Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
a. CDA Display Tool Update + Model-Based Validator
b. SMP/SML (João + Tech Committee + EC Team);
c. eID (we may not have Alexandre with us);
MEETING NOTES
0. Housekeeping (Michèle)
1. Way of working of the committee in 2016
New governance in 2016, EC is leading the different Committees. This is therefore the 1rst Technical Committee led by EC. The mission of the Technical Committee is to provide guidance and decision on the following topics:
architecture
quality assurance
roadmap & release management
Every attendee introduced himself to the team. The members of the Committee have an expertise on OpenNCP, some are in the project since the very beginning. List of members = list of today's attendeed? michele.foucart, list to be confirmed with the participants
The team agrees on the set-up, time and frequency of the meeting (Thursday 1pm, every 2 weeks)
2. Discussion on security and stress tests done in 2015
Presentation of the results (Jerôme & Nathan)
Tests executed on the full chain, from the client & the NCP.
The second phase will be to do stress & security tests component per component
Some issues, mainly related to the logs file - Kostas did already made the fixes
Normalization of the log system/hierarchy
other issues but more related to the configuration server
proposition is to write guidelines, defining the setting of the server
Alexandre Santos: one of the issue is the normalization (e.g. on accessing the components, there are different ways of logging events). This will be done step by step on the components
Massimiliano Masi: there are deviation of the OpenNCP implementation towards specifications The openNCP created some components (secu manager...) wrong in different context. e.g. invalide key...
During the central services assessment in the scope of e-SENS SMP/SML, some security relaxations were identified in the document "eHealth cross border central services status quo and outlook", authored by me and Uwe Roth (LIST). The new document that was agreed to be prepared by me, Massi and Kostas can recover those security relaxations, easing some of the work.
=> This document can be the starting point and will be shared.
Fixing of release issues 2.4 missing links, broken links (Marcello)
Alexandre Santos has created a new version of the portal that was available to the team after the expandathon, now available on join up server
some issues on connector TSL editor are now synchronized on join up server + issue with Lombardy...asked support team joinup to reindex. Joinup is now clean
try to recompile the terminator component, now the join up server is indexed
issue with the CDA display tool - don't know what is the last version of the component of the CDA tool => Marcello says that we should first have it right
Certificate & relaxation (service provider/consumer), such certificates do not pass the Gazelle test (Stephane) - all related to the security task force. different certificates. earlier it was separate certificates => following stephane this is a regression with regards to security. service provider & receiver
4. AOB
Reminder from YacoubouY to upload the tsl files, since we only received a few until now
5. Next meeting
michele.foucart Next meeting schedule: 13:00 CET (to be confirmed)
task force security: S to organize somewhere next week
task force release management: Natasha Carl to organize