January 19, 2024 Architecture Team Meeting Notes

Attendees

@Wes Brown

@PSRAMKUMAR

@Trev Harmon

Mike Schwartz

@Steve Conrad

Apologies

 

 

 

Agenda

Presenter

Duration

Discussion

Follow up on ID/Auth questions

@Steve Conrad

@PSRAMKUMAR

 

30 minutes

Notes from previous conversation: December 15, 2023 Architecture Team Meeting Notes

 

Ramkumar to start developing guidance on Authentication. Work through that and then address Authorization.

  • Ready to share with TC next week (Jan 25)

Need to work through questions on how this work will integrate with the new Digital Wallet BB group.

 

Question: Should we frame multiple approaches or design patterns?

  • Call out that in some cases, central authorization/authentication is desirable, in other cases we don’t want that.

  • Should we continue to articulate that BBs should not manage authorization/RBAC/IAM, but rather that this should be handled by the application?

 

Mike - new paradigms with authorization - OPA (Open Policy Agent) - allows sharing of policy/permissions (PDP). Multiple policy languages being developed (CEDAR, REGO). Central policy is required for governments.

Trev - need clear definition of what we mean by centralized

Mike - each domain/ministry/department can have it’s own policy server, but each uses the same mechanism/application/protocol.

 

Next steps:

  • Ramkumar to present authentication document at TC

  • Development of draft document on authorization

PAERA Document

@Aare Laponin

10 minutes

Update on development of Chapter 4 and assign reviewers

Chapter 4 draft is located here: https://docs.google.com/document/d/1dQoUMYhY12KmVGuhTq-zAl5JjR43Sl5n/edit?usp=drive_link&ouid=105470549337303062683&rtpof=true&sd=true

Chapter 4 technical Appendix is here: https://docs.google.com/document/d/1ttmPerUPgef7vbqGVkj4Bh9qrYuA8G8_/edit?usp=drive_link&ouid=105470549337303062683&rtpof=true&sd=true

 

Steve, Trev and Ramkumar to review Chapter 4 and make comments. Reviews to be complete by January 19.

Explore tooling that would allow us to keep the diagrams in an interactive portal, rather than just pdfs.

 

Updates on Chapter 5 progress

 

Moving arch team to TC

@Steve Conrad

10 minutes

Consolidating architecture and TC meetings - on Thursdays.

Future meeting topics list has been moved to Confluence: Tech Committee & Architecture Team Future Topics

Move architecture conversations to end of TC meetings. Articulate who are the decision makers. When specific decisions are needed, how should we manage? Set up ad hoc meeting with arch team?