Agenda
- AU Base Ballot Resolution still in progress - next PA call 11am-1pm Wed 30th Jan
- changes still in progress no snapshot of AU base yet for PD pub
- AU base finalisation pending resolution of all issues + then PD IG publication for ballot
- Security profile options
- Discuss need for a security profile
- Discuss the requirements of this profile
The following security profile options have been identified as candidates:
- API key
- OAuth token
- JSON Web tokens (JWT)
- OAuth JWT
- Discuss publication form and location in PD IG or otherwise
Minutes
Discussion: R3 AU base finalised - then a snap shot of PD produced - this need not go to ballot
Discussion: Recommend R4 version AU Base produced as a conversion R3 - then a PD STU publication for ballot produced
- JS/KM: Whole of industry offer is proposed for PD uptake
- JS Introduced need for security profile - link to proposal document available to SM TWG (TBA)
- issues with multiple security profiles (variance by vendors and need for clients to deal with that)
- requirements of a security profile - need to confirm these
- candidate options identified - need to confirm these
- BP: is this vendor to vendor or client to vendor? Yes two levels of security are needed
- Outcome: a separate security profile could be needed this needs more discussion
- Client (caller) identification is needed to prevent compromised access keys being available
- Next steps paper published in SM TWG confluence site to be announced.
Action items
- BE: followup on Touchstone when profiles available
- BE: follow up on other territories for the states ValueSet not needed at this stage
