Bug #262
closedIncrease the version of transmitted "AusweisApp" to 1.11 or higher
0%
Description
Currently, the Open eCardApp transmit AA-Version 1.8.0.
We have increased the minimum allowed version to 1.10, so - depending on the used eID-Server, you might get rejected.
Related issues
Updated by Tobias Wich over 10 years ago
- Tracker changed from PartnerIssue to Bug
Updated by Tobias Wich over 10 years ago
- Status changed from New to In Progress
- Assignee set to Tobias Wich
Why is this value evaluated at all?
TR-03112-3 sec. 3.1.1 says:
States the version of the eCard-API-Framework started with this function and comprises up to three integers Major, Minor (optional) and SubMinor optional), which MAY all be defined by the vendor.
In this text I do not see anything about checking if the application is the newest AusweisApp. Quite contrary the correct behaviour of the Open eCard App would be to send its own version. Which is obviously not possible and also insufficient as the name of the application is missing here. When looking at the InitializeFramework message some other points unrelated to this issue come to my mind. This whole message seems ill designed to me.
My conclusion on this topic is that we will raise the version sent in this message to satisfy the available eID Servers. However I propose to think about whether this check should be part of the eID-Server or not. I think not.
Updated by Tobias Wich over 10 years ago
- Status changed from In Progress to Closed
Fixed in 331a68f57
Updated by Marcel Selhorst over 10 years ago
Why is this value evaluated at all?
The main issue is, that - depending on the version of the used AusweisApp - certain features were
either missing or not working correctly. In order to prevent users to run into issues, we
used the version information supplied in this field to reject older clients and to inform the user
that he/she has to update their software.
I know that this is not the originally intended purpose, however as of a usability perspective,
we needed to improve the error handling.
In this text I do not see anything about checking if the application is the newest AusweisApp.
Quite contrary the correct behaviour of the Open eCard App would be to send its own version.
Which is obviously not possible and also insufficient as the name of the application is missing here.
When looking at the InitializeFramework message some other points unrelated to this issue come to my mind.
This whole message seems ill designed to me.
I will address this issue on the next DIF-AG meeting.
My conclusion on this topic is that we will raise the version sent in this message to satisfy the available eID Servers.
Thank you!
However I propose to think about whether this check should be part of the eID-Server or not. I think not.
I agree. For a long term scenario, in my opinion these fields should simply transmit the used version of the
specification version, the eCard-Client is compliant to, instead of the AusweisApp version.
Updated by Detlef Hühnlein over 10 years ago
I will address this issue on the next DIF-AG meeting.
Yes, this is the place to discuss this.
I agree. For a long term scenario, in my opinion these fields should simply transmit the used version of the
specification version, the eCard-Client is compliant to, instead of the AusweisApp version.
This information is already available and transmitted in the StartPAOS command (cf. § 2.6 of TR-03112-7) and
the eID-community would "only" need to ensure that the provided interoperability claim is indeed correct.
Updated by Marcel Selhorst almost 10 years ago
- Priority changed from Normal to High
Since the AusweisApp 1.13 is now released, we updated the minimal eID-Client-Version to 1.12 or higher.
Since the Open eCard App claims to be 1.11, it will now be rejected.
Can you please increase the transmitted version number to 1.13 or higher?
Thank you!
Marcel
Updated by Tobias Wich almost 10 years ago
As this seems to pop up once in a while I strongly suggest we find a better long term solution than releasing a new Open eCard App version with an incremented version string which is btw totally unrelated to the application at hand, but instead follows a proprietary software product instead of a specifcation from the BSI.
As commented by Detlef Hühnlein above I suggest you use the information from the StartPAOS message to determine whether the client conforms with the API version of your server. For the useragent that means we will change the value to the version of the Open eCard App.
This information is currently missing in the StartPAOS message, but I will provide this in a future version. I created an issue for that (#313).
Updated by Tobias Wich almost 10 years ago
- Target version changed from 1.0.5 to 1.0.6
Updated by Tobias Wich almost 10 years ago
A new Release has been made which fixes the issue.