Versions Compared

Old Version 1

changes.mady.by.user Ines COSTA

Saved on

compared with

New Version Current

changes.mady.by.user Manon Thonnard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
HTML Wrap
padding25px 50px 25px 50px
background-repeatno-repeat
margin0px 0px 25px 0px
source-page-id59192317
background-imageedel_banner2.png
classbanner--background
height200px
Section
source-page-id59192317
HTML
source-page-id59192317
<div class="banner--top-border"></div>
HTML Wrap
source-page-id59192317
classbanner

CEF DIGITAL

Working group meeting #3 - APIs4IPS (API strategy essentials and REST-based API extensions and Blockchain) 

30 June

24 September 2020 / 10:00 - 13:00

Online meeting via Webex

Excerpt
hiddentrue
Page properties
Title

Working group meeting #2 – APIs4IPS (API strategy essentials and REST-based API extensions and Blockchain) 

Excerpt

Working group meeting – focusing on the work on the future of eDelivery

Date

30 Jun  

Event summary

The CEF eDelivery team is organising the second subgroup meeting focusing on the work on the future of eDelivery. This work will include a focus on REST-based API extensions to eDelivery and possible use of Blockchain technology.

If you have any additional comments or questions on the workshop, or generally concerning CEF eDelivery, the Service Offering or grant funding, please reach out to us via Service Desk.

Aui button
source-page-id59192317
TitleContact us
URLhttps://ec.europa.eu/digital-building-blocks/tracker/plugins/servlet/desk/portal/2/create/4

You will need to be logged in using an EU Login account to submit a request. Don't have an EU Login account yet? Sign up here.

 

Participants

European CommissionMember States' representatives
  • Dietmar Gattwinkel (DG CNECT H4) API4IPS coordinator
  • Bogdan Dumitriu (DIGIT D3) – Project Manager « eDelivery API extension »« Future of CEF eDelivery »
  • Maarten Daniels Dorin Frăsîneanu (DIGIT D3)
  • Ines Costa Vlad Veduta (DIGIT D3)
  • Joao Frade Jerry Dimitriou (DIGIT D3)
  • Maarten Daniels Manon Thonnard (DIGIT D3)
  • Vlad Veduta Ines Costa (DIGIT D3)
  • Monica Posada (JRC B6) – Project Manager « API strategy essentials »guidelines for government »
  • Lorenzino Vaccari (JRC B6)
  • Dietmar Gattwinkel (DG CNECT H4) API4IPS coordinator
  • Andres Moreno (ECHA)
  • Herve DUPUY (INEA)
  • Radoslav Jakub (INEA)
  • Arne DybdahChristophe Gaie, NorwayFrance, e-Health DirectorateAtte Pirttila, Finland, Digital and Population Data Services AgencyInterministerial Directorate of Digital and IS of the State (DINSIC)
  • Erik Hagen, Norway, DIFI - Agency for Public Management and eGovernment
  • Espen Korra (DigDir)
  • Hans Sinnige, The Netherlands, RINIS Foundation
  • Irma Pardijs, The Netherlands, RINIS Foundation Jose Antonio Eusamio, Spain, Ministry of Finance & Public
  • AdministrationJudie Attard, Malta, MITA - Malta Information Technology Agency
  • Klaus Luttich, Germany, Governikus
  • Luís Luis Valente, Portugal, AMA AMA - Administrative Modernisation Agency
  • Ondrej Medovic, Czech Republic, Ministry of the InteriorMartin Volcker, Sweden, Agency for Digital Government
  • Michel Bugeja, Malta, MITA - Malta Information Technology Agency
  • Martin Volcker, Sweden, Agency for Digital Government
  • Pavel Tesar, Czech Republic, Ministry of Interior Petteri
  • KivimakiPedro Costa, Estonia, Nordic Institute for Interoperability Solutions (NIIS)
  • Phillip Helger, OpenPEPPOL
  • Portugal, AMA - Administrative Modernisation Agency
  • Piet van Piet van der Berg, The Netherlands, RINIS Foundation
  • Priit Kreitzberg, Estonia, Ministry of Economic Affairs and Communications
  • Roberto Polli, Italy, Italian Government Digital Team
  • Tomas Sedivec, Czech Republic, Ministry of Interior
  • Virginijus Jasaitis, Lithuania, Ministry of Transport and CommunicationsSven Rasmussen, Denmark, DIGST - Danish Agency for Digitalization



Draft Agenda 

Item

Time

Who

PresentationsNotes

Welcome and

introduction

introduction 

5

10 mins

Dietmar Gattwinkel (CEF eDelivery Business Owner, DG CNECT H4)

ISA² IPS APIs 30_06_2020

CEFeDeliveryWorkingGroupMeeting24092020_v0.06.pptx



Dietmar Gattwinkel welcomed the participants and introduced the agenda for the session

and the new ISA² action Working group page (main page can be accessed here).

, asking participants whether any additions should be considered.

Update on REST API profile

REST APIs track

:

  • Scoping document – presentation
and discussionUse case: Data Management Interface
  • of latest updates
  • Timeline and next steps
60

30 mins

Maarten Daniels,

Bogdan Dumitriu

and

, Vlad Veduta (CEF eDelivery Technical team, DIGIT D3

CEFeDeliveryWorkingGroupMeeting30062020_v0.04.pptx

)

  • Bogdan Dumitriu presented the
REST APIs track and the project scoping document. Cf. slides.
  • The first draft of the project scoping document was presented during the meeting. This will be followed by the collection of stakeholders’ feedback by end of July. Further changes will then be made in order to address the feedback and to enrich the document, with the aim to have a final version before the meeting in September.
  • The scope of the project could potentially be interpreted in many different ways, hence the need to clearly specify it from the beginning.
  • Maarten Daniels presented the use case on Data Management Interface, clarifying that the purpose of implementing the use case would be to test the profile and not to make the profile applicable exclusively to this use case.
  • Bogdan Dumitriu presented the timeline and the deadlines for the REST APIs track of the project.
  • Martin Volcker commented that he now believes the project is going in the right direction and asked for clarification on how SML and SMP would be included in the scope. Bogdan answered that SML and SMP could be one possible future application of the profile, i.e. how to update a central metadata repository as a component that is part of a larger architecture. Martin stressed that it could be that the ISA² programme is already working on something similar since it will be an important question in the future, i.e. a central metadata repository. Monica clarified that it this is being addressed in the API4IPS “Strategy essentials for the public sector” study.
  • Jose Antonio Eusamio inquired about the added value of working on a REST profile. Sven Rasmussen argued that this profile aims to address the situations where the recipients are unknown (e.g. in lookup configuration) and APIs are better suited for lightweight platforms that are not able to carry out an eDelivery implementation. He stressed that the ongoing work is very positive and that a standardised common profile would indeed limit thechoices that can be made by a project, but would bring added value in terms of interoperability. He reminded the WG that the need to have a REST profile was supported by a large number of Member States during the ISA² Committee meeting..
  • Philip Helger indicated that HTTP2 might be an option for streaming, which has options for parallel data exchange and compression on transport level.
  • Erik Hagen informed that Norway has been working on reference architectures for similar configurations and asked whether any coordination or cooperation with Member States was planned. Bogdan explained that the idea of the bilateral meetings planned to happen in the first half of September is precisely to collaborate with the stakeholders and collect their input.

    • Break (10 mins)

    Blockchain track:

    • Presentation and discussion on blockchain features to implement (i.e. metadata to store for statistics and querying capabilities)
    • new colleague joining the team, Jerry Dimitriou, who would be working as an expert on the REST API profile. Jerry was also involved in the TOOP project and would in the future be involved in the OOP project.
    • Bogdan Dumitriu proceeded with the presentation of the changes made to the REST API scoping document following the stakeholders’ feedback in bi-lateral meetings and explained that this version of the document is considered pre-final, subject to a final review cycle ending on 4 October 2020 before being finalised (cf. presentation slides). He reassured that the work planned in this project does not affect in any way the eDelivery AS4 profile. The main changes, based on the feedback received, were related to clarifications concerning the separation between the REST API profile and the CEF eDelivery AS4 profile, on the types of scenarios aimed to be addressed by the profile and on the envisaged technical approach to defining the profile.
    • Roberto Polli shared some considerations on Identity and Transport:

    o   On Identity, he welcomed the addition of FIDO2 and other techniques that go beyond mutual TLS.

    o   On Transport, he suggested to consider that HTTP semantics (e.g. GET, POST) is independent between HTTP/1.1 and HTTP/2.

    • Regarding payload signing, Roberto Polli informed that there is ongoing work both in IETF and ETSI on this matter. He suggested to collaborate with these organisations to promote worldwide standards. In this context, he commented that JWS is currently questioned for being too flexible to be secure.
    • Roberto Polli raised some questions on why the API was only targeting ‘light context’ scenarios and how the point of multiple corners could be managed.
    • Roberto Polli also mentioned that it would be better to work with HTTP rather than AMQP and MQTT as it provides a better semantic layer to support authentication, authorization and integrity.
    • Jerry Dimitriou commented that regarding identity it is not about a change of semantics but rather the need to use better functionalities provided by HTTP/2 (e.g., HTTP/2 encrypted headers and other things such as JWS to authenticate both client and response from the server).
    • Lorenzino Vaccari commented that in the case of an event-driven architectures, the REST architectural style could be used, but, depending on the requirements, other styles could be more suitable. Event-driven APIs can be documented/published, for example, by using the AsyncAPI specification.

    Update on Integration with CEF EBSI (blockchain):

    • Presentation of functional specifications
    • Timeline and next steps
    		20
    45
    minsBogdan Dumitriu and Vlad Veduta, DIGIT D3

    Cf. slides on previous agenda point. 

    • Slides presented by Bogdan.
    • With regard to the collection of data for statistics, there was a question on which parts of the AS4 message would be in scope (e.g. SOAP header, payload, or UserMessage). Bogdan clarified that only a subset of metadata would be considered for collection. Additionally, the collection (or not) of data for statistics would be the choice of the specific domain or Access Point. It would not be made mandatory or configured to be enabled by default. The principle would be to allow every domain to define the subset of the data that they want to record.
    • In answer to a question regarding the overhead implied by using the EBSI ledger instead of generating a timestamp from the AS4 node server, Bogdan explained that, because of the delay due to the way the ledger operates, the notarisation would be done asynchronously and that therefore there would be no noticeable overhead. Furthermore, the feature of notarisation would be disabled by default and available as an option for the domains or Access Points that want to use it.
    • Jose Antonio Eusamio asked what the added value of EBSI would be. Bogdan clarified that EBSI was a concrete service providing a blockchain. Considering that one of the aims of the project is to conduct a pilot integration between CEF eDelivery and blockchain, selecting a blockchain implementation that was itself a CEF building block would explore natural synergies.
    • Bogdan further informed that the next objective related to this work track was to prepare draft functional specifications elaborating how Domibus could integrate with EBSI for the September meeting.
    Bogdan Dumitriu presented the draft functional specifications prepared by the project team to describe the planned integration between Domibus and CEF EBSI (blockchain) (cf. slides). The working group was invited to provide feedback on the presented document by 30 October 2020.
    Break
    • Update on JRC reports – Input for upcoming API related events
    • Discussion

    15 mins

    (+ 45 mins discussion)

    Monica Posada and Lorenzino Vaccari, JRC B6

    Meeting participants to contribute to the discussion

    200924_API4IPS_WG_fin.pdf

    • Monica Posada introduced the session informing about the upcoming API related events and get input to prepare the event on 25th September: Apidays Essential: Public Administration – Private Sector API Codesign.
    • Monica Posada announced publication of the APIs for Digital Government material (reports):
    • APIs in Digital Government: https://ec.europa.eu/jrc/en/publication/eur-scientific-and-technical-research-reports/application-programming-interfaces-governments-why-what-and-how
    • API framework for API adoption in government : https://ec.europa.eu/jrc/en/publication/application-programming-interface-api-framework-digital-government
    • API framework Self-assessment tool: https://ec.europa.eu/eusurvey/runner/APIFrameworkTool
    • All reports and additional material is available collection on Joinup: https://joinup.ec.europa.eu/collection/api4dt/about
    • The description and the outputs of the Application Programming Interfaces for Digital Government (APIs4DGov) former project are also available at the following link: https://ec.europa.eu/digital-single-market/en/news/apis-enablers-digital-transformation-governments
    • Lorenzino Vaccari proceeded to ask participants to the meeting to join a sli.do survey to have more input regarding how the participants manage several aspects related to API, such as life cycle, API design style, documenting APIs, standards for development of APIs, security measures, discovering mechanisms, monitoring, metrics and authentication.
    • Roberto Polli explained that in the Italian administration there is an idea to create a central platform for providing machine-to-machine API authentication via authentication & authorisation tokens, to avoid that participants have to rely on a four-corner approach. Robert invited the audience to share any possible national approaches to address this need.
    • Martin Volcker asked if there is any information on what is happening on eIDAS regarding ERDS and any relevant legal aspects impacting eDelivery. Dietmar Gattwinkel informed that this aspect is part of the eIDAS review but there is no consolidated answer on this yet. Bogdan Dumitriu mentioned that the project team had a meeting with ETSI to promote the alignment between the ETSI standardisation process, that is evaluating the need to address the REST style in an ERDS context, and the work on the REST API profile

    APIs for Innovative Public Sector (API4 IPS):

    • Updates and scoping
    60 minsMonica Posada, JRC B6

    20200630_WGAPIS_1.pdf

  • Monica Posada and Lorenzino Vaccari presented the latest updates, scoping and timeline of the API4IPS study, and a description of the API framework for governments (cf. slides). As an example of future consultation with the Working Group Lorenzino presented the API framework online self-assessment tool and asked the participants to fill in the questionnaire for proposal 6 (Harmonise platform and ecosystems assets)  and to provide There was one comment by Philip Helger related to the use of too government centric terminology. Lorenzino clarified that the framework has been designed and created for governmental institutions and that its concept could be extended to other types of organisations, too. As requested during the workshop, the tool has been updated to fill it anonymously. The tool is available for comments and tests till the 10th of July to the whole working group. The tool will be then publicly announced and released, together with the publication of JRC report on the API framework. 
    • Dietmar Gattwinkel wrapped up the discussion and thanked the participation of the attendees
    • .


    Useful links:

    About the ISA² action on Innovative Public Services:

    In the ISA² Work Programme for 2020, the action on Innovative Public Services has, among others, the objective of developing relevant legal, organisational and technical artefacts trialled through an extension and combination of the CEF eDelivery building block with blockchain based transactions’ log and a REST-based profile (a.k.a. APIs approach), that support new patterns of data access by request and data sharing.


    The work related to the REST-based profile will take as input the JRC study on APIs4DGov that analysed the API technological landscape and its standards and technical specifications for general purpose use. This aims to support the definition of stable APIs for digital government services, avoiding the need to develop ad hoc solutions and helping stakeholders in the identification and selection of such solutions.


    The scope of the ISA² action will be to develop the following:

    • A set of guidelines and specifications for establishing interoperable REST-based APIs for service invocation and publication of both open and protected data. Sample library implementation for API’s as well as software supporting central/core services such as service catalogues and service discovery could be also in scope.
    • Extension of eDelivery with other building blocks and innovative technical approaches such as blockchain and APIs. Should the pilots be successful, the CEF eDelivery building block will be enriched with a REST-based profile and a blockchain-based log of transactions. Every element will be modular so that it can be used in combination with the existing AS4-profile (of eDelivery) or on its own.


    About CEF eDelivery:

    The CEF eDelivery building block helps public administrations and businesses (and indirectly citizens) to participate in eDelivery Messaging Infrastructures which facilitate organisation-to-organisation messaging by enabling their systems to interact with each other in a secure, reliable and trusted way. The Connecting Europe Facility (CEF) Digital Programme, is currently promoting the adoption of common standards in the eDelivery Messaging Infrastructures in different policy domains (Business Registers, eJustice, eProcurement, etc.).