Versions Compared

Version Old Version 6 New Version Current
Changes made by

Janina Mincer-Daszkiewicz

Janina Mincer-Daszkiewicz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Levels of estimated error severity.

If an error is present in the context of an API (or endpoint), it applies only to that API (or endpoint).

Status
colourRed
titleCritical

This severity level implies that the process has been completely shut off and no further action can be takenalways/usually works badly.

Status
colourYellow
titleMAJOR

This is a significant flaw that causes the system to fail. However, certain parts of the system remain functional.severity level implies that the process works badly in some cases.

Status
colourPurple
titleMEDIUM

This flaw results in unfavorable behavior but the system remains functioning.

Status
colourBlue
titleLOW

This type of flaw won’t cause any major breakdown in the system.

...

Expand
titleNET-001: Incomplete SSL certificate chain

Description

A website with this SSL misconfiguration might work fine in the browser, but it won't work for clients that do not support AIA Fetching, e.g. in Python. The error can be reproduced with `curl`, it will return error: "curl: (60) SSL certificate problem: unable to get local issuer certificate". The website can be also tested on https://www.ssllabs.com/ssltest/index.html .

Estimated severity

Status
colourRed
titleCritical

Examples

 

Suggested action

Test your website , configure on https://www.ssllabs.com/ssltest/index.html. Configure properly your webserver.

How communicated

Monitoring system

11 HEIs (6 providers) in PROD, 9 HEIs (7 providers) in DEV

Enforceabsolutecompliance with the specification

Email correspondence with providers, testing sessions, GitHub

This error was encountered in a number of mobility systems
Expand
titleNET-002: Expired SSL certificate

Description

Expired SSL certificate

Estimated severity

Status
colourRed
titleCritical

Examples

 

Suggested action

The certificate needs to be renewed

How communicated

Monitoring system

At least 3 HEIs (2 providers) in PROD, 39 HEIs (9 providers) in DEV

Expand
titleNET-003: Wrong answer to a CNR or GET as part of CNR

Description

According to specification “Once you receive a change notification, you respond with HTTP 200, and add the received identifiers to a queue. Later on, in the background, you will attempt to update your locally stored information on the received entities (e.g. by calling the get endpoints of the APIs which describe this entity).

You SHOULD NOT try to refresh your data before sending your CNR API response. Refreshing the data (e.g. calling the get endpoint) is a separate operation, and the result of this operation MUST NOT influence the HTTP response of your CNR API”

A number of partner send some error codes instead.

Estimated severity

Status
colourRed
titleCritical

Examples

 

Suggested action

How communicated