TICC work meeting 2018-11-13 minutes

Owned by Hans Berg (Unlicensed)

Last updated: Nov 13, 2018

1 min read

Date: 2018-11-09

Time: 15:00-16:00 CEST

Type of meeting: Gotomeeting (https://global.gotomeeting.com/join/704521469)

Participants and absents

Chair

Berg, Hans <hans.berg@tickstar.com> as eDelivery Community Leader

Participants

Risto Collanus (Visma / Maventa) eDelivery/TICC CMB

Bård Langöy (Pagero) eDelivery/TICC CMB

Jesper Larsen (Unlicensed) (OpenPEPPOL Operating Office)

Jerry Dimitriou (OpenPEPPOL Operating Office)

Erlend Klakegg Bergheim (Deactivated) (Difi)

Agenda

SSL certificate policy

PEPPOL Policy for transport security

Self signed certificates are not allowed (as mentioned in the PEPPOL AS2 specs)
The SSL certificate has to be recognised by both Java and Microsoft since at least 6 months.
Grade "A" TLS configuration according to SSL Labs (https://www.ssllabs.com/ssltest)
Access points are not allowed to tamper with provided trust lists.
A PEPPOL Access Point not graded "A" is considered to be unavailable with regards to the Transport Infrastructure Agreement.

Decisions

The present TICC CMB members (Risto Collanus, Bård Langöy, Hans Berg (Unlicensed)) unanimously decided to adopt the above policy.

Action items

Bård Langöy will draft the policy until next week.

Attachments

	File	Modified

No files shared here yet.