Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » OHF » ATNA Support update for the OHF IHE Plugins and OHF Bridge
ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #24359] Wed, 22 November 2006 06:19 Go to next message
Eclipse User
Originally posted by: rgd.us.ibm.com

We've succesfully tested ATNA TLS with the MESA TLS Tests, and with the
IBM test services on lswin10.dfw.ibm.com.

As Sarah mentioned in another post, we have a bug open against the NIST
test server. For some reason we are getting a handshake failure with
that one system - all the others we've tested against are doing TLS just
fine with the OHF plugins.

One important note we've raised with the IHE, and are awaiting a
response - is that the Sun JVMs 1.4.2 and 1.5.x don't provide support
for the TLS cipher TLS_RSA_WITH_NULL_SHA. This is specified by the
ATNA profile as the unencrypted cipher to use. Currently we've
substituted the simliar cipher SSL_RSA_WITH_NULL_SHA in the OHF ATNA
code, and with this cipher we've succesfully passed the required MESA
TLS tests 1221, 1222, 1223.

regards,
glenn deen (IBM OHF team)
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #24446 is a reply to message #24359] Thu, 23 November 2006 06:11 Go to previous messageGo to next message
Eclipse User
Originally posted by: rgd.us.ibm.com

Glenn wrote:
>
> We've succesfully tested ATNA TLS with the MESA TLS Tests, and with the
> IBM test services on lswin10.dfw.ibm.com.
>
> As Sarah mentioned in another post, we have a bug open against the NIST
> test server. For some reason we are getting a handshake failure with
> that one system - all the others we've tested against are doing TLS just
> fine with the OHF plugins.
>
> One important note we've raised with the IHE, and are awaiting a
> response - is that the Sun JVMs 1.4.2 and 1.5.x don't provide support
> for the TLS cipher TLS_RSA_WITH_NULL_SHA. This is specified by the
> ATNA profile as the unencrypted cipher to use. Currently we've
> substituted the simliar cipher SSL_RSA_WITH_NULL_SHA in the OHF ATNA
> code, and with this cipher we've succesfully passed the required MESA
> TLS tests 1221, 1222, 1223.
>
> regards,
> glenn deen (IBM OHF team)
>

Update - SSL_RSA_WITH_NULL_SHA is 100% equivalent in Java to
TLS_RSA_WITH_NULL_SHA. The name is different, but the actual cipher ID
sent to the server is the same as TLS_RSA_WITH_NULL_SHA. I've updated
the ATNA transport code with this cipher name. So it's now good to go.
I've tested it with MESA and it's succesfully negotating the TLS handshake.

-glenn
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #25333 is a reply to message #24446] Wed, 29 November 2006 09:08 Go to previous messageGo to next message
Eclipse User
Originally posted by: sdoyle.medcommons.net

How do we test the TLS connections from the bridge to the MESA servers
(e.g., Test #s 11141, 11142, 11143)?

I see the JUnit code for the plugins - but how do we test this in the
context of the bridge? Or - do we claim that because you have passed these
tests that this is adequate?
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #25373 is a reply to message #25333] Wed, 29 November 2006 19:29 Go to previous messageGo to next message
Eclipse User
Originally posted by: donnie.gooch.pointclearsolutions.com

I am (capmed) reusing IBM's, waiting on verification now.
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #25413 is a reply to message #25373] Wed, 29 November 2006 20:11 Go to previous messageGo to next message
Eclipse User
Originally posted by: sdoyle.medcommons.net

Donnie Gooch (CapMed wrote:

> I am (capmed) reusing IBM's, waiting on verification now.

Hi Donnie -

Did you get the verification files from IBM or did you just write
something saying that the bridge handled this case?

Thanks!
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #25452 is a reply to message #25333] Wed, 29 November 2006 20:21 Go to previous message
No real name is currently offline No real name
Messages: 292
Registered: July 2009
Senior Member
The OHF Bridge has passed these tests for you. You are to what is in the
JUNIT Documentation. We are working on updating
http://wiki.eclipse.org/index.php/OHF:ATNA_2007_MESA_Tests. Please
refere to the links in the ATNA Test table here:
http://wiki.eclipse.org/index.php/IHE_Connectathon_2007#Deta iled_MESA_Test_Info

- Sarah

Sean Doyle wrote:
> How do we test the TLS connections from the bridge to the MESA servers
> (e.g., Test #s 11141, 11142, 11143)?
>
> I see the JUnit code for the plugins - but how do we test this in the
> context of the bridge? Or - do we claim that because you have passed
> these tests that this is adequate?
>
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #575451 is a reply to message #24359] Thu, 23 November 2006 06:11 Go to previous message
Glenn is currently offline Glenn
Messages: 14
Registered: July 2009
Junior Member
Glenn wrote:
>
> We've succesfully tested ATNA TLS with the MESA TLS Tests, and with the
> IBM test services on lswin10.dfw.ibm.com.
>
> As Sarah mentioned in another post, we have a bug open against the NIST
> test server. For some reason we are getting a handshake failure with
> that one system - all the others we've tested against are doing TLS just
> fine with the OHF plugins.
>
> One important note we've raised with the IHE, and are awaiting a
> response - is that the Sun JVMs 1.4.2 and 1.5.x don't provide support
> for the TLS cipher TLS_RSA_WITH_NULL_SHA. This is specified by the
> ATNA profile as the unencrypted cipher to use. Currently we've
> substituted the simliar cipher SSL_RSA_WITH_NULL_SHA in the OHF ATNA
> code, and with this cipher we've succesfully passed the required MESA
> TLS tests 1221, 1222, 1223.
>
> regards,
> glenn deen (IBM OHF team)
>

Update - SSL_RSA_WITH_NULL_SHA is 100% equivalent in Java to
TLS_RSA_WITH_NULL_SHA. The name is different, but the actual cipher ID
sent to the server is the same as TLS_RSA_WITH_NULL_SHA. I've updated
the ATNA transport code with this cipher name. So it's now good to go.
I've tested it with MESA and it's succesfully negotating the TLS handshake.

-glenn
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #576318 is a reply to message #24446] Wed, 29 November 2006 09:08 Go to previous message
Sean Doyle is currently offline Sean Doyle
Messages: 7
Registered: July 2009
Junior Member
How do we test the TLS connections from the bridge to the MESA servers
(e.g., Test #s 11141, 11142, 11143)?

I see the JUnit code for the plugins - but how do we test this in the
context of the bridge? Or - do we claim that because you have passed these
tests that this is adequate?
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #576336 is a reply to message #25333] Wed, 29 November 2006 19:29 Go to previous message
Eclipse User
Originally posted by: donnie.gooch.pointclearsolutions.com

I am (capmed) reusing IBM's, waiting on verification now.
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #576393 is a reply to message #25373] Wed, 29 November 2006 20:11 Go to previous message
Sean Doyle is currently offline Sean Doyle
Messages: 7
Registered: July 2009
Junior Member
Donnie Gooch (CapMed wrote:

> I am (capmed) reusing IBM's, waiting on verification now.

Hi Donnie -

Did you get the verification files from IBM or did you just write
something saying that the bridge handled this case?

Thanks!
Re: ATNA Support update for the OHF IHE Plugins and OHF Bridge [message #576403 is a reply to message #25333] Wed, 29 November 2006 20:21 Go to previous message
No real name is currently offline No real name
Messages: 292
Registered: July 2009
Senior Member
The OHF Bridge has passed these tests for you. You are to what is in the
JUNIT Documentation. We are working on updating
http://wiki.eclipse.org/index.php/OHF:ATNA_2007_MESA_Tests Please
refere to the links in the ATNA Test table here:
http://wiki.eclipse.org/index.php/IHE_Connectathon_2007#Deta iled_MESA_Test_Info

- Sarah

Sean Doyle wrote:
> How do we test the TLS connections from the bridge to the MESA servers
> (e.g., Test #s 11141, 11142, 11143)?
>
> I see the JUnit code for the plugins - but how do we test this in the
> context of the bridge? Or - do we claim that because you have passed
> these tests that this is adequate?
>
Previous Topic:new Audit messages on the server
Next Topic:TLS with NIST now availiable on OHF Bridge
Goto Forum:
  


Current Time: Sun Sep 21 02:07:00 GMT 2014

Powered by FUDForum. Page generated in 0.01928 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software