[Openid-specs-fapi] Fwd: OPEN BANKING LAUNCHES ACCOUNT INFORMATION & PAYMENT INITIATION API SPECIFICATIONS

Brian Campbell bcampbell at pingidentity.com
Mon Jul 10 16:24:06 UTC 2017


Thanks Ralph. Please do pass those comment on to the right people. When I
go to https://openbanking.atlassian.net I'm still being told, "Your email
address XXXXXXX doesn't have access to openbanking.atlassian.net"

On Mon, Jul 10, 2017 at 9:24 AM, Ralph Bragg <Ralph.Bragg at openbanking.org.uk
> wrote:

> Brian et al,
>
>
> Confluence access is open to all if you'd like to pass the comments on
> directly however i'll also make sure any comments are seen by the right
> people and fed in.
>
>
> RB
> ------------------------------
> *From:* Brian Campbell <bcampbell at pingidentity.com>
> *Sent:* 10 July 2017 13:50
> *To:* FAPI-Openid-specs
> *Cc:* Ralph Bragg
> *Subject:* Fwd: [Openid-specs-fapi] Fwd: OPEN BANKING LAUNCHES ACCOUNT
> INFORMATION & PAYMENT INITIATION API SPECIFICATIONS
>
>
> I'm sure this isn't the right forum for feedback but I suspect there are Open
> Banking folks on the FAPI list. And, after a quickish read through
> https://www.openbanking.org.uk/read-write-apis/account-trans
> action-api/v1-0-0/ and https://www.openbanking.org.uk
> /read-write-apis/payment-initiation-api/v1-0-0/ I feel compelled to give
> some feedback - at least in the small area that I know something about.
>
> The example content and code in the black boxes around JWS is rather
> problematic. This isn't an exhaustive list but encoding seems wrong (base64
> vs. base64url) and/or incorrectly applied (shouldn't be encoding the HTTP
> body with the RFC 7797 b64 header set to false) and encryption/decryption
> is mentioned in the computing/verifying signature parts - which I guess
> might be right for some RSA schemes but there's more to it than that and it
> certainly isn't generally applicable with JWS / RFC 7515. There's an
> empty alg value in a sample JOSE header and the x-jws-signature headers
> aren't valid at all (so much so it's probably intentional).
>
> Sorry for the random critique email spam. But I'm hopeful maybe it'll be
> seen by someone that will be able to do something useful with it.
>
>
> ---------- Forwarded message ----------
> From: Joseph Heenan via Openid-specs-fapi <openid-specs-fapi at lists.openi
> d.net>
> Date: Wed, Jul 5, 2017 at 8:43 AM
> Subject: [Openid-specs-fapi] Fwd: OPEN BANKING LAUNCHES ACCOUNT
> INFORMATION & PAYMENT INITIATION API SPECIFICATIONS
> To: Financial API Working Group List <openid-specs-fapi at lists.openid.net>
>
>
> Hi all,
>
> As below, the UK OpenBanking IE have now published (some of) their specs,
> which may be of interest to others here.
>
> Direct link is: https://www.openbanking.org.uk/read-write-apis/
>
>
> Joseph
>
>
> Begin forwarded message:
>
> *From: *Open Banking – Secretariat Challenger Banks Stakeholder Group <
> SecretariatChallengerBanksStakeholderGroup at openbanking.org.uk>
> *Subject: **OPEN BANKING LAUNCHES ACCOUNT INFORMATION & PAYMENT
> INITIATION API SPECIFICATIONS*
> *Date: *5 July 2017 at 11:49:12 BST
>
> Dear Members
>
> *The Next Step in the Transformation and Opening Up of the UK Banking
> Industry*
>
> We are pleased to announce that we have released Account Information and
> Payment Initiation API specifications today on www.openbanking.org.uk
>
> As our Trustee, Imran Gulamhuseinwala, states in the announcement, the
> specifications we are releasing today, which will be live from January next
> year, provide the platform for developers from banks, fintechs and other
> organisations to build new web and mobile applications that will deliver a
> safer, more personalised and easier banking experience for consumers
> wishing to search, select and switch financial products in a secure
> environment.
>
> A copy of our announcement can be read in the attached document.
>
>
> *The Open Banking Team*
>
> *W*: www.openbanking.org.uk.
> *A:*  2 Thomas More Square, London, E1W 1YN
>
>
>
>
>
>
> Please consider the environment before printing this email.
>
> This email is from Open Banking Limited. Our postal address is 2 Thomas
> More Square, London, E1W 1YN. Any views or opinions are solely those of the
> author and do not necessarily represent those of Open Banking.
>
> This email and any attachments are confidential and are intended for the
> above named only. They may also be legally privileged or covered by other
> legal rights and rules. Unauthorised dissemination or copying of this email
> and any attachments, and any use or disclosure of them, is strictly
> prohibited and may be illegal. If you have received them in error, please
> delete them and all copies from your system and notify the sender
> immediately by return email.
>
>
>
>
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>
>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*
>
> Please consider the environment before printing this email.
>
> This email is from Open Banking Limited. Our postal address is 2 Thomas
> More Square, London, E1W 1YN. Any views or opinions are solely those of the
> author and do not necessarily represent those of Open Banking.
>
> This email and any attachments are confidential and are intended for the
> above named only. They may also be legally privileged or covered by other
> legal rights and rules. Unauthorised dissemination or copying of this email
> and any attachments, and any use or disclosure of them, is strictly
> prohibited and may be illegal. If you have received them in error, please
> delete them and all copies from your system and notify the sender
> immediately by return email.
>

-- 
*CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20170710/c6aa353f/attachment-0001.html>


More information about the Openid-specs-fapi mailing list