Wiki
Clone wikifapi / FAPI_Meeting_Notes_2020-09-02_Atlantic
FAPI WG Meeting Notes (2020-09-02)
Date & Time: 2020-09-02 14:00 UTC
Location: GoToMeeting https://global.gotomeeting.com/join/321819862
Agenda
The meeting was called to order at 14:05 UTC.
1. Roll Call
- Attending: Nat, Mark, Daniel, Joseph, Torsten, Takahiko, Dima, Brian, Tony, Kosuke, Dave, Francis, Bjorn, Chris, Freddi
- Regrets:
- Guest:
2. Adoption of Agenda (Nat)
- Message Signing
4. External Organizations
4.3. European Commission (Mark/Torsten)
Consultation response to be dealt with in eKYC WG. To submit tomorrow.
4.5. FDX (Anoop)
n/a
4.6. UK (Chris/Ralph)
Chris reported:
5. Issues (Anoop)
- #306 (Anoop)
5.1. #309 Decision on message signing for FAPI 2 Advanced (Daniel)
Agreement on having control objectives. However, there is no agreement on what needs to be written as the control measure.
Almost 40 minutes of the call time was spent on the discussion on whether we should recommend detached JWS or something else. This is to be continued next week.
Takahiko asked if there is any documentation on pros and cons of various approaches. Joseph pointed to https://bitbucket.org/openid/fapi/src/master/Financial_API_HTTP_Signing.md .
Takahiko volunteered to review it.
6. PRs for 1.0 (Dave)
6.1. PR 189 FAPI-RW: Require PKCE when using PAR (Stuart)
Feedback from Stuart on AU impact after his talk with AU lead.
6.2. PR 182 Add non-normative examples of various objects
Last ACTion: ALL: Please provide independent checks.
It should be ready to be merged in a few days.
6.3. PR 187 Privacy Considerations
1. Agreed to make it advise to implementers and not a statement of limitations. 1. Agreed to remove general bit and only deal with FAPI specific topics if there is any. 1. Agreed to remove all ISO references with "shall" or "should" keywords. 1. Agreed to have no "shall" in this section.
Updated