DSB Maintenance Iteration 15: Agenda & Minutes (31 May 2023) - ConsumerDataStandardsAustralia/standards GitHub Wiki
Date and time: 31/05/2023, 2:00pm – 4:00pm AEST
Location: Microsoft Teams Meeting
Dial-in details:
- https://teams.microsoft.com/l/meetup-join/19%3ameeting_MzkxYjlkY2EtYzI0Mi00M2E2LWEzMGQtY2Y5ZmY2ODZjMjI2%40thread.v2/0?context=%7b%22Tid%22%3a%22214f1646-2021-47cc-8397-e3d3a7ba7d9d%22%2c%22Oid%22%3a%2257cd8c59-9b50-4670-bc85-25281a11ec8d%22%7d
- Meeting ID: 473 910 562 836
- Passcode: Jmsgnq
- Dial In Number: +61 2 9161 1229
- Phone Conference ID: 186 427 655#
Chair: Brian Kirkpatrick, DSB
Maintenance overview: Further information
Maintenance project board: See here
Decision Proposal: This maintenance iteration is being consulted on under Decision Proposal 303: Maintenance Iteration 15
Housekeeping
Recording
The Maintenance Iteration Calls are recorded for note taking purposes only. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material will be provided without the participant's consent. Participants may email [email protected] should they have any further questions or wish to have any material redacted from the record.
Acknowledgement of Country
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
Agenda
- Introductions
- Release plan
- Open Consultations
- Future Plan
- Outstanding Actions
- Maintenance Iteration 15 Candidates
- Any other business
Meeting Minutes These will be updated following the meeting.
Introductions
The purpose of this meeting is to:
- Highlight progress on status of candidates.
- Confirm that no new standards maintenance issues have been raised to date that impact on scope of the MI.
Release plan
- Current version of the standards is 1.24.0 published on 7 May 2023, refer to the release notes for details. Decision Proposal 281 - Maintenance Iteration 14 was approved by the DSB Chair on 4 May 2023.
Open Consultations
The following Consultations are open for community feedback
| Consultation | Closing date |
|---|---|
| Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Noting Paper 276 - Proposed V5 Rules: Standards Impacts | TBD Link to consultation |
| Decision Proposal 288 - Non-Functional Requirements Revision | 19 May 2023 Closed Link to DSB consultation feedback |
| Decision Proposal 306 - Updates to Banking Product and Account Detail | TBD Link to consultation |
Future Plan
Review of April-June Quarter and new changes: https://github.com/orgs/ConsumerDataStandardsAustralia/projects/23
NOTE: the future plan project was recently migrated from Projects (Classic) to Projects. The issues have not changed. If you had the Project saved to your favourites or bookmarked you will need to update the link.
Outstanding Actions
NOTE: Where a :bulb: appears it indicates the Action will be discussed later in the Agenda under Maintenance Iteration 15 Candidates. Additionally, new actions from the last meeting have been resolved and will be discussed along with the relevant issue.
InfoSec
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide with regard to Issue #522 OpenID Provider Configuration End Point parameter requirements.
- In progress :bulb:
Maintenance Iteration 15 Candidates
In the first two meetings of the Maintenance Iteration 15 participants agreed on the following candidates and identified a number of candidates that require broader consultation in a Decision Proposal.
| Domain | # | Issue | Description | Status | Link |
|---|---|---|---|---|---|
| InfoSec | 516 | Get OpenId Provider Config and Get JWKS API documented paths are incorrect | Documentation Fix. Add idp / cdr-register/v1 to examples path | Candidate | Staging TBC |
| InfoSec | 522 | OpenID Provider Configuration End Point parameter requirements | Discussion covered both options (1) Prescriptive CDS documentation and (2) Referal to upstream standards. | Candidate | Proposal made |
| InfoSec | 559 | FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute | Documentation Fix | Candidate | Staged |
| InfoSec | 590 | Remove FAPI 1.0 draft references | Documentation Fix | Candidate | Staged |
| Banking | 536 | Define new toUType value to relevant schemas | Update to CDS Banking OAS for digitalWalletPayee | Candidate | Staged |
| Banking | 585 | Clarify Base and Adjustment Rate Types | Documentation Update proposed | Candidate | Staged |
| Energy | 591 | 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation | Documentation Update | Candidate | Staging TBC |
| Energy | 592 | EnergyBillingDemandTransaction - timeOfUseType - New Value | Documentation Update proposed | Candidate | Staging TBC |
| Schema | 413 | 400 Error code missing in swagger for some endpoints | To be considered along with 575. | Candidate | Staging TBC |
| Schema | 575 | Inconsistency of data types in various schema | To be considered along with 413. | Candidate | Staging TBC |
| Schema | 469 | Add isQueryParamUnsupported to MetaPaginated for schema validation | Documentation and OAS modification | Discuss | NA |
| Register | 581 | ADR ability to remove DCR without clientId | Please refer specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC | Out of Scope | NA |
| NFR | 554 | OTP NFR added to the Consumer Data Standards | Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. | Out of Scope | Refer comment for further links. |
| Infosec | 480 | 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers | MI11 / MI12 discussions | Out of Scope | NA |
Maintenance Iteration 15 related CR Decision Proposals
| Domain | # | Issue | Description | Status | DP |
|---|---|---|---|---|---|
| MI 15 | 586 | Maintenance Iteration 15 Holistic Feedback | Maintenance Iteration Holistic Decision Proposal | Decision Proposal | Placeholder |
| Banking | 567 | BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 569 | Home Loan Revert rate and product is not available | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 584 | Flag for account(s) not shared | Considered a large change. Specific Decision Proposal recommended approach | Decision Proposal | Placeholder TBC |
| Schema | 538 | Payload conventions; optional fields with null values aren't defined in schemas | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
| Schema | 578 | Native OAS Versioning Support | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
Other Business
Participants are invited to raise topics related to the Consumer Data Standards that would benefit from the groups' consideration.
Meeting Minutes
Outstanding Actions
NOTE: Where a :bulb: appears it indicates the Action will be discussed later in the Agenda under Maintenance Iteration 15 Candidates.
InfoSec
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide with regard to Issue #522 OpenID Provider Configuration End Point parameter requirements.
- In progress; preliminary advice has been received, when finalised DSB will post on the issue.
Maintenance Iteration 15 Candidates
| Domain | # | Issue | Description | Status | Link |
|---|---|---|---|---|---|
| InfoSec | 516 | Get OpenId Provider Config and Get JWKS API documented paths are incorrect | Documentation Fix. Add idp / cdr-register/v1 to examples path | Candidate | Staged |
| InfoSec | 522 | OpenID Provider Configuration End Point parameter requirements | Discussion covered both options (1) Prescriptive CDS documentation and (2) Referal to upstream standards. | Candidate | Staged |
| InfoSec | 559 | FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute | Documentation Fix | Candidate | Staged |
| InfoSec | 590 | Remove FAPI 1.0 draft references | Documentation Fix | Candidate | Staged |
| Banking | 536 | Define new toUType value to relevant schemas | Update to CDS Banking OAS for digitalWalletPayee | Candidate | Staged |
| Banking | 585 | Clarify Base and Adjustment Rate Types | Documentation Update proposed | Candidate | Staged |
| Energy | 591 | 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation | Documentation Update | Candidate | Staging TBC |
| Energy | 592 | EnergyBillingDemandTransaction - timeOfUseType - New Value | Documentation Update proposed | Candidate | Staging TBC |
| Schema | 413 | 400 Error code missing in swagger for some endpoints | To be considered along with 575. | Candidate | Staging TBC |
| Schema | 575 | Inconsistency of data types in various schema | To be considered along with 413. | Candidate | Staging TBC |
| Schema | 469 | Add isQueryParamUnsupported to MetaPaginated for schema validation | Documentation and OAS modification | Staging TBC | NA |
| Register | 581 | ADR ability to remove DCR without clientId | Decision Proposal proposed for DCR Register DELETE made mandatory. Please refer to specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC | Out of Scope | NA |
| NFR | 554 | OTP NFR added to the Consumer Data Standards | Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. | Out of Scope | Refer comment for further links. |
| Infosec | 480 | 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers | MI11 / MI12 discussions | Out of Scope | NA |
Maintenance Iteration 15 related CR Decision Proposals
| Domain | # | Issue | Description | Status | DP |
|---|---|---|---|---|---|
| MI 15 | 303 | Maintenance Iteration 15 Decision Proposa; | Maintenance Iteration Holistic Decision Proposal | Decision Proposal | Placeholder |
| Banking | 567 | BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 569 | Home Loan Revert rate and product is not available | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 584 | Flag for account(s) not shared | Considered a large change. Specific Decision Proposal recommended approach | Decision Proposal | Placeholder TBC |
| Register | 581 | ADR ability to remove DCR without clientId | DCR Register DELETE made mandatory | Decision Proposal | Placeholder TBC |
| Schema | 538 | Payload conventions; optional fields with null values aren't defined in schemas | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
| Schema | 578 | Native OAS Versioning Support | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
Other Business
- Discussion on confirmation of Energy CR's scope/ updates for #591/#592, commentary from participants expected.
- Discussion on #581 identified two related issues, further analysis required.
New Actions
- Consider the need for a DP to resolve issues for DCR raised in #581.
Next Steps
DSB working through final proposals for MI15 candidates to close them out when this iteration concludes on 14 June.