DSB Maintenance Iteration 15: Agenda & Minutes (14 June 2023) - ConsumerDataStandardsAustralia/standards GitHub Wiki

Date and time: 14/06/2023, 2:00pm – 4:00pm AEST

Location: Microsoft Teams Meeting

Dial-in details:

Chair: Brian Kirkpatrick, DSB

Maintenance overview: Further information

Maintenance project board: See here

Decision Proposal: This maintenance iteration is being consulted on under Decision Proposal 303: Maintenance Iteration 15

Housekeeping

Recording

The Maintenance Iteration Calls are recorded for note taking purposes only. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material will be provided without the participant's consent. Participants may email [email protected] should they have any further questions or wish to have any material redacted from the record.

Acknowledgement of Country

We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.

We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.

Agenda

  • Introductions
  • Release plan
  • Open Consultations
  • Future Plan
  • Outstanding Actions
  • Maintenance Iteration 15 Candidates
  • Any other business

Meeting Minutes These will be updated following the meeting.

Introductions

The purpose of this meeting is to:

  • Confirm which candidates can be finalised where the proposed solution is complete or agree to carry incomplete candidates into MI16.

Release plan

  • Current version of the standards is 1.24.0 published on 7 May 2023.
  • On conclusion of Maintenance Iteration 15 Decision Proposal 303 will be prepared for the Chair's approval and changes to the standards will be staged for publication in 1.25.0.

Open Consultations

The following Consultations are open for community feedback

Consultation Closing date
Decision Proposal 229 - CDR Participant Representation Placeholder: no close date Link to consultation
Noting Paper 276 - Proposed V5 Rules: Standards Impacts TBD Link to consultation
Decision Proposal 288 - Non-Functional Requirements Revision 19 May 2023 Closed Link to DSB consultation feedback
Decision Proposal 306 - Updates to Banking Product and Account Detail TBD Link to consultation
Noting Paper 307 - LCCD Consultation Approach TBD Link to consultation

Future Plan

Review of April-June Quarter and new changes: https://github.com/orgs/ConsumerDataStandardsAustralia/projects/23

NOTE: the future plan project was recently migrated from Projects (Classic) to Projects. The issues have not changed. If you had the Project saved to your favourites or bookmarked you will need to update the link.

Outstanding Actions

NOTE: Where a :bulb: appears it indicates the Action will be discussed later in the Agenda under Maintenance Iteration 15 Candidates. Additionally, new actions from the last meeting have been resolved and will be discussed along with the relevant issue.

InfoSec

Maintenance Iteration 15 Candidates

In the first two meetings of Maintenance Iteration 15 participants agreed on the following candidates and identified a number of candidates that require broader consultation in a Decision Proposal.

Domain # Issue Description Status Link
InfoSec 516 Get OpenId Provider Config and Get JWKS API documented paths are incorrect Documentation Fix. Add idp / cdr-register/v1 to examples path Candidate Staging TBC
InfoSec 522 OpenID Provider Configuration End Point parameter requirements Discussion covered both options (1) Prescriptive CDS documentation and (2) Referal to upstream standards. Candidate Proposal made
InfoSec 559 FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute Documentation Fix Candidate Staged
InfoSec 590 Remove FAPI 1.0 draft references Documentation Fix Candidate Staged
Banking 536 Define new toUType value to relevant schemas Update to CDS Banking OAS for digitalWalletPayee Candidate Staged
Banking 585 Clarify Base and Adjustment Rate Types Documentation Update proposed Candidate Staged
Energy 591 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation Documentation Update Candidate Staging TBC
Energy 592 EnergyBillingDemandTransaction - timeOfUseType - New Value Documentation Update proposed Candidate Staging TBC
Schema 413 400 Error code missing in swagger for some endpoints To be considered along with 575. Candidate Staging TBC
Schema 575 Inconsistency of data types in various schema To be considered along with 413. Candidate Staging TBC
Schema 469 Add isQueryParamUnsupported to MetaPaginated for schema validation Documentation and OAS modification Discuss NA
Register 581 ADR ability to remove DCR without clientId Please refer specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC Out of Scope NA
NFR 554 OTP NFR added to the Consumer Data Standards Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. Out of Scope Refer comment for further links.
Infosec 480 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers MI11 / MI12 discussions Out of Scope NA

Maintenance Iteration 15 related CR Decision Proposals

Domain # Issue Description Status DP
MI 15 586 Maintenance Iteration 15 Holistic Feedback Maintenance Iteration Holistic Decision Proposal Decision Proposal Placeholder
Banking 567 BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined Changes will be proposed in a Decision Proposal Decision Proposal Decision Proposal 306
Banking 569 Home Loan Revert rate and product is not available Changes will be proposed in a Decision Proposal Decision Proposal Decision Proposal 306
Banking 584 Flag for account(s) not shared Considered a large change. Specific Decision Proposal recommended approach Decision Proposal Placeholder TBC
Schema 538 Payload conventions; optional fields with null values aren't defined in schemas DP to be considered for future upgrade of OAS Support (3.1.0) Decision Proposal Placeholder TBC
Schema 578 Native OAS Versioning Support DP to be considered for future upgrade of OAS Support (3.1.0) Decision Proposal Placeholder TBC

Other Business

Participants are invited to raise topics related to the Consumer Data Standards that would benefit from the groups' consideration.

Meeting Minutes

Release Plan

  • Changes to the standards accommodating change requests consulted on in MI15 will be published in v1.25.0.
  • Changes to NFRs described on the thread for Decision Proposal 288 - Non-Functional Requirements Revision have been sent to the Chair for approval. Unless feedback from DSAC suggests further adjustment is required, it is likely these changes will also be included in v1.25.0 along with MI15 issues.

Outstanding Actions

InfoSec

Maintenance Iteration 15 Candidates

The candidates tabled below have been consulted on in MI 15, the outcome is summarised in the Description column.

Domain # Issue Description Status Link
InfoSec 516 Get OpenId Provider Config and Get JWKS API documented paths are incorrect Documentation Fix. Add idp / cdr-register/v1 to examples path issue to be updated Candidate Staging TBC
InfoSec 522 OpenID Provider Configuration End Point parameter requirements Have opted for prescriptive CDS documentation. Candidate Proposal made
InfoSec 559 FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute Documentation Fix One comment to resolve Candidate Staged
InfoSec 590 Remove FAPI 1.0 draft references Documentation Fix Candidate Staged
Banking 536 Define new toUType value to relevant schemas Update to CDS Banking OAS for digitalWalletPayee Candidate Staged
Banking 585 Clarify Base and Adjustment Rate Types Documentation Update proposed Candidate Staged
Energy 591 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation Update description of isTokenised field. Changes discussed with Rules Team, will be monitored and if misused will be revisited. Candidate Staging TBC
Energy 592 EnergyBillingDemandTransaction - timeOfUseType - New Value Add new ENUM values as requested in CR Candidate Staging TBC
Schema 413 400 Error code missing in swagger for some endpoints To be considered along with 575. Candidate Staging TBC
Schema 575 Inconsistency of data types in various schema To be considered along with 413. Candidate Staging TBC
Schema 469 Add isQueryParamUnsupported to MetaPaginated for schema validation Documentation and OAS modification, limited to non-material changes Changes TBC NA
NFR 554 OTP NFR added to the Consumer Data Standards Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. Out of Scope Refer comment for further links.
Infosec 480 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers MI11 / MI12 discussions Out of Scope NA
MI 15 586 Maintenance Iteration 15 Holistic Feedback Minor changes to the standards proposed and staged see thread for full details

Maintenance Iteration 15 related CR Decision Proposals

The following issues were prioritised for consultation in MI15, however they require analysis and consideration outside of the MI cycle and will be managed through a decision proposal.

Note #581 has been moved from the Candidate table above to Decision Proposals.

Domain # Issue Description Status DP
Banking 567 BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined Changes will be proposed in a Decision Proposal Decision Proposal Decision Proposal 306
Banking 569 Home Loan Revert rate and product is not available Changes will be proposed in a Decision Proposal Decision Proposal Decision Proposal 306
Banking 584 Flag for account(s) not shared Considered a large change. Specific Decision Proposal recommended approach Decision Proposal Placeholder TBC
Schema 538 Payload conventions; optional fields with null values aren't defined in schemas DP to be considered for future upgrade of OAS Support (3.1.0) Decision Proposal Placeholder TBC
Schema 578 Native OAS Versioning Support DP to be considered for future upgrade of OAS Support (3.1.0) Decision Proposal Placeholder TBC
Register 581 ADR ability to remove DCR without clientId Please refer specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC Decision Proposal Placeholder TBC

Other Business

  • DSB asked attendees whether any of the changes consulted on in MI 15 would be contentious if adopted? Attendees did not raise any concerns, enabling the changes to proceed.

Next Steps

  • DSB will continue staging changes for community review and draft the Decision Proposal for the Chairs approval to publish v1.25.0. Updates will be posted on individual issues and notified on Decision Proposal 303 - Maintenance Iteration 15 when approved.