...
eDelivery October 2022 OMB Report
...
Date: 28 Sep
Reporting period: 20 Jul to 27 Sep
Project Owner (PO): DG CNECT
...
Project Manager (PM): Bogdan Dumitriu
Attendees:
Maya MADRID (chair, MM)
Bogdan DUMITRIU (BD)
Marcio SAMPAIO (MS)
Michal PILCH (MP)
Monika KOKSTAITE (MK)
Monika KOKSTAITE Radoslav JAKUB (RJ)
Olha KOSHCHIYENKO (OK)
Dragos SERBAN (DS)
Anna BUSDRAGHI Adrien GOHY (AG)
Kristof POPGEORGIJEV (KP)
Zsombor NAGY (ZN)
Adrien GOHY Todor TODOROV (TT)
Section 1: Project Management
Milestones Progress
Title | Start Date | End Date | % |
---|
completed |
---|
Status | Comments |
---|---|
Domibus |
5. |
0. |
Status | ||||
---|---|---|---|---|
|
2 |
| TBD | 10% |
|
|
| (bug fix release |
Release currently on hold due to a dependency with a upcoming release of a 3rd party library
Status | ||||
---|---|---|---|---|
|
- Fix migration scripts ongoing messages | Possibility to have a separate log containing all errors | 3rd Party libraries upgrade) | |||
Domibus 5.1 RC |
| 40% |
|
|
| |||
Domibus |
5. |
Status | ||||
---|---|---|---|---|
|
100%
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
13/Oct/21
1 FR |
|
| - |
| |||||||
SML 4.2 FR |
|
|
100% |
|
SMP 5.0 RC |
|
| 10% |
|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
bug and security fix release (domain case insensitive issue | bug when Domibus accepts messages signed with key corresponding to a different party | Updated Wildfly version to 26.1.0 | Update several libraries to the latest version)
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Release to be postponed from 29th April to new date (see table).
Release postponed once again from the 31st May due to vulnerabilities detected in 3rd party libraries
-
Status | ||||
---|---|---|---|---|
|
Bug fix release (Correct Split & Join issue | Provide support for UUM&DS X.509 identifiers in addition to EORI (Support for CESOP project))
| |||||||||||
eDelivery AS4 2.0 profile |
|
| 70% |
| main focus of this profile version is the upgrade to new cryptographic algorithms | ||||||
Upgrade conformance testing service |
|
| 60% |
| |||||||
Migration to GITLab |
| Q4 2024 | 2% |
| |||||||
Migration to a new PKI service provider (CommisSign) |
| Q1 2023 | 50% |
| |||||||
Define new documentation model for the eDelivery sample implementations |
|
| 0% |
| |||||||
eDelivery TO team transition to DIGIT TM2 |
|
| 30% |
|
16/Jan/23
Status | ||
---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Postponed from 10/Nov/20 to 18Jan/21 due to an important security enhancement that became possible due to a policy change at SNET level.
Security features and updates | Upgrade libraries to latest possible versions and fix OWASP threats
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
| |||
ITSRM2 - SML service security plan |
|
| 90% |
|
Status | ||||
---|---|---|---|---|
|
Use EU Login for SMP console | Upgrade libraries to latest possible versions and fix OWASP threats | Security features and updates (new release dates set)
Release postponed from the 27th May due to issues detected in the final testing stages
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||
---|---|---|
|
To be released following the UAT to be conducted by the DECIDE project
Status | ||||
---|---|---|---|---|
|
Plugin upgrade to support Domibus 5.0
Status | ||
---|---|---|
|
Project Progress
DOMIBUS:
- Domibus 4.2.11 version released on the (bug fix and 3rd party libraries updates)
- Domibus 5.0.1 version a bug fix release (Correct Split & Join issue | Provide support for UUM&DS X.509 identifiers in addition to EORI (Support for CESOP project)) released on the
- Domibus 5.1 RC development activities are ongoing.
SMP:
- No activities foreseen
SML:
- SML 4.2 RC released on the
- SML 4.2 FR activities are ongoing, release foreseen for the
eDelivery Access Point - e-TrustEx Backend Plugin:
- eDelivery Access Point - e-TrustEx Backend Plugin 2.0 RC (Plugin upgrade to support Domibus 5.0) activities are ongoing.
- Due to operational issues, it has been requested to equate the implementation of several RfCs by the EUSEND support team, if the confirmation from SecGen is received the work on version to 2.0 will be put on hold, and the RfCs implementation will be initiated. leading to a 1.3.4 version of the plugins. Version 1.3.4 estimated conclusion date would be the and 2.0 would be pushed to mid-January.
eDelivery Conf testing platform:
- PoC in the context of the migration from the current custom build conformance testing platform to the EC GITB (generic interoperable test bed) platform concluded.
- Required customizations for the execution of the eDelivery AS4 conformance tests in the EC GITB implemented.
- Migration of the existing test cases to the new EC GITB platform ongoing.
- Recreation of the current conformance testing setup in the GITB platform expected to be concluded by the
Section 2: Evolutive Maintenance
Change Requests
Release Calendar
Section 3: Support Office
Incident Management :
In terms of created tickets and JIRA’s, we see that August 2022 is similar to July 2022. The higher number of handled and resolved tickets is due to the fact that SO worked on the backlog of tickets in August 2022.
|
Overall Project Progress
Project team
Contractual
- New contracts under DIGIT TM II FWC
- All requests sent
- First contracts were signed, majority still underway (on track for December 2022, when current contracts expire)
- All requests sent
- New contracts under DG COMM FWC signed for SMCO team
- BEACON procedure launched for SMCO work in 2023
- New contracts under DIGIT TM II FWC
Organisational
- Entire eDelivery team met on site on and
- Testing team missing two resources. One new junior candidate selected who will start on , further interviews planned
- SMCO team now complete
- Technical writer started on
Technical
Specifications: eDelivery AS4 Profile
- Proof of concept for new cryptography completed, reviewed by expert, new approach validated
- Profile update pending availability of expert
Software product: Domibus
- Domibus 4.2.12: activities initiated. This bug fix release tackles several reported minor bugs.
- Domibus 5.0.2: activities initiated. This bug fix release tackles several reported bugs (mostly minor, one more significant), 3rd party library upgrades and the inclusion of some minor additional features.
- Domibus 5.1 RC: development activities are ongoing and on schedule. Support for different security certificates for signing and encryption completed.
Software product: SMP
- SMP 5.0 RC: development activities initiated.
Software product: SML
- SML 4.2 FR released on the .
Software product: eDelivery Conformance Testing Platform
- Required development for the execution of the eDelivery AS4 conformance tests in the EC GITB concluded
- Configuration customizations for the implementation of versioning for the different test suites and specifications in the platform ongoing
- Migration of the existing Test Suites to the new EC GITB platform ongoing
- The eDelivery Connectivity Testing Service will also be migrated to the same platform
Service: PKI Service
- All active projects signed new GTC
- Around 300 certificates left to migrate
Service: SML Service
- SML 4.2 installed in the SML Service on
Onboarding & Communication
- Once-Only Technical System confirmed as data space (and using eDelivery)
- Meetings with OpenPeppol show renewed openness for collaboration, but no clear intention of full alignment with eDelivery standards. Follow-up discussions and participation in OpenPeppol 10-year anniversary conference to follow.
- eDelivery-EHDS collaboration proceeding smoothly (MoU without financial contribution to be signed soon)
- 2nd eDelivery newsletter sent, one webinar organised, social media accounts created
Compliance
- SML Service ITSRM2 Security Plan in ARES. GovIS2 updated and implementation of security measures underway
- Privacy policy for SML & PKI Service finalised and published
- SML Service ITSRM2 Security Plan in ARES. GovIS2 updated and implementation of security measures underway
Miscellaneous
- eDelivery software unaffected by Apache Commons Text vulnerability
- Technical writer onboarded: preparing fundamental changes on how documentation will be handled, with the medium-term objective being to redesign the Domibus Admin Guide.
- Meeting with eID team to discuss the EU Trust Dashboard that allows the configuration of eID nodes. This could be interesting to explore for eDelivery network management, but there is a concern about overlapping with dynamic discovery. (This tool allows admin to upload configuration/certificates to the participant nodes in a network.)
...
Section 2: Evolutive Maintenance
Change Requests
Jira | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Release Calendar
...
Section 3: Support Office
- Intensive support to European Parliament team using Domibus to exchange data in the legislative decision process. Issue resolved after two weeks.
Incident Management:
SMT - workload details:
More SMT tickets were opened and handled due to the high number of requests to renew/issue PKI certificates in September 2022. There were also a lot of questions from users on how to install the new certificate with keystore and truststore.
Email interaction:
For eDelivery, received mails were related to:
- Requests for AS4 connectivity test with Keskus, Micerium Spa
- Conformance testing request for Descartes: added Descartes as conformant solution on AS4 solution page of Digital site
- Requests for AS4 connectivity test with Cyprus post, Onnera
- Conformance testing request for Descartes
- List of Peppol participant ID’s sent to Peppol
- GTC’s for CommisSign certificates were signed to all domains, except for the 2 following ones: SE-DIGG and TOOP. TOOP confirmed the project is end-of-life.
- Change of SML authentication method for EESPA and DE4A
- Questions from users: Domibus (messages not displaying in Admin console, Domibus upgrade and migration script from 4.2.0 x to 5.0 , Domibus & 5.0 installation with MySQL.1, question on Pmode, WS plugin), SML/SMP (participants registrations update, SMP certificate update, SMP 4.2 version installation, question on migration of 3000+ Peppol-Participant-IDs on the SMK to another SMP), BRIS (PKI certificate), DE4A (PKI certificates), ECDB (PKI certificate renewal, issue with keystore/truststore installation for PKI certificate), PCN (PKI certificate request), EDELGOVCY (PKI certificates), CiXP (certificate requests), EUDAMED (certificates request), IRI EUCEG (PKI certificates requests), EUCEG UDB (PKI certificates), TAPAS (scheduled archive batch does not work properly, high CPU consumption issuefake EO onboarding, dropdown wizard statistics, cron issue with Domibus 5.0)
- There was a total of 641 1101 emails in the FMB. We have removed 63 64 emails for SML Inconsistency, 75 64 Run deck automation, 12 43 from xmatters, 30 72 emails from T-systems PKI Commissign from the count, which makes a total of 461 922 received mails for the reporting month.
PKI:
In August September 2022, 55 60 certificates were issued: 1 UDBDECIDE, 1 EUDAMEDPCN, 5 6 CiXP, 12 DE4A, 1 PCNECDB, 1 1 EUCEG, 1 ECDBEUDAMED, 33 BRIS - none 37 BRIS, 12 DE4A. 1 CiXP certificate was rejected.
...
Operations management:
...
SML – Availability:
The full availability report is published on the web site of the SML Service, in the last section.
...
Operations management:
...