View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007916 | 10000-007: Profiles | Spec | public | 2022-04-04 21:24 | 2022-07-25 13:12 |
| Reporter | Alexander Allmendinger | Assigned To | Karl Deiretsbacher | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | assigned | Resolution | open | ||
| Product Version | 1.04 | ||||
| Target Version | 1.05.03 RC1 | ||||
| Summary | 0007916: Description of CU "Discovery Client Configure Endpoint" misleading | ||||
| Description | Current description is: This could be misinterpreted to connect to the server without doing any discovery service (FindServers, GetEndpoints) though in many cases a GetEndpoints is required to get the servers application instance certificate. To my knowledge the intend of this CU is to allow to directly specify an Endpoint without the need to go through the discovery mechanisms of a client. So I would propose to change the description to: | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
| related to | 0008129 | closed | Matthias Damm | 10000-004: Services | Remove requirement to allow Administrators to disable the DiscoveryEndpoint |
|
|
Discussed in UA meeting on May 03, 2022. This has not changed since Version 1.02. People on the call think that the meaning is the manual configuration of an endpoint (including URL, certificate, user token, security mode, ...). The discussion turned out into the question whether clients - if connect fails - should automatically try to find a proper alternative, replace the stored endpoint, and try to connect with that alternative. Possible conclusion: "When using a persisted endpoint - whether it was entered manually or received from GetEndpoints - this persisted information shall not be renewed without user intervention even if the connect fails." |
|
|
Suggest breaking this into 2 CUs: One for manual configuration of endpoint URLs. (still need to call GetEndpoints). One for use Client persisted endpoints to connect to a Server without using any Services in the Discovery Service Set. (make mandatory in 1.05, optional in 1.04). |
|
|
It makes no sense to disable GetEndpoints. This requirement must be removed from Part 4. In the automatic certificate update szenario with GDS, the client MUST call GetEndpoints to get the new certificate from the server. There is a special status code that indicates that the client is using the wrong certificate and GetEndpoints is the only way to get the new certificate. This new certificate will be used by the client if it is trusted (which will be the case for a GDS managed trust list). If Clients are configured to use a certain endpoint setting, they should not change the used parameters by calling GetEndpoints but a updated certificate must be fetched with GetEndpoints. If a Client has a "use best security" option, the client MUST verify the GetEndpoints results with the endpoints returned from CreateSession. It is much more important that clients do this check and this must be tested. See also related Mantis Issue for Part 4 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-04-04 21:24 | Alexander Allmendinger | New Issue | |
| 2022-06-23 14:35 | Karl Deiretsbacher | Note Added: 0017041 | |
| 2022-07-05 16:00 | Jim Luth | Note Added: 0017088 | |
| 2022-07-05 16:01 | Jim Luth | Note Edited: 0017088 | |
| 2022-07-05 16:07 | Jim Luth | Note Edited: 0017088 | |
| 2022-07-05 16:09 | Jim Luth | Assigned To | => Karl Deiretsbacher |
| 2022-07-05 16:09 | Jim Luth | Status | new => assigned |
| 2022-07-05 16:09 | Jim Luth | Target Version | => 1.05.03 RC1 |
| 2022-07-05 16:10 | Jim Luth | Note Edited: 0017088 | |
| 2022-07-25 13:03 | Matthias Damm | Note Added: 0017182 | |
| 2022-07-25 13:10 | Matthias Damm | Relationship added | related to 0008129 |
