...

Langøy, Bård <bard.langoy@pagero.com>

Guests

Jerry Dimitriou on topic #1, #5, #6

Jostein Frømyr on topic #6.

Agenda

1. Continue to discuss remaining issues with PEPPOL AS4 Profile v.2.0.0 review
   1. TLS port numbers
      
      1. Recommend to use port 443, but allow for ports in the range 44300-44399 only if absolutely necessary. The onboarding tests may require the usage of port 443.
   2. MSH party role values
      
      1. see below
   3. Comments from Difi
      1. Why are we duplicating information from CEF profile?
         1. For simplicity of reading because the existing profile is already difficult to understand: EBMS 3 → AS4 → CEF eDelivery → PEPPOL Profile
         2. Additionally allow for TLS 1.3 (not just 1.2)
      2. Why are we changing identifiers in chapter 4.5?
         1. The fact that implementers have already started to implement using the RC is not a valid argument since implementers always have to adapt to specification updates. OpenPEPPOL does not provide specs for specific software implementations. A guiding principle for OpenPEPPOL specs is that they should be open and ensure interoperability.
         2. TICC CMB agreed to keep the proposed changes to the PEPPOL AS4 Profile v.2.0.0RC, to allow for generic reuse of the PEPPOL profile.
         3. According to the CEF conformance tests rules, Oxalis and other AS4 AP implementations have to be able to modify the roles for testing. The required code are already available in Oxalis at https://github.com/difi/Oxalis-AS4/blob/master/src/main/java/no/difi/oxalis/as4/util/Constants.java
   4. The documentation of the TLS certificate usage requirements will be in the "Trust Network Certificate Policy" specification, that is already referenced from TIA Annex 4 (see  decision below).
   5. AS4 Profile needs to be finished no later than Monday Nov 12.
2. Approval of previous meeting minutes (TICC CMB 2018-10-12 minutes, TICC CMB 2018-10-26 minutes)
3. Decision on approving Islandic IS:KT 0196 for use in PEPPOL eDelivery network (

   Jira Legacy
   server System JIRA serverId b5b0ccd0-0a1a-35a3-9e9e-6e3b9531d004 key TICC-61

   ) (HB, BL and RC has already approved by commenting the Ticket, now waiting for PH)
4. Decide on remaining actions on 

   Jira Legacy
   server System JIRA serverId b5b0ccd0-0a1a-35a3-9e9e-6e3b9531d004 key TICC-54

5. AP SSL Certificate policy (

   Jira Legacy
   server System JIRA columns key,summary,type,created,updated,assignee,reporter,priority,status serverId b5b0ccd0-0a1a-35a3-9e9e-6e3b9531d004 key TICC-57

    and Edicom/EVRY)
6. Annex 3 and Annex4 updates proposed by Jostein Frömyr (see attachments)
7. PEPPOL Directory: Announcement for mandatory support for SMP's (6 months notice required according to André Hoddevik).
8. Go through unresolved issues and tickets in the Action Log

Topics not discussed

1. -#2-4, #7-8

Information items

1.  none 

Decisions

• Topic #5: It was decided to put the SSL certificate policy in the document https://github.com/OpenPEPPOL/documentation/blob/master/TransportInfrastructure/ICT-Transport-Trust_Network_Certificate_Policy-2.00.pdf
  • Reference this from AS2 and AS4 transport profiles

...