BoD Meeting - Feb 2008 GSA Committee Technical Update For Engineers

BoD Meeting - Feb 2008 GSA Committee Update GSA Committees –SAS –GDS –Transport –S2S –G2S

BoD Meeting - Feb 2008 Committee Procedures Committees have a Chair and Vice Chair position Committees meet Face to Face Quarterly (approximately) Committees may (and do) meet more regularly on an ad hoc basis –Ad hoc meetings may be as frequent as necessary –They are typically held via teleconference

BoD Meeting - Feb 2008 Committee Procedures Formal meetings may be held when binding votes are necessary Binding votes may only occur at a formal meeting Formal votes may be face to face or by teleconference Voting Members must be at the Gold level and must have participated in the last two formal meetings

BoD Meeting - Feb 2008 Committee Procedures Each Member gets one vote Votes are passed by a simple majority All formal meetings have minutes taken Many ad hoc (or informal) meetings have unofficial minutes to record progress. Specific procedures for committees are in GSA policy 124

BoD Meeting - Feb 2008 Committee Functions The committees meet to advance correct or modify the protocols JIRA is the project tracking program used by the committees –All members may have JIRA access –Contact the JIRA administrator through the GSA website for log in info and password

BoD Meeting - Feb 2008 Committee Procedures Virtually all items addressed by the committee are a result of a JIRA item JIRA allows members to enter an item and to comment on other items already entered All comments are visible Members may subscribe to JIRA items so that they are notified when comments are made

BoD Meeting - Feb 2008 Committee Procedures The committee Chair determines the agenda and moderates the meetings All members may participate in any of the committee meetings

BoD Meeting - Feb 2008 SAS The SAS committee recently made accommodations in the protocol for existing implementations The group will be working the 2008 Committee operating guidelines The group will discuss the Test Script Workgroup

BoD Meeting - Feb 2008 SAS Committee Primarily in maintenance mode No major development Bug fixes Additional enhancements approved by the Board of Directors Final work on Addendum this session Eventual phase out of the SAS protocol

BoD Meeting - Feb 2008 SAS Committee Tool kit being maintained and updated Test scripts being maintained and updated Working group to be formed for tool kit and test script maintenance/development

BoD Meeting - Feb 2008 GDS Committee USB Based protocol Designed for peripheral devices such as printer, note acceptor, card reader, etc. USB 2.0 based New revisions to be released within 30 days Currently working on printable characters description Will work in conjunction with G2S and S2S for transmitting characters

BoD Meeting - Feb 2008 Transport Committee The Point to Point with errata 1 is the most current protocol The Multicast protocol is the most current The committee is correcting bugs and working on Transport Certification requirements Currently working on Transport Certification Worked out NTP, SCEP and DHCP

BoD Meeting - Feb 2008 Transport Status In our last meeting we discussed the GET and POST SCEP commands and the affects on proxies and caches We determined that proxies and caches were not suitable for security messages We will be evaluating a document that provides additional clarifying text for SCEP and OCSP functions in the Transport protocol

BoD Meeting - Feb 2008 G2S The committee voted to release the latest version for Membership comment The group will be addressing comments (JIRA items) and deciding on corrections The group will be discussing new classes: Tournament Class is on the agenda The group will be discussing backward compatibility

BoD Meeting - Feb 2008 G2S Backward compatibility has several forms –Application backward compatibility –Schema backward compatibility Several JIRA items relate to this issue The group will discuss rules or guidelines referring to changing schemas

BoD Meeting - Feb 2008 S2S The committee voted to release their protocol to the Member Vote period The current version for the committee is The committee will begin discussing the next revision which will be a serious re-write of many of the classes.

BoD Meeting - Feb 2008 S2S Big Bang Revision –May of the older classes are very element heavy –We have found attribute heavy structures to be easier to maintain. G2S is designed as attribute heavy –We will be re-writing these classes to be attribute heavy –We will be adjusting the data structure of S2S to be compatible with G2S.

BoD Meeting - Feb 2008 Transport Fundamentals Currently two transports –Point to Point –Multicast Point to Point support required for messaging protocols

BoD Meeting - Feb 2008 Transport Fundamentals Point to Point transport features –TLS/SSL security – TLS 1.0 support required –SCEP is the Certificate handling protocol –OSCP is the revocation service –DHCP support with vendor extensions –NTP supported –X509 v3 certificate support required

BoD Meeting - Feb 2008 Transport Fundamentals Point to Point Protocol Secures both endpoints in a connection Certificates must reside in both endpoints Must install the initial certificate manually –Cannot send private key over an unencrypted network –Cannot encrypt the communication without an initial certificate –Several methods of installing initial keys Subsequent key changes can happen automatically over time or on demand

BoD Meeting - Feb 2008 Point to Point Transport Methods for changing symmetric and asymmetric keys are described in the protocol TLS describes a method of re-handshaking which results in a symmetric key change without tearing down communications TLS does not describe a method for changing Asymmetric keys Possible use of expiration dates to trigger generation of new certificates.

BoD Meeting - Feb 2008 Point to Point Protocol The transport must ensure messages are received in the order they are sent The transport must not send duplicate messages Any violations of the above two criteria is a failure of the transport and requires the transport connection to be aborted

BoD Meeting - Feb 2008 Multicast Protocol One to many relationship Multicast means IP Multicast for networks that support IGMP v2 Uses UDP for low overhead –Lightweight –Efficient –Non critical data

BoD Meeting - Feb 2008 Multicast Protocol Possible uses –Progressive display update –Power down notification Uses AES cipher for encryption –The key is sent from the host to the endpoints using a secure channel – G2S

BoD Meeting - Feb 2008 Multicast Protocol Multicast messages are sent to a configured multicast group Multicast messages are sent to and received from a “soft” IP address The multicast message IP address/port combination must be unique on the network

BoD Meeting - Feb 2008 Messaging Protocols S2S and G2S Guaranteed Delivery at the message level Guaranteed processing of messages for most messages with request response pairs A Point to Point transport is required, Multicast is optional Messages may be validated by a Schema

BoD Meeting - Feb 2008 Messaging Protocols Guaranteed message delivery (G2S Example) –g2s_ack message for all g2s messages (P2P) –The g2s_ack does not guarantee that the message has been processed –The g2s_ack can convey Message level errors back to the sender – Incomplete XML, invalid data type, etc.

BoD Meeting - Feb 2008 Messaging Protocols Message flow –Host sends a command –Client receives the command and sends the acknowledge –Client processes the command and sends a response command (if appropriate) –Host acknowledges the response –Host acts on the contents of the response

BoD Meeting - Feb 2008 Messaging Protocols Devices Devices may refer to hardware or software A software device is an instantiation of the class –A voucher device is an instantiation of the voucher class –In G2S, communication to a hardware device (printer, for example) does not directly communicate with the hardware

BoD Meeting - Feb 2008 G2S Protocol Three types of messages Requests –Require a response command Response Notification –Must not receive a response command The type is indicated in the sessionType, class level attribute

BoD Meeting - Feb 2008 G2S Protocol Each class may have one or more devices depending on the class Meters are kept on a device level and a class level Logs are kept on a class level Each device must have an owner host and may have a configurator and guest hosts

BoD Meeting - Feb 2008 G2S Protocol Devices may be active or inactive –Inactive devices are not accessible to the general EGM commands Devices may be enabled or disabled –Disabled devices are active but may not perform the function they are intended to – a disabled printer may not print –A device may be disabled as a result of an error

BoD Meeting - Feb 2008 G2S Protocol Owner hosts control the function of the device Configurators configure the device A device may have, at most, one owner and one configurator host Guest hosts monitor the devices –A device may have multiple guest hosts Each host has its own hostId and IP address

BoD Meeting - Feb 2008 G2S Protocol Everything generates an event –Hosts may subscribe to events –Events notify the host that the event has occurred and may contain associated data –The number of guest hosts is limited by the number of hosts supported by the EGM

BoD Meeting - Feb 2008 G2S Protocol Event data is gathered when the event is sent –If an event cannot be delivered and is retried, new data is gathered Events may be sent as notifications or persisted –Events sent as notifications are not retried

BoD Meeting - Feb 2008 G2S Protocol Meters –Meters may be sent on periodic, EOD, on demand –The EOD meters are designed to be sent at EOD, coin drop, note drop and door open

BoD Meeting - Feb 2008 S2S Protocol G2S is designed to communicate with EGMs S2S is designed to communicate with other clients such as edge servers, accounting systems proxies, signs etc. 4 new classes were added in the latest version: Authorization, Pass Through, bonus and Progressive

BoD Meeting - Feb 2008 S2S Protocol Two types of commands –Simple commands –Complex commands Simple commands do not have an associated response command Complex commands contain an additional set of class level attributes that indicate the location to send the response, a request/response indicator and others

BoD Meeting - Feb 2008 S2S Protocol S2S does not support Guest Hosts S2S does not have the numerous events that are typically associated with an EGM S2S supports two methods of subscribing to events –S2S eventFilter class detects specific events –S2S infoUpdate allows for a client to subscribe to elements the host will send updates for

BoD Meeting - Feb 2008 S2S G2S Transport Questions???