diff options
author | Vasudev Kamath <kamathvasudev@gmail.com> | 2012-06-23 08:11:35 +0530 |
---|---|---|
committer | Vasudev Kamath <kamathvasudev@gmail.com> | 2012-06-23 08:11:35 +0530 |
commit | 6e4760dd9c512147309b5e4a98d25216610f81da (patch) | |
tree | cd1ea2edf6b257e52ab8fd10c781ba600d884506 /spec/zot-2012.txt | |
parent | 11974b4d948ae5d9b9fb53970838463bd88bb9f6 (diff) | |
parent | 4e7eb36dd1e65bf481ffe30614565674cbef4fe5 (diff) | |
download | volse-hubzilla-6e4760dd9c512147309b5e4a98d25216610f81da.tar.gz volse-hubzilla-6e4760dd9c512147309b5e4a98d25216610f81da.tar.bz2 volse-hubzilla-6e4760dd9c512147309b5e4a98d25216610f81da.zip |
Merge branch 'master' of git://github.com/friendica/friendica
Diffstat (limited to 'spec/zot-2012.txt')
-rw-r--r-- | spec/zot-2012.txt | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/spec/zot-2012.txt b/spec/zot-2012.txt new file mode 100644 index 000000000..2e1f3c3c4 --- /dev/null +++ b/spec/zot-2012.txt @@ -0,0 +1,182 @@ + +Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts. +It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely. + +All communications are https + + +First create a global unique userid + + +Site userid: +https://macgirvin.com/1 + +$guuid = base64url_encode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1); + + +Then create a hashed site destination. + +$gduid = base64url_encode(hash('whirlpool', $guuid . 'https://macgirvin.com',1); + +These two keys will identify you as a person+site pair in the future. +You will also obtain a password upon introducing yourself to a site. +This can be used to edit locations in the future. You will always keep your global unique userid + + +The steps to connect with somebody are to first register your location with their site. +Then introduce yourself to the person. This contains flags for the desired relationship. +At some future time, they may confirm and adjust the relationship based on their comfort level. +Lack of confirmation is tantamount to denial. + +You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint. +They may do likewise. + +A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere. +You do not need to register locations with each person, only with the site. + + +Introduce yourself to a site: + + +POST https://example.com/post + +{ +'type' => 'register' +'person' => $guuid +'address' => $gduid +'site' => 'https://macgirvin.com' +'info' => 'mike@macgirvin.com' +} + +Returns: + +{ +'success' => 'true' +'pass' => me_encrypt($random_string) +} + +--- +Add location +--- + +POST https://example.com/post + +{ +'type' => 'location' +'person' => $guuid +'address' => $new_gduid +'site' => 'https://newsite.com' +'info' => 'mike@newsite.com' +'pass' => me_encrypt($gduid . '.' . $pass) +} + +Returns: + +{ +'success' => 'true' +'pass' => me_encrypt($random_string) +} + +--- +Remove location +--- + +POST https://example.com/post + +{ +'type' => 'remove_location' +'person' => $guuid +'address' => $gduid +'pass' => me_encrypt($pass) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +} + + +------------ +Make friends +------------ +This message may be reversed/repeated by the destination site to confirm. +flags is the desired friendship bits. The same message may be used with different flags +to edit or remove a relationship. + + +POST https://example.com/post + +{ +'type' => 'contact' +'person' => $gduid +'address' => $guuid +'target' => 'bobjones@example.com' +'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0 +'confirm' => me_encrypt($guuid . '.' . $pass) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +'flags' => PENDING=1 +} + + + + + + + +------- +Message +------- + +Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer. + + + + + +POST https://example.com/post + +{ +'type' => 'post' +'person' => $guuid +'address' => $gduid +'post' => $post_id +} + +Returns: +{ +'success' => 'true' +'message' => 'OK' +} + + +-------- +Callback +-------- + +POST https://macgirvin.com/post + +{ +'type' => 'retrieve' +'retrieve' => $post_id +'challenge' => you_encrypt('abc123') +'verify' => me_encrypt('xyz456' . '.' . $gduid) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +'response' => 'abc123' +'data' => encrypted or raw structured post +} + + |