid supported encryption algorithm to indicate that no encryption will be performed.
    • The DH can also omit the authorization_encryption_alg_values_supported and authorization_encryption_enc_values_supported claims from their OIDD document, in which case, no encryption value should be sent by the ADR.
    • This would require an optional inclusion of the encryption negotiation values during DCR. However, if the ADR omitted the claim but the DH required one, they would receive an error.
    • Participants including the ACCC requested this issue be treated as urgent.
    • The DSB has asked participants to publicly request Issue #479 be treated as urgent on GitHub.

  • Issue #522: OpenID Provider Configuration End Point parameter requirements

    • No strong view against Option 2.
    • If there is a broader move to refer to upstream specs this would be supported.
    • DSB proposed an option to consider the addition of 'implementation notes' in the non-normative examples to draw attention to the upstream standards.
    • This was well received by participants on the call.

  • Issue #547: Update SSA and Client Registration standards for JARM and Authorization Code Flow

    • Discussed and no issues raised.
    • DSB to progress the proposal.

  • Issue #535: Standard appears to redefine requirements for private_key_jwt authentication

    • No issues with the change to align to OIDC.
    • Regarding the change obligation, participants agreed it would be better to align with other FAPI 2.0 changes in the future to reduce implementation workload.
    • Prefer to align to OIDC and pass FAPI CTS but no time pressure driver.

Energy

  • Issue #520: Stepped solar feed in tariffs in Energy
    • Participants have noted support for option 2 on the CR. No issues or concerns with option 2 were raised during the call.
    • There was a preference to align the FDO of the change to the Tranche 2 Energy go live date of 15 May 2023. The DSB will update the proposal to reflect this.

Banking

Register

Iteration 13 Holistic Feedback

  • Issue #551: Iteration 13 Holistic Feedback
    • A number of low risk items have been identified, DSB will review in detail and requests the community check for any that could be a breaking change so they can be escalated to a separate CR.
    • readQualities in this comment was intended to be an array.
    • DSB to confirm with Energy retailers that readQualities in comment does not cause a breaking change.

Other Business

  • None raised.

New Actions

InfoSec

  • The DSB has asked participants to publicly request Issue #479 be treated as urgent on GitHub.

Energy

See MI13 Holistic Issues below

Banking

None

Register

None

MI13 Holistic Issues

  • DSB to confirm with Energy retailers that readQualities in comment does not cause a breaking change.

Next Steps

Community to provide feedback on issues discussed and make a request on items that should be considered as URGENT by the Chair.