ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 28th of April 2022
When: Weekly every Thursday at 3pm-4.30pm AEST
Location: WebEx, quick dial +61-2-9338-2221,,1650705270##
Meeting Details:
Desktop or Mobile Devices
https://treasuryau.webex.com/treasuryau/j.php?MTID=m9614a7c6166155d3d950a8999e437f9f
Once connected to your meeting remember to start your audio and video
Please mute when you are not speaking.
Video Conferencing (VC) Rooms
Use the remote control or touch panel and dial the number indicated below:
External VC Room: 1650705270@webex.com
Phones - AUDIO ONLY
- Primary Australia: +61-2-9338-2221
- Quick Dial: +61-2-9338-2221,,1650705270##
- Other Global Numbers: https://treasuryau.webex.com/cmp3300/webcomponents/widget/globalcallin/globalcallin.do?MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&serviceType=MC&serviceType=MC&serviceType=MC&siteurl=treasuryau&siteurl=treasuryau&siteurl=treasuryau&apiname=globalcallin.php&apiname=globalcallin.php&apiname=globalcallin.php&rnd=6124483603&rnd=6124483603&rnd=6124483603&tollFree=0&tollFree=0&tollFree=0&ED=1403111402&ED=1403111402&ED=1403111402&needFilter=false&needFilter=false&needFilter=false&actappname=cmp3300&actappname=cmp3300&actname=/webcomponents/widget/globalcallin/gcnredirector.do&actname=/webcomponents/widget/globalcallin/gcnredirector.do&renewticket=0
- Meeting Number/Access Code: 165 070 5270
- Introductions
- Actions
- CDR Stream updates
- Presentation
- Q&A
- Any other business
- 5 min will be allowed for participants to join the call.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may contact@consumerdatastandards.gov.au should they have any further questions or wish to have any material redacted from the record.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.16.1 Published | Link to change log here |
| Standards | Next Update will be Version 1.17.0 | Will incorporate changes completed from the 10th Maintenance Iteration Decision Proposal 237 will contain the decision taken to to the Data Standards Chair |
| Maintenance | 11th Maintenance Iteration has commenced | Reach out to contact@consumerdatastandards.gov.au for an invitation |
| Maintenance | DSB Maintenance Iteration 11: Agenda & Meeting Notes on 27th of April 2022 | Link to the agenda and minutes |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 6th of April 2022 | View in browser here |
| DSB Newsletter | 14th of April 2022 | View in browser here |
| Consultation | Normative Standards Review (2021) | No Close Date Link to consultation |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Consultation | Decision Proposal 240 - ADR Metrics | Feedback closes 27th of May 2022 Link to consultation |
| Consultation | Decision Proposal 245 - Enhancing Data Recipient Accreditation Negotiation | Feedback closes 27th of May 2022 Link to consultation |
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CDR Register | Peter McCool |
| ACCC | CTS | Preeti |
| DSB | CX Standards | Michael Palmyre |
| DSB | Technical Standards - Energy & MI11 | Hemang Rathod |
| DSB | Technical Standards - Register | Ivan Hosgood |
| DSB | Technical Standards - Banking | Mark Verstege |
| DSB | Technical Standards - Engineering | James Bligh |
None.
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
We are using Sli.do for Question and Answer. Join our Q&A live here: https://www.sli.do/ Code: #747194
The following table will be updated after the meeting.
| Ticket # | Question | Answer |
|---|---|---|
| 1419 - Part 2 | Part 1 We have one more thing to get clarified from you. Could you confirm whether the first and last fields are mandatory or not when there is only one page of results obtainable using the pagination filters? | No they are not mandatory if the first and last page are the same. |
| 1494 | In the specification there is the new method called "CDR Arrangement JWT" when a data holder is calling the data recipients arrangement revocation endpoint. "The cdr_arrangement_jwt MUST be a newly signed JWT..." Also in the specification, there is an example: POST https://data.recipient.com.au/arrangements/revoke HTTP/1.1 Host: data.recipient.com.au Content-Type: application/x-www-form-urlencoded Authorization: Bearer eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjEyNDU2In0.ey ... cdr_arrangement_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IjEyNDU2In0.ey ... ## Decoded cdr_arrangement_jwt JWT { "typ": "JWT", "alg": "HS256", "kid":"12456" } { "cdr_arrangement_id": "5a1bf696-ee03-408b-b315-97955415d1f0" } The HS256 alg header in the decoded JWT implies that this is a shared secret key that is used to sign the cdr_arrangement_jwt. Is this the case? Or is this an error/typo in the specification? It would make more sense to me to sign with the Data Holder's private key, so that the Data Recipient can use the jwks uri to verify. |
This is indeed a typo and is being managed through the standards maintenance process via issue 482. All JWT signing aligns to the FAPI requirement as specified in Section 8.6 FAPI-RW-Draft. The symmetric algorithm HS256 is not supported. The documentation will be addressed in V1.17.0 of the standards which is the next planned release. Please let me know if you require any further information. |
View a number of informative and useful links in the Consumer Data Standards Implementation Guide on Information Links.