Date: 2018-11-09

Time: 14:00-16:00 CEST

Type of meeting: Gotomeeting (https://global.gotomeeting.com/join/704521469)

Participants and absents

Chair

Berg, Hans <hans.berg@tickstar.com> as eDelivery Community Leader

Elected members (with voting right)

Kristiansen, Olav Astad <Olav.AstadKristiansen@difi.no>

Collanus, Risto <risto.collanus@visma.com>

Helger, Philip <philip.helger@brz.gv.at>

Langøy, Bård <bard.langoy@pagero.com>

Guests

Jerry Dimitriou on topic #1, #5, #6

Jostein Frømyr on topic #6.

Agenda

1. Continue to discuss remaining issues with PEPPOL AS4 Profile v.2.0.0 review
   1. TLS port numbers
      
      1. Recommend to use port 443, but allow for ports in the range 44300-44399 only if absolutely necessary. The onboarding tests may require the usage of port 443.
   2. MSH party role values
      
      1. see below
   3. Comments from Difi
      1. Why are we duplicating information from CEF profile?
         1. For simplicity of reading because the existing profile is already difficult to understand: EBMS 3 → AS4 → CEF eDelivery → PEPPOL Profile
         2. Additionally allow for TLS 1.3 (not just 1.2)
      2. Why are we changing identifiers in chapter 4.5?
         1. The fact that implementers have already started to implement using the RC is not a valid argument since implementers always have to adapt to specification updates. OpenPEPPOL does not provide specs for specific software implementations. A guiding principle for OpenPEPPOL specs is that they should be open and ensure interoperability.
         2. TICC CMB agreed to keep the proposed changes to the PEPPOL AS4 Profile v.2.0.0RC, to allow for generic reuse of the PEPPOL profile.
         3. According to the CEF conformance tests rules, Oxalis and other AS4 AP implementations have to be able to modify the roles for testing. The required code are already available in Oxalis at https://github.com/difi/Oxalis-AS4/blob/master/src/main/java/no/difi/oxalis/as4/util/Constants.java
   4. The documentation of the TLS certificate usage requirements will be in the "Trust Network Certificate Policy" specification, that is already referenced from TIA Annex 4 (see  decision below).
   5. AS4 Profile needs to be finished no later than Monday Nov 12.
2. Approval of previous meeting minutes (TICC CMB 2018-10-12 minutes, TICC CMB 2018-10-26 minutes)
3. Decision on approving Islandic IS:KT 0196 for use in PEPPOL eDelivery network ( TICC-61 - Getting issue details... STATUS ) (HB, BL and RC has already approved by commenting the Ticket, now waiting for PH)
4. Decide on remaining actions on  TICC-54 - Getting issue details... STATUS
5. AP SSL Certificate policy ( TICC-57 - Getting issue details... STATUS  and Edicom/EVRY)
6. Annex 3 and Annex4 updates proposed by Jostein Frömyr (see attachments)
7. PEPPOL Directory: Announcement for mandatory support for SMP's (6 months notice required according to André Hoddevik).
8. Go through unresolved issues and tickets in the Action Log

Topics not discussed

1. -#2-4, #7-8

Information items

1. none 

Decisions

• Topic #5: It was decided to put the SSL certificate policy in the document https://github.com/OpenPEPPOL/documentation/blob/master/TransportInfrastructure/ICT-Transport-Trust_Network_Certificate_Policy-2.00.pdf
  • Reference this from AS2 and AS4 transport profiles

Action items

1. see TICC CMB action log.

Attachments