Transcript Slide 1
GSA Committee Technical Update For Engineers BoD Meeting - Feb 2008 GSA Committee Update • GSA Committees – SAS – GDS – Transport – S2S – G2S BoD Meeting - Feb 2008 Committee Procedures • Committees have a Chair and Vice Chair position • Committees meet Face to Face Quarterly (approximately) • Committees may (and do) meet more regularly on an ad hoc basis – Ad hoc meetings may be as frequent as necessary – They are typically held via teleconference BoD Meeting - Feb 2008 Committee Procedures • Formal meetings may be held when binding votes are necessary • Binding votes may only occur at a formal meeting • Formal votes may be face to face or by teleconference • Voting Members must be at the Gold level and must have participated in the last two formal meetings BoD Meeting - Feb 2008 Committee Procedures • Each Member gets one vote • Votes are passed by a simple majority • All formal meetings have minutes taken • Many ad hoc (or informal) meetings have unofficial minutes to record progress. • Specific procedures for committees are in GSA policy 124 BoD Meeting - Feb 2008 Committee Functions • The committees meet to advance correct or modify the protocols • JIRA is the project tracking program used by the committees – All members may have JIRA access – Contact the JIRA administrator through the GSA website for log in info and password BoD Meeting - Feb 2008 Committee Procedures • Virtually all items addressed by the committee are a result of a JIRA item • JIRA allows members to enter an item and to comment on other items already entered • All comments are visible • Members may subscribe to JIRA items so that they are notified when comments are made BoD Meeting - Feb 2008 Committee Procedures • The committee Chair determines the agenda and moderates the meetings • All members may participate in any of the committee meetings BoD Meeting - Feb 2008 SAS • The SAS committee recently made accommodations in the protocol for existing implementations • The group will be working the 2008 Committee operating guidelines • The group will discuss the Test Script Workgroup BoD Meeting - Feb 2008 SAS Committee • Primarily in maintenance mode • No major development • Bug fixes • Additional enhancements approved by the Board of Directors • Final work on Addendum this session • Eventual phase out of the SAS protocol BoD Meeting - Feb 2008 SAS Committee • Tool kit being maintained and updated • Test scripts being maintained and updated • Working group to be formed for tool kit and test script maintenance/development BoD Meeting - Feb 2008 GDS Committee • USB Based protocol • Designed for peripheral devices such as printer, note acceptor, card reader, etc. • USB 2.0 based • New revisions to be released within 30 days • Currently working on printable characters description • Will work in conjunction with G2S and S2S for transmitting characters BoD Meeting - Feb 2008 Transport Committee • The 1.0.3 Point to Point with errata 1 is the most current protocol • The 1.0.7 Multicast protocol is the most current • The committee is correcting bugs and working on Transport Certification requirements • Currently working on Transport Certification • Worked out NTP, SCEP and DHCP BoD Meeting - Feb 2008 Transport Status • In our last meeting we discussed the GET and POST SCEP commands and the affects on proxies and caches • We determined that proxies and caches were not suitable for security messages • We will be evaluating a document that provides additional clarifying text for SCEP and OCSP functions in the Transport protocol BoD Meeting - Feb 2008 G2S • The committee voted to release the latest version 1.0.4.2 for Membership comment • The group will be addressing comments (JIRA items) and deciding on corrections • The group will be discussing new classes: Tournament Class is on the agenda • The group will be discussing backward compatibility BoD Meeting - Feb 2008 G2S • Backward compatibility has several forms – Application backward compatibility – Schema backward compatibility • Several JIRA items relate to this issue • The group will discuss rules or guidelines referring to changing schemas BoD Meeting - Feb 2008 S2S • The committee voted to release their protocol to the Member Vote period • The current version for the committee is 1.2.6.5 • The committee will begin discussing the next revision which will be a serious re-write of many of the classes. BoD Meeting - Feb 2008 S2S • Big Bang Revision – May of the older classes are very element heavy – We have found attribute heavy structures to be easier to maintain. G2S is designed as attribute heavy – We will be re-writing these classes to be attribute heavy – We will be adjusting the data structure of S2S to be compatible with G2S. BoD Meeting - Feb 2008 Transport Fundamentals • Currently two transports – Point to Point – Multicast • Point to Point support required for messaging protocols BoD Meeting - Feb 2008 Transport Fundamentals • Point to Point transport features – TLS/SSL security – TLS 1.0 support required – SCEP is the Certificate handling protocol – OSCP is the revocation service – DHCP support with vendor extensions – NTP supported – X509 v3 certificate support required BoD Meeting - Feb 2008 Transport Fundamentals Point to Point Protocol • Secures both endpoints in a connection • Certificates must reside in both endpoints • Must install the initial certificate manually – Cannot send private key over an unencrypted network – Cannot encrypt the communication without an initial certificate – Several methods of installing initial keys • Subsequent key changes can happen automatically over time or on demand BoD Meeting - Feb 2008 Point to Point Transport • Methods for changing symmetric and asymmetric keys are described in the protocol • TLS describes a method of re-handshaking which results in a symmetric key change without tearing down communications • TLS does not describe a method for changing Asymmetric keys • Possible use of expiration dates to trigger generation of new certificates. BoD Meeting - Feb 2008 Point to Point Protocol • The transport must ensure messages are received in the order they are sent • The transport must not send duplicate messages • Any violations of the above two criteria is a failure of the transport and requires the transport connection to be aborted BoD Meeting - Feb 2008 Multicast Protocol • One to many relationship • Multicast means IP Multicast for networks that support IGMP v2 • Uses UDP for low overhead – Lightweight – Efficient – Non critical data BoD Meeting - Feb 2008 Multicast Protocol • Possible uses – Progressive display update – Power down notification • Uses AES cipher for encryption – The key is sent from the host to the endpoints using a secure channel – G2S BoD Meeting - Feb 2008 Multicast Protocol • Multicast messages are sent to a configured multicast group • Multicast messages are sent to and received from a “soft” IP address • The multicast message IP address/port combination must be unique on the network BoD Meeting - Feb 2008 Messaging Protocols • S2S and G2S • Guaranteed Delivery at the message level • Guaranteed processing of messages for most messages with request response pairs • A Point to Point transport is required, Multicast is optional • Messages may be validated by a Schema BoD Meeting - Feb 2008 Messaging Protocols • Guaranteed message delivery (G2S Example) – g2s_ack message for all g2s messages (P2P) – The g2s_ack does not guarantee that the message has been processed – The g2s_ack can convey Message level errors back to the sender – Incomplete XML, invalid data type, etc. BoD Meeting - Feb 2008 Messaging Protocols • Message flow – Host sends a command – Client receives the command and sends the acknowledge – Client processes the command and sends a response command (if appropriate) – Host acknowledges the response – Host acts on the contents of the response BoD Meeting - Feb 2008 Messaging Protocols • Devices • Devices may refer to hardware or software • A software device is an instantiation of the class – A voucher device is an instantiation of the voucher class – In G2S, communication to a hardware device (printer, for example) does not directly communicate with the hardware BoD Meeting - Feb 2008 G2S Protocol • Three types of messages • Requests – Require a response command • Response • Notification – Must not receive a response command • The type is indicated in the sessionType, class level attribute BoD Meeting - Feb 2008 G2S Protocol • Each class may have one or more devices depending on the class • Meters are kept on a device level and a class level • Logs are kept on a class level • Each device must have an owner host and may have a configurator and guest hosts BoD Meeting - Feb 2008 G2S Protocol • Devices may be active or inactive – Inactive devices are not accessible to the general EGM commands • Devices may be enabled or disabled – Disabled devices are active but may not perform the function they are intended to – a disabled printer may not print – A device may be disabled as a result of an error BoD Meeting - Feb 2008 G2S Protocol • Owner hosts control the function of the device • Configurators configure the device • A device may have, at most, one owner and one configurator host • Guest hosts monitor the devices – A device may have multiple guest hosts • Each host has its own hostId and IP address BoD Meeting - Feb 2008 G2S Protocol • Everything generates an event – Hosts may subscribe to events – Events notify the host that the event has occurred and may contain associated data – The number of guest hosts is limited by the number of hosts supported by the EGM BoD Meeting - Feb 2008 G2S Protocol • Event data is gathered when the event is sent – If an event cannot be delivered and is retried, new data is gathered • Events may be sent as notifications or persisted – Events sent as notifications are not retried BoD Meeting - Feb 2008 G2S Protocol • Meters – Meters may be sent on periodic, EOD, on demand – The EOD meters are designed to be sent at EOD, coin drop, note drop and door open BoD Meeting - Feb 2008 S2S Protocol • G2S is designed to communicate with EGMs • S2S is designed to communicate with other clients such as edge servers, accounting systems proxies, signs etc. • 4 new classes were added in the latest version: Authorization, Pass Through, bonus and Progressive BoD Meeting - Feb 2008 S2S Protocol • Two types of commands – Simple commands – Complex commands • Simple commands do not have an associated response command • Complex commands contain an additional set of class level attributes that indicate the location to send the response, a request/response indicator and others BoD Meeting - Feb 2008 S2S Protocol • S2S does not support Guest Hosts • S2S does not have the numerous events that are typically associated with an EGM • S2S supports two methods of subscribing to events – S2S eventFilter class detects specific events – S2S infoUpdate allows for a client to subscribe to elements the host will send updates for BoD Meeting - Feb 2008 S2S G2S Transport • Questions??? BoD Meeting - Feb 2008