Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

"At this point, are we able to clearly identify to our development team what should be done towards the implementation on the Non-Repudiation BB, based on all of the discussions and the documents that have been shared by the members, including Masi, on this subject?"

 

As pointed out by Konstantin Hyppönen:

"My opinion (an this is only an opinion) is to implement the non-repudiation feature in the OpenNCP in a very simplified manner, in order to have a theoretical chance of getting it ready for the connectathon:

  • sign the incoming and outgoing messages exchanged by the NCPs.
  • include in the messages the attributes required by ISO 13888 and currently not included in the messages.
  • provide interfaces to the national connectors (to NI A and B) to be able to push the messages and store them as evidence in NI.
  • as an alternative to the previous option, extend audit logs, which currently only include SOAP headers, to include also SOAP bodies and signatures of the messages. Demand the NCP implementors to place the audit repository in NI instead of the NCP.
  • skip extensions of the XACML policies for the time being, because they increase complexity, and investigate in more detail what is the value potentially provided by them.
  • skip the implementation of ETSI REM -styled evidences for the time being, because they increase complexity, and investigate in more detail what is the value potentially provided by them.

 

 We need to prepare more detailed specs for this, or alternatively ask for more information about the solution that is being currently proposed.

 

 

Questions:

 

Can we predict the estimated effort on:

- The Specs Definition - Konstantin Hyppönen and Heiko Zimmermann, could you help on this?
- The Developments needed - maybe Kostas Karkaletsis and Stéphane Spahni, could you help us on this?

  • No labels