bod meeting - feb 2008 gsa committee technical update for engineers

BoD Meeting - Feb 2008

GSA Committee Technical Update

For Engineers


GSA Committee Update

• GSA Committees

– SAS

– GDS

– Transport

– S2S

– G2S


Committee Procedures

• Committees have a Chair and Vice Chair position

• Committees meet Face to Face Quarterly (approximately)

• Committees may (and do) meet more regularly on an ad hoc basis

– Ad hoc meetings may be as frequent as necessary

– They are typically held via teleconference



• Formal meetings may be held when binding votes are necessary

• Binding votes may only occur at a formal meeting

• Formal votes may be face to face or by teleconference

• Voting Members must be at the Gold level and must have participated in the last two formal meetings



• Each Member gets one vote

• Votes are passed by a simple majority

• All formal meetings have minutes taken

• Many ad hoc (or informal) meetings have unofficial minutes to record progress.

• Specific procedures for committees are in GSA policy 124


Committee Functions

• The committees meet to advance correct or modify the protocols

• JIRA is the project tracking program used by the committees

– All members may have JIRA access

– Contact the JIRA administrator through the GSA website for log in info and password



• Virtually all items addressed by the committee are a result of a JIRA item

• JIRA allows members to enter an item and to comment on other items already entered

• All comments are visible

• Members may subscribe to JIRA items so that they are notified when comments are made



• The committee Chair determines the agenda and moderates the meetings

• All members may participate in any of the committee meetings


SAS

• The SAS committee recently made accommodations in the protocol for existing implementations

• The group will be working the 2008 Committee operating guidelines

• The group will discuss the Test Script Workgroup


SAS Committee

• Primarily in maintenance mode

• No major development

• Bug fixes

• Additional enhancements approved by the Board of Directors

• Final work on Addendum this session

• Eventual phase out of the SAS protocol


SAS Committee

• Tool kit being maintained and updated

• Test scripts being maintained and updated

• Working group to be formed for tool kit and test script maintenance/development


GDS Committee

• USB Based protocol

• Designed for peripheral devices such as printer, note acceptor, card reader, etc.

• USB 2.0 based

• New revisions to be released within 30 days

• Currently working on printable characters description

• Will work in conjunction with G2S and S2S for transmitting characters


Transport Committee

• The 1.0.3 Point to Point with errata 1 is the most current protocol

• The 1.0.7 Multicast protocol is the most current

• The committee is correcting bugs and working on Transport Certification requirements

• Currently working on Transport Certification

• Worked out NTP, SCEP and DHCP


Transport Status

• In our last meeting we discussed the GET and POST SCEP commands and the affects on proxies and caches

• We determined that proxies and caches were not suitable for security messages

• We will be evaluating a document that provides additional clarifying text for SCEP and OCSP functions in the Transport protocol


G2S

• The committee voted to release the latest version 1.0.4.2 for Membership comment

• The group will be addressing comments (JIRA items) and deciding on corrections

• The group will be discussing new classes: Tournament Class is on the agenda

• The group will be discussing backward compatibility


G2S

• Backward compatibility has several forms

– Application backward compatibility

– Schema backward compatibility

• Several JIRA items relate to this issue

• The group will discuss rules or guidelines referring to changing schemas


S2S

• The committee voted to release their protocol to the Member Vote period

• The current version for the committee is 1.2.6.5

• The committee will begin discussing the next revision which will be a serious re-write of many of the classes.


S2S

• Big Bang Revision

– May of the older classes are very element heavy

– We have found attribute heavy structures to be easier to maintain. G2S is designed as attribute heavy

– We will be re-writing these classes to be attribute heavy

– We will be adjusting the data structure of S2S to be compatible with G2S.


Transport Fundamentals

• Currently two transports

– Point to Point

– Multicast

• Point to Point support required for messaging protocols


Transport Fundamentals

• Point to Point transport features

– TLS/SSL security – TLS 1.0 support required

– SCEP is the Certificate handling protocol

– OSCP is the revocation service

– DHCP support with vendor extensions

– NTP supported

– X509 v3 certificate support required


Transport FundamentalsPoint to Point Protocol

• Secures both endpoints in a connection

• Certificates must reside in both endpoints

• Must install the initial certificate manually

– Cannot send private key over an unencrypted network

– Cannot encrypt the communication without an initial certificate

– Several methods of installing initial keys

• Subsequent key changes can happen automatically over time or on demand


Point to Point Transport

• Methods for changing symmetric and asymmetric keys are described in the protocol

• TLS describes a method of re-handshaking which results in a symmetric key change without tearing down communications

• TLS does not describe a method for changing Asymmetric keys

• Possible use of expiration dates to trigger generation of new certificates.


Point to Point Protocol

• The transport must ensure messages are received in the order they are sent

• The transport must not send duplicate messages

• Any violations of the above two criteria is a failure of the transport and requires the transport connection to be aborted


Multicast Protocol

• One to many relationship

• Multicast means IP Multicast for networks that support IGMP v2

• Uses UDP for low overhead

– Lightweight

– Efficient

– Non critical data


Multicast Protocol

• Possible uses

– Progressive display update

– Power down notification

• Uses AES cipher for encryption

– The key is sent from the host to the endpoints using a secure channel – G2S


Multicast Protocol

• Multicast messages are sent to a configured multicast group

• Multicast messages are sent to and received from a “soft” IP address

• The multicast message IP address/port combination must be unique on the network


Messaging Protocols

• S2S and G2S

• Guaranteed Delivery at the message level

• Guaranteed processing of messages for most messages with request response pairs

• A Point to Point transport is required, Multicast is optional

• Messages may be validated by a Schema


Messaging Protocols

• Guaranteed message delivery (G2S Example)

– g2s_ack message for all g2s messages (P2P)

– The g2s_ack does not guarantee that the message has been processed

– The g2s_ack can convey Message level errors back to the sender – Incomplete XML, invalid data type, etc.


Messaging Protocols

• Message flow

– Host sends a command

– Client receives the command and sends the acknowledge

– Client processes the command and sends a response command (if appropriate)

– Host acknowledges the response

– Host acts on the contents of the response


Messaging Protocols

• Devices

• Devices may refer to hardware or software

• A software device is an instantiation of the class

– A voucher device is an instantiation of the voucher class

– In G2S, communication to a hardware device (printer, for example) does not directly communicate with the hardware


G2S Protocol

• Three types of messages

• Requests

– Require a response command

• Response

• Notification

– Must not receive a response command

• The type is indicated in the sessionType, class level attribute


G2S Protocol

• Each class may have one or more devices depending on the class

• Meters are kept on a device level and a class level

• Logs are kept on a class level

• Each device must have an owner host and may have a configurator and guest hosts


G2S Protocol

• Devices may be active or inactive

– Inactive devices are not accessible to the general EGM commands

• Devices may be enabled or disabled

– Disabled devices are active but may not perform the function they are intended to – a disabled printer may not print

– A device may be disabled as a result of an error


G2S Protocol

• Owner hosts control the function of the device

• Configurators configure the device

• A device may have, at most, one owner and one configurator host

• Guest hosts monitor the devices

– A device may have multiple guest hosts

• Each host has its own hostId and IP address


G2S Protocol

• Everything generates an event

– Hosts may subscribe to events

– Events notify the host that the event has occurred and may contain associated data

– The number of guest hosts is limited by the number of hosts supported by the EGM


G2S Protocol

• Event data is gathered when the event is sent

– If an event cannot be delivered and is retried, new data is gathered

• Events may be sent as notifications or persisted

– Events sent as notifications are not retried


G2S Protocol

• Meters

– Meters may be sent on periodic, EOD, on demand

– The EOD meters are designed to be sent at EOD, coin drop, note drop and door open


S2S Protocol

• G2S is designed to communicate with EGMs

• S2S is designed to communicate with other clients such as edge servers, accounting systems proxies, signs etc.

• 4 new classes were added in the latest version: Authorization, Pass Through, bonus and Progressive


S2S Protocol

• Two types of commands

– Simple commands – Complex commands

• Simple commands do not have an associated response command

• Complex commands contain an additional set of class level attributes that indicate the location to send the response, a request/response indicator and others


S2S Protocol

• S2S does not support Guest Hosts

• S2S does not have the numerous events that are typically associated with an EGM

• S2S supports two methods of subscribing to events

– S2S eventFilter class detects specific events

– S2S infoUpdate allows for a client to subscribe to elements the host will send updates for


S2S G2S Transport

•Questions???

bod meeting - feb 2008 gsa committee technical update for engineers

Documents

committee meetingsbod

transport committee

committee procedurescommittees

currentthe committee

committee proceduresvirtually

engineersbod meeting

dhcpbod meeting

passwordbod meeting