FAPI WG Meeting Notes (2019-11-20)
Date & Time: 2019-11:20 14:00 UTC
Location: GoToMeeting https://global.gotomeeting.com/join/321819862
- 1. Roll Call
- 2. Adoption of the Agenda (nat)
- 3. External Organizations
- 4. Pull Requests
- 5. Issues
- 5.1. #255: certification clarification request: location of discovery document
- 5.2. #207: RS256 vs PS256 (again)
- 5.3. #236
- 5.4. #216 TLS_ECDHE_ECDSA cipher suites
- 5.5. #232: Part 1: Complete the privacy consideration section
- 5.6. #240: FAPI-R: length/entropy of authorization code / refresh token / client_secret
- 5.7. #242: Missing Bibliography Reference to FAPILI
- 5.8. #273: Security considerations re large access tokens
- 6. AOB
The meeting was called to order at 14:05 UTC.
- Craig Borysowich (Payments Canada)
- Dima Postnikov
- Stuart Low
- Rob Otto
Open Banking shared a new roadmap consultation mainly focused to wrap up functional spec. e.g., 9 CMA banks should be made available the sweeping service. CMA 9 must pass the functional test.
Nat started to explore getting PAS Submitter status.
It was discussed in the Dispatch group. Advised to do it in HTTP group.
Annabel has split Justin's PoP spec. into HTTP bit and OAuth Token presentation bit.
It looks like some evolution of Cavage may happen but it still is in the early days.
Tomorrow 8AM UTC.
Analysis of the current draft needs to be done.
Joseph has been talking with the EY team on testing. EY + Data 61 to drawing the testing plan. Data 61 wants to start an independent test.
Joseph is going to create a pull request.
Nat need to create a pull request.
Pending Dave's email intraction with crypto experts.
Nat to write the text.
Around Xmas time by Stuart.
To be recorded in the implementer's advice document. Concrete text is needed.
The meeting was adjourned at 14:56 UTC.