2024-01-05 - Weekly Update

About this document: Agenda and notes are kept in the same document, a separate copy of the document is maintained for each meeting. Please add agenda points before the meeting. Action items created in previous meeting and all other unresolved action items are kept in the document. Please tick off any completed items.

Meeting link: https://meet.google.com/rsf-cqaq-eyq ordinary starting time at 07:45 UTC / 09:45 CET / 13:15 IST

Attendees

  • @Ain Aaviksoo (meeting facilitator)

  • @Benjamin Balder Bach (note keeper)

  • @Lal Chandran (out)

  • @PSRAMKUMAR (out)

  • @Philippe Page (out)

  • @George J Padayatti

Meeting Notes

This meeting was the first of the year, so we exercised our memories to get back to where we left off. There are notes below from agenda items that we discussed ad-hoc.

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

Kanban board + Action points from last week

skipped

  • Consent BB Spec 2.0 scoping (to be cont’d)

General update (5 min)

skipped

 

Update from iGrant

 

Sandbox integration WP3 is ongoing, and the Sandbox integration is ready.

Test compliance is being worked on now, too.

https://github.com/decentralised-dataexchange/bb-consent-docs/wiki/WPs-and-Deliverables

UI/UX and specification

 

Ain brought up the DDX Consent BB’s specification, in order to talk about a review of Govstack UX specification vs. DDX UX.

Action items

 

We have been discussion consent definition and alignment with the DDX solution in terms of:

  • Current specification’s consent definition

  • Data Agreement

  • Alignment with UX Guidelines

  • What do we need to add in the spec (schemas/endpoints) if the whole UI flow of DDX should be included?

Offline consent

in preparation for next meeting

Notes from this meeting:

  • on-demand consent is perhaps less of a “practical” need for Government use-cases, since government usecases often have a legal basis (legitimate interest/obligation etc)

  • Ain notes that it’s the role of the application (not the Consent BB) to produce “on-demand” consent, so the Consent BB supports this scenario, however it does not directly facilitate it.

  • We can think of our specification text with the reader in mind. In this case, we can support readers looking to “plug in” the Consent BB in a data transaction in order to guide their understanding towards best-practice consent design and app architecture.

To summarize this, we believe that it’s possible to include “on-demand” consent by describing how an application can use the Consent BB for this scenario. This can be a section in the specification. [immediately after the meeting, this has been captured as a candidate for the FAQ section]

We’ll continue this discussion in the next meeting to cover other aspects of offline consent that are relevant to our immediate roadmap.

Note from original meeting: We had to postpone this. Note that we’re trying to figure out a terminology here. “On-demand” consent was used to emphasize the risks of this kind of thinking, but “offline consent” will help us capture the broader nature. Everyone is encouraged to think about terminology

UI/UX feature in DDX Spec

 

Should we add this to Consent BB spec too?

Consent delegation

skipped

Review necessary Gherkin scenarios to implement

@Benjamin Balder Bach Skipped

CON-15: Create test configuration for Consent Configuration APIsIn Progress

Spec 2.0: Unfolding new roadmap items

Skipped

 

New issues

@sasi

parked for future meeting

  • What do we expect other BBs that call Consent-BB to store?

  • When do we like to use Consent-BB and when do we not expect this? (This should also be know to the auditor.)

Discussion: How shall we address such matters, which do not fit into specification format?

New Action Items

@Benjamin Balder Bach sync up with Steve about writing/implementing test scenarios
@Benjamin Balder Bach forward and potentially discuss the Govstack UX guidelines to @George J Padayatti

Action Items from previous meetings

@Ain Aaviksoo consider if the decision to have “external ID” and “external ID type” referencing Individuals is relevant for the Key Desicion Log (if it’s not already there)
@Benjamin Balder Bach Prepare fixtures review for Lal
@Ain Aaviksoo will coordinate with Sandbox team - note that Lal is requesting and end2end use case.
@Ain Aaviksoo Call for a discussion meeting regarding “on-demand” OR multi-party consent workflows (need to choose which topic?)

 

Decision