Reference Implementation Meeting 2011-02-08
Jump to navigation
Jump to search
RI Workgroup Call
Tuesday, February 08, 2011
12:00 PM EST
Lead: Beau Grantham (Harris)
Attendees: Srinivas Chennamara (Akira Technologies), Will Hartung (Mirth Corp), Greg Meyer (Cerner), Rob Wilmot (Cerner), Mark Bamberg (MEDfx), Sri Koka (Techsant Technologies), Brian Hoffman (Booz Allen Hamilton (DoD)), Chris Harris (NextGen), Patrick Pyette (Inpriva), Umesh Madan (Microsoft Corp), Arien Malec
Beau-
Reminder of the RI attendance form on the wiki.
Agenda:
Friday was our latest virtual connectathon. We didn't have quite the level of participation that we had in the past. It was still a good event.
We had 2 unmanned HISPs, Umesh's and Greg's. Myself, Mark Bamberg and Michael F. had a HISP as well. We also had other people listening in throughout the day. Brian Hoffman from Booze Allen was on the line and someone else.
We did good testing. We only found 1 issue which possibly impacts both implementations. I've been in contact with Greg and Umesh, we're going to verify offline whether this is actually an issue. It revolves around certificates that revoked and it's also possible that the test was set up incorrectly. Revoked certificates which were listed in a CRL were not being honored.
Other than that everything went very well. With that small exception, I think we've decided to go ahead with a 1.0 release and then come back with a 1.0.1 fix release if it is necessary. Partly because this issues isn't going to be major for the pilots. We'll push that out with the maintenance release.
Arien -
Does that apply to OCSP as well as CRLs?
Beau -
I'm pretty sure that both just have the CRL implementation currently.
Arien -
So we'd have to give advice to people that they need to manually manage revocation.
Beau -
Yes, that would be the workaround. Any other comments on the connectathon?
Mark -
I just have one issue that came out of it. I ended up with 2 HISPs that couldn't talk to each other because they were configured behind a firewall. I imagine that's something that I can probably get some information for from some of the experts like Greg. Right now that remains an issue with me.
Beau -
I know we had a few issues with local network problems and a couple different HISPs. We'll see if we can work out changes to the James configuration so we can work with each other and address mapping, etc.
Mark -
Overall it was a huge success. By the end of the day I had exchanged with 2 different external partners. I was ecstatic about all of the help and support.
Beau -
Very good. These events are great and we get a lot of useful feedback.
Status check
Java:
There were a few issues with the configuration UI. One was a problem with IE and the buttons not working like they were supposed to. In addition, Brian Hoffman has also updated the config UI with new Direct Project branding and little touches so that it doesn't appear like a stock TomCat Project. Greg has with those changed pushed out an updated release of the config UI and tagged it 1.1.1, but we'll get to that. In addition, Greg also dropped a release candidate last week. Since then the only thing that has changed is that one little config UI. Greg, anything else?
Greg -
You pretty much covered it. I dropped the 1.1.1. with config UI this morning. The stock assembly project has been updated now to use the 1.1.1 version to go out in the 1.0 release. Other than that, I have an assembly that's going to be the 1.0 release. If there aren't any objections, I may drop a 1.0 release this afternoon. That will go out in Mavis Central and the Google repository.
Beau -
What we originally said was that tomorrow would be the 1.0 release tomorrow. As soon as you have it built and tested you can go ahead and push that out.
Umesh -
What I'll try to do is contact John, hopefully he can help with it because I don't have much time.
Beau -
The only other thing I had on the Java side was that we learned that Pat has finished one of the tasks that we had on the Google issue tracker which is a lite version of the agent to be used for trust validation during XD transaction. He's going to push it out within a week or so. It'll be in a maintenance or bug fix release, but that's okay because it's specific to XD transactions. Anything else on Java side?
Greg -
I have 2 quick things. I apologize that we don't have documentation on the CertGen tool. I do intend to have documentation in the next release.
There will be a site release page for the stock assembly. I have that ready to go. It points back to the Bare Metal implementation. That will go out with the release today.
Beau -
I know the CertGen tool was used heavily during the connectathon.
Mark -
One of the things that we learned through the connectathon was the distinction between certificates that carry private keys and ones that don't and how that's important when configuring certificates.
Greg -
Good point. I have to go back into the documentation. I think it talks about the differences in the configuration UI section of the gateway. It may need to be articulated better.
Sri -
It is in there.
Mark -
Another suggestion is that it would be nice to have an indication on the screen of whether it's a private certificate or a public certificate.
Greg -
I talked about that a while back, but it fell through the cracks.
Pat-
Yes, we probably want to put an issue up on Google.
Umesh -
For the C# guys, there is a similar tool.
Sri -
We have a link too.
Beau -
I like Pat's idea of putting the issue out there. When this came up during the connectathon we identified it as this issue pretty quickly.
Mark -
I just wanted to provide that feedback. I'll log it in the bug tracker.
Beau -
That's all we had for the Java status.
.NET
Umesh -
We're going to go live with the .NET stack. You'll see new features going in next week for improved routing, etc. And I'm about to work on the CRL things.
Greg -
Umesh, you brought in a good point. After we drop this 1.0 release, at least on the Java side, what's there under Java is all new, all the code on the Java side is opened up for any enhancements (auditing pieces, injection capabilities, etc.). We haven't really ever talked about the next stage for 1.1, but whenever we get around to that those repositories are open now for enhancements.
Umesh -
Yes, we'll need long-term ownership in the 2-3 month plan. We need to figure out how to transition some of this.
Greg -
That's a good point. As a community, how does this go forward past what we've done over the last few months.
Umesh -
Beau will talk to Arien about this. Hopefully there are some volunteers from other companies that are willing to get involved.
Sri -
It's directly proportional to the popularity of the project.
Beau -
I did want to see if we had any update on the XD stuff. We had a meeting with everyone last week. It sounded like everyone was on board and they were back and able to participate. Vince on the Java side is in a really good position since he's doing XD functionality for his HIMSS demo, so he's fixing bugs and getting everything working on the Java side. He said he was working on fixing bugs and pushing them back into the baseline. The .NET side still has a little bit more work to do. A little bit more than the Java side. Vacil said that he was going to develop a plan of what needs to get done and work on XD for .NET.
Umesh -
Hopefully we can get a greater volunteer on .NET . Phil from CareEvolution is helping out. Anyone else with engineers who wan to look at things that would be great.
Beau -
Brian Hoffman added himself to the Java team members, so it looks like he'll be participating.
Ok, if there is nothing else, we'll talk to you next week. Don't forget about the attendance form on the wiki.
Tuesday, February 08, 2011
12:00 PM EST
Lead: Beau Grantham (Harris)
Attendees: Srinivas Chennamara (Akira Technologies), Will Hartung (Mirth Corp), Greg Meyer (Cerner), Rob Wilmot (Cerner), Mark Bamberg (MEDfx), Sri Koka (Techsant Technologies), Brian Hoffman (Booz Allen Hamilton (DoD)), Chris Harris (NextGen), Patrick Pyette (Inpriva), Umesh Madan (Microsoft Corp), Arien Malec
Beau-
Reminder of the RI attendance form on the wiki.
Agenda:
- Quick debrief on connectathon
- Status from both teams
- Talk about 1.0 release
- XD updates
- General Discussion
Friday was our latest virtual connectathon. We didn't have quite the level of participation that we had in the past. It was still a good event.
We had 2 unmanned HISPs, Umesh's and Greg's. Myself, Mark Bamberg and Michael F. had a HISP as well. We also had other people listening in throughout the day. Brian Hoffman from Booze Allen was on the line and someone else.
We did good testing. We only found 1 issue which possibly impacts both implementations. I've been in contact with Greg and Umesh, we're going to verify offline whether this is actually an issue. It revolves around certificates that revoked and it's also possible that the test was set up incorrectly. Revoked certificates which were listed in a CRL were not being honored.
Other than that everything went very well. With that small exception, I think we've decided to go ahead with a 1.0 release and then come back with a 1.0.1 fix release if it is necessary. Partly because this issues isn't going to be major for the pilots. We'll push that out with the maintenance release.
Arien -
Does that apply to OCSP as well as CRLs?
Beau -
I'm pretty sure that both just have the CRL implementation currently.
Arien -
So we'd have to give advice to people that they need to manually manage revocation.
Beau -
Yes, that would be the workaround. Any other comments on the connectathon?
Mark -
I just have one issue that came out of it. I ended up with 2 HISPs that couldn't talk to each other because they were configured behind a firewall. I imagine that's something that I can probably get some information for from some of the experts like Greg. Right now that remains an issue with me.
Beau -
I know we had a few issues with local network problems and a couple different HISPs. We'll see if we can work out changes to the James configuration so we can work with each other and address mapping, etc.
Mark -
Overall it was a huge success. By the end of the day I had exchanged with 2 different external partners. I was ecstatic about all of the help and support.
Beau -
Very good. These events are great and we get a lot of useful feedback.
Status check
Java:
There were a few issues with the configuration UI. One was a problem with IE and the buttons not working like they were supposed to. In addition, Brian Hoffman has also updated the config UI with new Direct Project branding and little touches so that it doesn't appear like a stock TomCat Project. Greg has with those changed pushed out an updated release of the config UI and tagged it 1.1.1, but we'll get to that. In addition, Greg also dropped a release candidate last week. Since then the only thing that has changed is that one little config UI. Greg, anything else?
Greg -
You pretty much covered it. I dropped the 1.1.1. with config UI this morning. The stock assembly project has been updated now to use the 1.1.1 version to go out in the 1.0 release. Other than that, I have an assembly that's going to be the 1.0 release. If there aren't any objections, I may drop a 1.0 release this afternoon. That will go out in Mavis Central and the Google repository.
Beau -
What we originally said was that tomorrow would be the 1.0 release tomorrow. As soon as you have it built and tested you can go ahead and push that out.
Umesh -
What I'll try to do is contact John, hopefully he can help with it because I don't have much time.
Beau -
The only other thing I had on the Java side was that we learned that Pat has finished one of the tasks that we had on the Google issue tracker which is a lite version of the agent to be used for trust validation during XD transaction. He's going to push it out within a week or so. It'll be in a maintenance or bug fix release, but that's okay because it's specific to XD transactions. Anything else on Java side?
Greg -
I have 2 quick things. I apologize that we don't have documentation on the CertGen tool. I do intend to have documentation in the next release.
There will be a site release page for the stock assembly. I have that ready to go. It points back to the Bare Metal implementation. That will go out with the release today.
Beau -
I know the CertGen tool was used heavily during the connectathon.
Mark -
One of the things that we learned through the connectathon was the distinction between certificates that carry private keys and ones that don't and how that's important when configuring certificates.
Greg -
Good point. I have to go back into the documentation. I think it talks about the differences in the configuration UI section of the gateway. It may need to be articulated better.
Sri -
It is in there.
Mark -
Another suggestion is that it would be nice to have an indication on the screen of whether it's a private certificate or a public certificate.
Greg -
I talked about that a while back, but it fell through the cracks.
Pat-
Yes, we probably want to put an issue up on Google.
Umesh -
For the C# guys, there is a similar tool.
Sri -
We have a link too.
Beau -
I like Pat's idea of putting the issue out there. When this came up during the connectathon we identified it as this issue pretty quickly.
Mark -
I just wanted to provide that feedback. I'll log it in the bug tracker.
Beau -
That's all we had for the Java status.
.NET
Umesh -
We're going to go live with the .NET stack. You'll see new features going in next week for improved routing, etc. And I'm about to work on the CRL things.
Greg -
Umesh, you brought in a good point. After we drop this 1.0 release, at least on the Java side, what's there under Java is all new, all the code on the Java side is opened up for any enhancements (auditing pieces, injection capabilities, etc.). We haven't really ever talked about the next stage for 1.1, but whenever we get around to that those repositories are open now for enhancements.
Umesh -
Yes, we'll need long-term ownership in the 2-3 month plan. We need to figure out how to transition some of this.
Greg -
That's a good point. As a community, how does this go forward past what we've done over the last few months.
Umesh -
Beau will talk to Arien about this. Hopefully there are some volunteers from other companies that are willing to get involved.
Sri -
It's directly proportional to the popularity of the project.
Beau -
I did want to see if we had any update on the XD stuff. We had a meeting with everyone last week. It sounded like everyone was on board and they were back and able to participate. Vince on the Java side is in a really good position since he's doing XD functionality for his HIMSS demo, so he's fixing bugs and getting everything working on the Java side. He said he was working on fixing bugs and pushing them back into the baseline. The .NET side still has a little bit more work to do. A little bit more than the Java side. Vacil said that he was going to develop a plan of what needs to get done and work on XD for .NET.
Umesh -
Hopefully we can get a greater volunteer on .NET . Phil from CareEvolution is helping out. Anyone else with engineers who wan to look at things that would be great.
Beau -
Brian Hoffman added himself to the Java team members, so it looks like he'll be participating.
Ok, if there is nothing else, we'll talk to you next week. Don't forget about the attendance form on the wiki.