2023-09-18 - Work meeting

 

About this document: Agenda and notes are kept in the same document, a separate copy of the document is maintained for each meeting. Please add agenda points before the meeting. Action items created in previous meeting and all other unresolved action items are kept in the document. Please tick off any completed items.

Attendees

  • @Ain Aaviksoo (meeting facilitator)

  • @Benjamin Balder Bach (note keeper)

  • @Lal Chandran

 

CC: @PSRAMKUMAR @Philippe Page @George J Padayatti

Meeting Notes

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

Questions about GitBook merge request

 

  1. “registration process will know which Agreement IDs are eligible for registration” - how does this come to be?

  2. If and how are we validating the “External ID”? Is ID-BB involved in any manner?

 

Lal answered the questions: Agreement ID needs to be known for each data agreement that’s valid for the registration process. The application developer needs to know this essentially.

Data source: Population registry. They don’t really “care” what the application does, as long as the application can prove that a consent exists. The data source cold make a data agreement template available here.

Signatures: Other parties should never trust the Consent BB, but they should always verify the Signature that is provided with a Consent Record.

@Ain Aaviksoo will make some amendments about assumption of trust when verifying consent.

Other open questions

 

  • The Consent BB should authenticate the application itself! Maybe make a note about this. We will make a note next to Consent BB column about RBCA.

  • What should happen from the registration process once the consent is stored (?). We’ll note that the consent process has been concluded and the registration process may continue its process assuming that consent has been obtained.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Decision