5.1.   Open Banking UK (Ralph)

• Nothing significant. (Barry)
• Last week officially approved ver. 3 of Open Banking Spec., that removed OB specific changes.

5.2.   Security Profile Comparison (Dave)

After the meeting with STET and Berlin group, Dave decided to come up with the security comparison of each protocol so that we will be able to see what are the diffs and what needs to be done to align more closely. During the process, Dave found a substantial attack vector to Berlin group draft.

The draft is still private but has progressed substantially so that it can be shared among people who are interested to review the document. To do so, please write to Dave.

Dave is also trying to list what portion of the current conformance suite can be used by STET and Berlin Group.

Torsten, who has already seen the draft, pointed out that we should have threat models explained in the document so that people will understand what needs to be looked at.

The end state of the document is still open to discussion. Some suggestion made were to publish it as WG Technical Report or as a FAPI Wiki page.

6.1.   Part 2 Related Issues

• https://bitbucket.org/openid/fapi/issues?status=new&status=open&component=Part%202%3A%20RW%20Security

Issues #171, #172, #173 were dealt with. Please refer to the tickets for the details.

We were not able to reach part 1 issues and CIBA related issues by the end of the call. These are going to be dealt with in the mailing list, etc.

• Part 1 Related Issues: https://bitbucket.org/openid/fapi/issues?status=new&status=open&component=Part%201%3A%20RO%20Security
• CIBA Related Issues : https://bitbucket.org/openid/fapi/issues?status=new&status=open&component=CIBA

7.1.   Next Call

Next Pacific call will go as scheduled.

• The meeting was adjourned at 15:03 UTC.