Clone wiki

fapi / FAPI_Meeting_Notes_2017-05-24

FAPI WG Meeting Notes (2017-05-24)

Date & Time: 2017-05-24 14:00 UTC

Location: GoToMeeting

The meeting was called to order at 15:00 UTC.

1.   Roll Call

  • Attending: Nat, Dave, Joseph, Brian, Tom, Pam
    • Guest: Bjorn
  • Regrets: Tony, John (due to travel)

2.   Adoption of the Agenda (Nat)

  • Added FS-ISAC and TC68 in the External Orgs report.

3.   External Orgs

3.1.   Euro Retail Payments Board (Dave)

3.2.   UK Open Banking (Nat)

  • Contribution on the way.
  • Joint WS on July 12 (Logistics for traveling from London to Zurich need to sort out)
  • Maybe it can be a joint WS with Modrna WG as well.
  • Need to do call before. Nat and Bjorn will coordinate.

3.3.   Mobile Connect (Nat/Bjorn)

  • FAPI should look at both CIBA and user questioning.
  • Supporting both Redirection and Decoupled authentication may help. Embedded is MITM.

3.4.   FS-ISAC (Brian)

  • API Subcommittee of FS-ISAC aggregation group met last week.
  • Financial institutions and aggregators like Yodlee, Finecity, Intuit, etc. came along and had a very good discussion.
  • The Open Banking Announcement came in at a perfect timing.
  • People agreed that there is no need to re-invent the wheel.
  • Introduction of the FS-ISAC aggregation group leadership will follow soon.
  • Nat mensioned that he will be in Chicago in mid-June for CIS so if it could be around that time, it would be very convenient for him. Otherwise, there are many other US-based leaders of FAPI so it can be coordinated with them.
  • Pam said that she will be able to help the logistics if it happens around CIS.

3.5.   TC68

  • Liaison request has been sent out and has been acknowledged.
  • It is in the 4 months letter ballot period.
  • Dave asked Nat whether he heard back from the ISO 20022 leadership that he introduced. Nat said that he did not and needs to follow it up, noting that the current liaison request is at TC68 level.

4.   Part 2: WGLC Issues

  • #99 - Clarification on TLS advisory. The group agreed to reference the BCP with the wording modification proposed by Joseph.
  • Will apply the changes. Only editorial changes remain.
  • Re: public/confidential client -- has the re-read resulted in any issues? > Dave and Ralph

5.   AOB

5.1.   Implementations

  • Dave reported that, in addition to Ping and Forgerock that we already knew, Apigee and IBM are likely to implement FAPI as well.
  • Joseph reported that Authlete intends to as well.
  • Nat mentioned that he is going to check with CA as well.

5.2.   Next Call (Pacific)

  • Please do refer to the group calendar for the time.

The meeting was adjourned at 14:38 UTC.