Versions Compared

Old Version 1

changes.mady.by.user S

Saved on

compared with

New Version 2

changes.mady.by.user S

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Estimated: 15:00 to 16:00 CET.

Performed: 15:04 to 15:58 CET.

Agenda:

  1. Status of activities:
  2. Ongoing Issues:
    Fixed on DIGIT side, OpenNCP side to do.
  3. Implementation, SMP ICD: eHealth specidifities:
    1. Exact same metadata for signature:
      Sumary issue: 2 solutions with a preference with the XSLT.
      Joao Cunha has already developed a fix. After retrieving info from SMP server remove the SMP sig then
      Yves ADAM maybe issue with the order with?Massimiliano Masi After a put (DOM) + extraction of the data, services etc + store to the database with original XML.
      Then SMP query + return
      Warn: Java impl doc etc.
    2. Same certificates:We need to validate as long as we keep the private key we are able to renew de certificate → signature still valid TO TEST.
      If the certificate/private key is revoked? Timeline.
      TODO: Joao Cunha will try to test this. Stéphane Spahni proposed Generate 2 cert with same PK and try to validate ths sign
    3. Additional sig
      Sig after the Endpoint if several endpoints, we need to repeat the sig node?
      Yves ADAM Proposition to add as high as possible of the structure (extension of the serviceInformation).
      Joao Cunha "add comment"...add the signature to the extension of redirect.(rephrase)
    4. Cache implementation:
      End over with Joao to modify ConfMangerSMP wich call the SML an retrieve SMP.
      Timeline to check.
    Roadmap:
    Ask info about the planning etc.
    1. Additional signature:
    2. Cache implementation:
  4. Roadmap:
  5. Next steps:

Location:

  • AdobeConnect:

http://ec-wacs.adobeconnect.com/openncp/
Room Passcode:  markus.kalliola or michele.foucart
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
If you have never attended an Adobe Connect meeting before:
Test your connection: http://ec-wacs.adobeconnect.com/common/help/en/support/meeting_test.htm
Get a quick overview: http://www.adobe.com/products/adobeconnect.html
Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Joao Cunha

Dimiter Petrov

Stéphane Spahni

Yves ADAM

S

Massimiliano Masi

Meeting Notes:

  1. Status of activities:
    Housekeeping and general discussion which initiates restarting the task force after the summer holiday break.

  2. Ongoing Issues:
    All the current issues on DIGIT side has been fixed, development tasks on the OpenNCP side.

  3. Implementation, SMP ICD:
    1. Update of the PoC for the multiple signatures
    2. SMP ICD: eHealth specificities
    3. Cache implementation
    Roadmap:eHealth specificities:
    1. Exact same metadata for signature:
      There is a risk of interoperability issues by using the SMP's extension mechanism for adding the required extra signatures.
      The SMP SignedServiceMetadata file is submitted throughout the PUT method and never stored as is, when a GET method is called the file is rebuilt from the server with a risk of not being exactly the same.
      To solve this issue, 2 solution are proposed: detaching the signature or applying a XSLT transformation on the SMP file (download and upload).
      Adrien FERIAL has sent a mail to highlight the fact that the first solution will create a new service. "This would impact interoperability and lead to a lock-in to a specific implementation of SMP".
      The group has validated to use the XSLT solution if it solves the issue.
      Joao Cunha has already developed an implementation which should be tested and approved as soon as possible.

    2. Same certificates:
      The is a concern about the certificate validity period. The certificate used to validate the signature must be the same than the one used to sign it. The operator is responsible to make sure that all its meta-data are up-to-date.
      We need to validate as long as we keep the private key, we are able to renew de certificate → signature still valid (to be validated?). If the certificate/private key is revoked?
      Stéphane Spahni proposed to generate 2 certificates with the same private key and validate the signature.
      Joao Cunha will try to validate the scenario.

    3. Additional signature:
      Signature after the Endpoint? If several endpoints then we need to repeat the signature node? The signature should not be in a place where it must be repeated.
      Yves ADAM proposed to add it as high as possible of the structure (for instance extension of the ServiceInformation).
      Joao Cunha proposed to add the signature to the extension of the redirect.

    4. Cache implementation:
      Massimiliano Masi has finished the main changes into the ConfigurationManager which call the SML and retrieve the SMP, for the time being there is a handover between Massimiliano Masi and Joao Cunha in order to finish this implementation.

  4. Roadmap:
    Joao Cunha ask some information regarding the different time line of the SMP/SML integration. This will be clarified during the next bi-weekly meeting.

  5. AOB:
    1. SMP Editor:
      Web - based S prepare doc, links and info for Dimiter Petrov.

  6. Next meeting:
    11AM -12AM.

...