XDS Testing for new Connectathon monitors Bill Majurski NIST

Outline XDS Overview Detailed review of one validation Tour of rest of tools

XDS Actor/Transaction Diagram

Points of view Submission Query/Retrieve

Submission

Actors – Document Source Has document to submit Composes metadata to describe Submits to Document Repository for retention – Using a Provide and Register Transaction

Actor - Document Repository Accepts document and metadata Validates or adds size and hash attributes to metadata (describing document) Adds repositoryUniqueId to metadata (identify Repository holding document) Persist document contents (for later retrieval) Forward updated metadata to Document Registry in Register Transaction

Actor – Document Registry Accepts metadata describing documents Persists metadata

Query/Retrieve All actions initiated by Document Consumer Actor Repository and Registry are infrastructure actors (they are primarily servers)

Stored Query Sent to Registry Request contains parameters describing objects in the registry Two return types may be requested – LeafClass – full metadata of selected objects is returned (can be quite big) – ObjectRef – simple ID returned for each object. Allows secondary queries to pull detail XML metadata

Retrieve Sent to Repository to get contents of document(s) Two parameters needed from registry – repositoryUniqueId (which repository) – Document.uniqueId (which document in repository)

Metadata Objects Moved between actors Stored in Registry

Submission Set Each submission must be ‘wrapped’ in a SubmissionSet object (no actual encapsulation – more of a metaphor) Describes circumstances of submission.

DocumentEntry For each document in a Provide and Register transaction, the metadata must contain a DocumentEntry describing the document Part of SubmissionSet – linked by an Association

Associations Many types HasMember type is used to link SubmissionSet to DocumentEntry – The DocumentEntry is a “member” of the SubmissionSet

Using Toolkit at Connectathon – Your URL may vary depending on your network settings. More generally, my Connectathon home page is found at - contains links to other things the vendors needhttp://nist1

Home Page

Connectathon Tools

Vendor Submission

Validation

How Test instance in Gazelle has chat window Last entry should look like: – SSID This is the SubmissionSet.uniqueId attribute Copy it and paste it into …

Specialized Tool

Status part 1 Status: Success Using TLS Not using SAML Site: pub Parameters:...$uid$: Starting

Status part Test: SourceStoresDocumentValidation Section: SourceStoresDocumentValidation/query Step: query Endpoint: Goals:...Given SubmissionSet UniqueId provided by Document Source......Send GetSubmissionSetAndContents query to Registry......Verify SubmissionSet, DocumentEntry, and a HasMember Assocation returned......Verify these elements are properly connected......Verify the RegistryResponse message passes XML Schema validation......Verify the returned metadata validates against XDS rules and Affinity Domain configuration Status: Pass Report: docuid = Report: hash = 31e311402a7e717d1bede88df6b42c0b8e91ea91 Report: size = 1459 Report: repuid = Report: mimetype = text/plain Report: SourceId = Report: $uid$ = Contents Returned: 1 SubmissionSets 1 DocumentEntries 0 Folders 1 Associations 0 ObjectRefs

Status part Section: SourceStoresDocumentValidation/retrieve Step: retrieve Endpoint: Goals:...Retrieve the Document from the Repository...Verify the response message passes XML Schema validation...Verify the following aspects of the Document match the values recorded in metadata......Repository Unique ID......Document Hash......Document MimeType......Document size Status: Pass Report: $uid$ = Finished

Tour…