December 15, 2022 Technical Committee Meeting Notes
- Esther Ogunjimi
- Steve Conrad
Attendees
Previous Action Items
Action Items |
|---|
All wave 1&2 BB to define their core data model (data structure) in GitBook - @BB Leads BB definition template - @Steve Conrad @PSRAMKUMAR @Aleksander Reitsakas to confirm to Steve if he has bandwidth to work on API initial definition for IM BB Get an indicator of when the mock will be ready for compliance - @Satyajit Suri @Nico Lueck Work with BB Leads to build their roadmap in Jira and size up the tasks - @Steve Conrad ONGOING All BB leads yet to, should write their test plan and send to Taylor and Ramkumar (architecture team) to review and sign off. Pending with @Satyajit SuriONGOING Account mapper keeps the ID with payment discussion will be planned with Jaume (IDV BB) to better understand the API - @Mauree, Venkatesen Have focus discussion on role based access control for consent BB and feedback to TC - @Ain Aaviksoo (Deactivated) BB Leads to make a list of existing specification in terms of functionalities (which are the APIs that should be demonstrated) - make a list of what to work on in the specification - send to Ramkumar Collaborate on level 2 testing - @Taylor Downs @PSRAMKUMAR @Aleksander Reitsakas @Ingmar Vali |
Meeting Notes
Agenda | Presenter | Duration | Discussion |
| @nashcroft (Unlicensed) | 10 minutes | |
| @Taylor Downs | 30 minutes | Taylor: there is a spectrum between highly specific API definitions and more generic definitions. We also need to think about data standards vs metadata standards. Is GovStack a highly-prescriptive initiative (meaning fewer compliant products and compliance is more difficult) or more generalized (which will result in more effort required for each specific implementation) Jaume: Previous experience with ID/OSIA indicates that we should define behavioral/functional standards, but not specific data structures. Too much precision can lead to vendor lock-in Rachel: Whatever decision we make, we need to ensure that all BBs follow the same level of specificity. If we lose the ability to ‘switch’ products, then we lose the value of GovStack. Taylor: Being able to do seamless switching between products (without additional effort) requires detailed data standards. Metadata standards would mean that you need to do some work, but won’t need to re-architect. Aleksander: Advocate for detailed standards Jaume: We don’t have the ability or jurisdiction to define standards for many things - needs to be done at a governmental level. Ramkumar: We can use adapters to allow people to switch between products. The adapters can transform data to make compatible. We can define common/minimal data standards. Steve: Can we clearly defined what is prescribed/strictly defined in the specification, and what fields are defined only as metadata Rachel: This decision should be made at a higher level by the GC, because there are consequences/costs. Tech committee should make a recommendation and pass to the Governance committee. Jaume: Some sectors have well-defined standards. Where we have those, we could leverage. |
BB Authorization
| @Taylor Downs @Steve Conrad | 10 minutes | PostPartum-01-Example Implementation (Original - multiple steps) The X-Road model uses the security server to validate that an application has access, as opposed to passing an API key or auth token. What should our approach be? If we don’t use an auth token, how does a product register with the IM/security server? Can we include an auth token in addition to the ssl cert provided by IM? Ramkumar: IM shouldn’t care about the payload or headers of that request. Headers should go all the way through to a service. Aleksander: Will verify if that’s possible and we can reconnect offline. |
Meeting Cadence | @Steve Conrad | 5 minutes | |
Sprint review/scrum-of-scrums
| @Steve Conrad @Dominika Bieńkowska (Deactivated) @Satyajit Suri | 30 minutes |
|
Meeting Recording
Action Items