-
Notifications
You must be signed in to change notification settings - Fork 56
DSB Maintenance Iteration 15: Agenda & Minutes (14 June 2023)
Date and time: 14/06/2023, 2:00pm – 4:00pm AEST
Location: Microsoft Teams Meeting
Dial-in details:
- https://teams.microsoft.com/l/meetup-join/19%3ameeting_MzkxYjlkY2EtYzI0Mi00M2E2LWEzMGQtY2Y5ZmY2ODZjMjI2%40thread.v2/0?context=%7b%22Tid%22%3a%22214f1646-2021-47cc-8397-e3d3a7ba7d9d%22%2c%22Oid%22%3a%2257cd8c59-9b50-4670-bc85-25281a11ec8d%22%7d
- Meeting ID: 473 910 562 836
- Passcode: Jmsgnq
- Dial In Number: +61 2 9161 1229
- Phone Conference ID: 186 427 655#
Chair: Brian Kirkpatrick, DSB
Maintenance overview: Further information
Maintenance project board: See here
Decision Proposal: This maintenance iteration is being consulted on under Decision Proposal 303: Maintenance Iteration 15
The Maintenance Iteration Calls are recorded for note taking purposes only. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material will be provided without the participant's consent. Participants may email [email protected] should they have any further questions or wish to have any material redacted from the record.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
- Introductions
- Release plan
- Open Consultations
- Future Plan
- Outstanding Actions
- Maintenance Iteration 15 Candidates
- Any other business
Meeting Minutes These will be updated following the meeting.
The purpose of this meeting is to:
- Confirm which candidates can be finalised where the proposed solution is complete or agree to carry incomplete candidates into MI16.
- Current version of the standards is 1.24.0 published on 7 May 2023.
- On conclusion of Maintenance Iteration 15 Decision Proposal 303 will be prepared for the Chair's approval and changes to the standards will be staged for publication in 1.25.0.
The following Consultations are open for community feedback
| Consultation | Closing date |
|---|---|
| Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Noting Paper 276 - Proposed V5 Rules: Standards Impacts | TBD Link to consultation |
| Decision Proposal 288 - Non-Functional Requirements Revision | 19 May 2023 Closed Link to DSB consultation feedback |
| Decision Proposal 306 - Updates to Banking Product and Account Detail | TBD Link to consultation |
| Noting Paper 307 - LCCD Consultation Approach | TBD Link to consultation |
Review of April-June Quarter and new changes: https://github.com/orgs/ConsumerDataStandardsAustralia/projects/23
NOTE: the future plan project was recently migrated from Projects (Classic) to Projects. The issues have not changed. If you had the Project saved to your favourites or bookmarked you will need to update the link.
NOTE: Where a 💡 appears it indicates the Action will be discussed later in the Agenda under Maintenance Iteration 15 Candidates. Additionally, new actions from the last meeting have been resolved and will be discussed along with the relevant issue.
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide with regard to Issue #522 OpenID Provider Configuration End Point parameter requirements.
- In progress 💡
In the first two meetings of Maintenance Iteration 15 participants agreed on the following candidates and identified a number of candidates that require broader consultation in a Decision Proposal.
| Domain | # | Issue | Description | Status | Link |
|---|---|---|---|---|---|
| InfoSec | 516 | Get OpenId Provider Config and Get JWKS API documented paths are incorrect | Documentation Fix. Add idp / cdr-register/v1 to examples path | Candidate | Staging TBC |
| InfoSec | 522 | OpenID Provider Configuration End Point parameter requirements | Discussion covered both options (1) Prescriptive CDS documentation and (2) Referal to upstream standards. | Candidate | Proposal made |
| InfoSec | 559 | FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute | Documentation Fix | Candidate | Staged |
| InfoSec | 590 | Remove FAPI 1.0 draft references | Documentation Fix | Candidate | Staged |
| Banking | 536 | Define new toUType value to relevant schemas | Update to CDS Banking OAS for digitalWalletPayee | Candidate | Staged |
| Banking | 585 | Clarify Base and Adjustment Rate Types | Documentation Update proposed | Candidate | Staged |
| Energy | 591 | 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation | Documentation Update | Candidate | Staging TBC |
| Energy | 592 | EnergyBillingDemandTransaction - timeOfUseType - New Value | Documentation Update proposed | Candidate | Staging TBC |
| Schema | 413 | 400 Error code missing in swagger for some endpoints | To be considered along with 575. | Candidate | Staging TBC |
| Schema | 575 | Inconsistency of data types in various schema | To be considered along with 413. | Candidate | Staging TBC |
| Schema | 469 | Add isQueryParamUnsupported to MetaPaginated for schema validation | Documentation and OAS modification | Discuss | NA |
| Register | 581 | ADR ability to remove DCR without clientId | Please refer specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC | Out of Scope | NA |
| NFR | 554 | OTP NFR added to the Consumer Data Standards | Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. | Out of Scope | Refer comment for further links. |
| Infosec | 480 | 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers | MI11 / MI12 discussions | Out of Scope | NA |
| Domain | # | Issue | Description | Status | DP |
|---|---|---|---|---|---|
| MI 15 | 586 | Maintenance Iteration 15 Holistic Feedback | Maintenance Iteration Holistic Decision Proposal | Decision Proposal | Placeholder |
| Banking | 567 | BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 569 | Home Loan Revert rate and product is not available | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 584 | Flag for account(s) not shared | Considered a large change. Specific Decision Proposal recommended approach | Decision Proposal | Placeholder TBC |
| Schema | 538 | Payload conventions; optional fields with null values aren't defined in schemas | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
| Schema | 578 | Native OAS Versioning Support | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
Participants are invited to raise topics related to the Consumer Data Standards that would benefit from the groups' consideration.
- Changes to the standards accommodating change requests consulted on in MI15 will be published in v1.25.0.
- Changes to NFRs described on the thread for Decision Proposal 288 - Non-Functional Requirements Revision have been sent to the Chair for approval. Unless feedback from DSAC suggests further adjustment is required, it is likely these changes will also be included in v1.25.0 along with MI15 issues.
- DSB to seek legal advice on the enforceability or the binding status of the standards versus an implementation guide with regard to Issue #522 OpenID Provider Configuration End Point parameter requirements.
- In progress; preliminary advice has been received, when finalised DSB will post on the issue.
The candidates tabled below have been consulted on in MI 15, the outcome is summarised in the Description column.
| Domain | # | Issue | Description | Status | Link |
|---|---|---|---|---|---|
| InfoSec | 516 | Get OpenId Provider Config and Get JWKS API documented paths are incorrect | Documentation Fix. Add idp / cdr-register/v1 to examples path issue to be updated |
Candidate | Staging TBC |
| InfoSec | 522 | OpenID Provider Configuration End Point parameter requirements | Have opted for prescriptive CDS documentation. | Candidate | Proposal made |
| InfoSec | 559 | FAPI 1.0 Final Phase 3 Obligation example for authorisation request using the Authorisation Code Flow does not have "response_mode" attribute | Documentation Fix One comment to resolve |
Candidate | Staged |
| InfoSec | 590 | Remove FAPI 1.0 draft references | Documentation Fix | Candidate | Staged |
| Banking | 536 | Define new toUType value to relevant schemas | Update to CDS Banking OAS for digitalWalletPayee | Candidate | Staged |
| Banking | 585 | Clarify Base and Adjustment Rate Types | Documentation Update proposed | Candidate | Staged |
| Energy | 591 | 'Get Agreed Payment Schedule' - BSB and Account Number Tokenisation/non-Tokenisation | Update description of isTokenised field.Changes discussed with Rules Team, will be monitored and if misused will be revisited. |
Candidate | Staging TBC |
| Energy | 592 | EnergyBillingDemandTransaction - timeOfUseType - New Value | Add new ENUM values as requested in CR | Candidate | Staging TBC |
| Schema | 413 | 400 Error code missing in swagger for some endpoints | To be considered along with 575. | Candidate | Staging TBC |
| Schema | 575 | Inconsistency of data types in various schema | To be considered along with 413. | Candidate | Staging TBC |
| Schema | 469 | Add isQueryParamUnsupported to MetaPaginated for schema validation | Documentation and OAS modification, limited to non-material changes | Changes TBC | NA |
| NFR | 554 | OTP NFR added to the Consumer Data Standards | Participants concluded it would be sensible to defer further consultation, subject to the outcomes of Decision Proposal 288 - Non Functional Requirements Revision and Noting Paper 280 - CX of Authentication Uplift. | Out of Scope | Refer comment for further links. |
| Infosec | 480 | 1.13.0 appears to have broken pseudonymity of Pairwise Identifiers | MI11 / MI12 discussions | Out of Scope | NA |
| MI 15 | 586 | Maintenance Iteration 15 Holistic Feedback | Minor changes to the standards proposed and staged | see thread for full details |
The following issues were prioritised for consultation in MI15, however they require analysis and consideration outside of the MI cycle and will be managed through a decision proposal.
Note #581 has been moved from the Candidate table above to Decision Proposals.
| Domain | # | Issue | Description | Status | DP |
|---|---|---|---|---|---|
| Banking | 567 | BankingProductLendingRateV2 - Lending Rates - FIXED/INTEREST_ONLY period end date cannot be determined | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 569 | Home Loan Revert rate and product is not available | Changes will be proposed in a Decision Proposal | Decision Proposal | Decision Proposal 306 |
| Banking | 584 | Flag for account(s) not shared | Considered a large change. Specific Decision Proposal recommended approach | Decision Proposal | Placeholder TBC |
| Schema | 538 | Payload conventions; optional fields with null values aren't defined in schemas | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
| Schema | 578 | Native OAS Versioning Support | DP to be considered for future upgrade of OAS Support (3.1.0) | Decision Proposal | Placeholder TBC |
| Register | 581 | ADR ability to remove DCR without clientId | Please refer specific ACCC commentary on this issue. ADRs are recommended to raise associated issues with the ACCC | Decision Proposal | Placeholder TBC |
- DSB asked attendees whether any of the changes consulted on in MI 15 would be contentious if adopted? Attendees did not raise any concerns, enabling the changes to proceed.
- DSB will continue staging changes for community review and draft the Decision Proposal for the Chairs approval to publish v1.25.0. Updates will be posted on individual issues and notified on Decision Proposal 303 - Maintenance Iteration 15 when approved.