Weekly notes IDBB w40

Sep 27, 2022

Attendees

  • @Ramesh Narayanan

  • @sasi

  • @PSRAMKUMAR

Meeting Note

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

Review of Authentication to GovStack with IDBB

 Jaume

UC prepared here, still waiting for review by WG.

Discussion around Identity Verification Use case requested by Ingmar.

Jaume, Sasi, Ramkumar

Jaume has preparer a draft UC for Ingmar to come in and clarify its Use Case, also answer to questions on privacy.

Sasi expressed a valid concern about the fact that opening an API to the IDBB registry thanks to which any system/operator could access to collect personnal information of any (even all) indivuals is an issue.

We agreed that such API is required for many usecase when a functional system need to get information collected by IDBB when following single-source-of-truth principles, but that specific authorization should be given to the relying party trying to access the information.

An authentication would be necessary to make sure that this authorization is given by the right person, but i’s not sufficient, and the authorization itself mentionning in a verifiable way all the details of what is consented by who and for who. This recorded authorization is a consent.

This consent is tighly connected to the identity, it would be collected by the ID building block (TBC), have a limited duration (sessiontime), it should be recorded and notified to the relying party.

We noted that the indivual's privacy should be respected by using a sectorial token of its identity, usable in all systems of this sector but not outside the sector. Cross sector interoperability is still a challenge in this model and will be the purpose of the ID Mapping study to be ran before the end of the year.

Jaume will prepare a web sequence diagram to illustrare a generic ID Attribute sharing based on a consent given. It will be reviewed this week within the working group and if agreed will be presented as part of the Technical Committee of w41.

Demo status

Sasi

Sasi confirmed availability of URL/openAPI for next week allowing to run the integration betwen IDDB demo and GovStack demo on-time in coming days.

 

Action Items

@Jaume DUBOIS to book a regular IDBB review on Thursday’s 10:30 CET to review action status/tackle issues
Invite @Taylor Downs for the next week to talk on APIs roadmap for the short term also about what application level responsibilities (ie errors management, redirecting)
@PSRAMKUMAR should talk to @Esther Ogunjimi (Unlicensed) about the best way to report weeklies on Confluence (my recommendation is to have cumulative way, which allows to have access to whole history, to have a precise follow-up and to write little notes each time) on-hold
@Taylor Downs give access to IDBB GitHub to Jaume, Ramesh and Sasi (https://github.com/GovStackWorkingGroup/bb-id
[w32] @Jaume DUBOIS to invite @Ingmar Vali in next meeting in order to talk about UIs integration
[w32] @Jaume DUBOIS to go on test plan draft ( https://govstack-global.atlassian.net/l/cp/uPoPtZMy ), it will be moved into GitHub once format will be understood > will need @Taylor Downs support
[w32] @Jaume DUBOIS to define how/who will manage spec migration into GitHub format (for now on-hold until clear guideline received)
[w32] @Jaume DUBOIS Add into IDBB backlog auditable logs - transaction log, administrative changes log, performance log, security log
[w33] @Jaume DUBOIS to share a web sequence diagram to describe in details interactions for authentication and a form filling > LINK
[w39] @Jaume DUBOIS to organize a call with @sasi@Ingmar Vali to go on technical integration > URL/openAPI not yet ready, still open, should be resolved by w41
[w39] @sasi to formalize API with support from @Jaume DUBOIS will be ready on w41
[w41] @Jaume DUBOIS will prepare a web sequence diagram to illustrare a generic ID Attribute sharing based on a consent given. It will be reviewed this week within the working group and if agreed will be presented as part of the Technical Committee of w41 > Draft sequence diagram is there (under internal review)

Decisions

  1. MOSIP will provide a demo instance (see 3 steps delivery plan in notes)
  2. [w32] IDBB will have its own UI. API and UI level switching are required but credential data security and privacy must be ensured > Meeting will happen w32 with Registration buildblock to cover that point.
  3. [w38] Torsten Lodderstedt (from OpenID Foundation) will join IDBB workgroup to support Authentication/KYC API definition
  4. [w39] GovStack demo should adapt to showcase IDBB block features capacities (added value)