View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000647310000-004: ServicesSpecpublic2021-02-09 17:352021-03-01 18:50
ReporterJim Luth Assigned ToMatthias Damm  
PrioritynormalSeverityfeatureReproducibilityalways
Status closedResolutionfixed 
Summary0006473: Relation between AuditCertificateEventType and AuditOpenSecureChannelEventType
Description

OPC UA Part 4 states in 6.5.5 Auditing for SecureChannel Service Set
In the case of Certificate validation errors the description should include the audit EventId of the specific AuditCertificateEventType that was generated to report the Certificate error.

It would make sense to add an optional CertificateErrorEventId field to AuditOpenSecureChannelEventType that is used to provide the relation to the AuditCertificateEventType.

Since the AuditEntryId seems to be not available, this would be the only reliable relation between the two events. Having the EventId in the description makes no sense since it is difficult or impossible to write a reliable parser.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0006470 closedJeff Harding 10000-005: Information Model Relation between AuditCertificateEventType and AuditOpenSecureChannelEventType 

Activities

Jeff Harding

2021-02-09 17:35

developer   ~0013714

Agreed to add an optional CertificateErrorEventId field to AuditOpenSecureChannelEventType in 1.05.
Also add a 1.04 Errata with this optional field.
Clone to Part 4.
Clone to CTT once done.

Matthias Damm

2021-03-01 14:26

developer   ~0013839

6.5.5 Auditing for SecureChannel Service Set

Replaced
In the case of Certificate validation errors the description should include the audit EventId of the specific AuditCertificateEventType that was generated to report the Certificate error. The AuditCertificateEventType shall also contain the detailed Certificate validation error. The additional parameters should include the details of the request. It is understood that these events may be generated by the underlying Communication Stacks in many cases, but they shall be made available to the Server and the Server shall report them.

With
In the case of Certificate validation errors the CertificateErrorEventId of the AuditOpenSecureChannelEventType should include the audit EventId of the specific AuditCertificateEventType that was generated to report the Certificate error. The AuditCertificateEventType shall also contain the detailed Certificate validation error. The additional parameters should include the details of the request. It is understood that these events may be generated by the underlying Communication Stacks in many cases, but they shall be made available to the Server and the Server shall report them.

Updated in
OPC 10000-4 - UA Specification Part 4 - Services 1.05.0 Draft14.docx

See also errata 1.04.10

Jim Luth

2021-03-01 18:50

administrator   ~0013858

Agreed to changes in Virtual F2F.

Issue History

Date Modified Username Field Change
2021-02-09 17:35 Jim Luth New Issue
2021-02-09 17:35 Jim Luth Status new => assigned
2021-02-09 17:35 Jim Luth Assigned To => Jeff Harding
2021-02-09 17:35 Jim Luth Issue generated from: 0006470
2021-02-09 17:35 Jim Luth Note Added: 0013714
2021-02-09 17:35 Jim Luth Relationship added related to 0006470
2021-02-09 17:35 Jim Luth Project 10000-005: Information Model => 10000-004: Services
2021-02-09 17:35 Jim Luth Assigned To Jeff Harding => Matthias Damm
2021-03-01 14:26 Matthias Damm Status assigned => resolved
2021-03-01 14:26 Matthias Damm Resolution open => fixed
2021-03-01 14:26 Matthias Damm Note Added: 0013839
2021-03-01 18:50 Jim Luth Status resolved => closed
2021-03-01 18:50 Jim Luth Fixed in Version => 1.05
2021-03-01 18:50 Jim Luth Note Added: 0013858