4.1.   Australia (Dima/Stuart)

n/a

4.2.   Berlin Group (Francis)

n/a

4.3.   European Commission (Mark/Torsten)

Consultation response to be dealt with in eKYC WG. To submit tomorrow.

4.4.   ETSI (Ralph)

n/a

4.5.   FDX (Anoop)

n/a

4.6.   UK (Chris/Ralph)

Chris reported:

5.1.   #309 Decision on message signing for FAPI 2 Advanced (Daniel)

• #309

Agreement on having control objectives. However, there is no agreement on what needs to be written as the control measure.

Almost 40 minutes of the call time was spent on the discussion on whether we should recommend detached JWS or something else. This is to be continued next week.

Takahiko asked if there is any documentation on pros and cons of various approaches. Joseph pointed to https://bitbucket.org/openid/fapi/src/master/Financial_API_HTTP_Signing.md .

Takahiko volunteered to review it.

6.1.   PR 189 FAPI-RW: Require PKCE when using PAR (Stuart)

Feedback from Stuart on AU impact after his talk with AU lead.

6.2.   PR 182 Add non-normative examples of various objects

Last ACTion: ALL: Please provide independent checks.

It should be ready to be merged in a few days.

6.3.   PR 187 Privacy Considerations

1. Agreed to make it advise to implementers and not a statement of limitations. 1. Agreed to remove general bit and only deal with FAPI specific topics if there is any. 1. Agreed to remove all ISO references with "shall" or "should" keywords. 1. Agreed to have no "shall" in this section.