diff options
author | Zvi ben Yaakov (a.k.a rdc) <coderzvi@infosoc.net> | 2012-06-19 23:29:24 +0300 |
---|---|---|
committer | Zvi ben Yaakov (a.k.a rdc) <coderzvi@infosoc.net> | 2012-06-19 23:29:24 +0300 |
commit | d20cdf09eafbc57c1b6dbcb78a5cdaa731ae876d (patch) | |
tree | 6308aca93a11587a579d4c4336cec14c9072151f /spec/zot-2012.txt | |
parent | 5b057e5dee09e0cab5b78bb9b2ac2e27d59a11f7 (diff) | |
parent | 79357ec60dd4338d25e0ddbbbfde38d5db541e67 (diff) | |
download | volse-hubzilla-d20cdf09eafbc57c1b6dbcb78a5cdaa731ae876d.tar.gz volse-hubzilla-d20cdf09eafbc57c1b6dbcb78a5cdaa731ae876d.tar.bz2 volse-hubzilla-d20cdf09eafbc57c1b6dbcb78a5cdaa731ae876d.zip |
Merge git://github.com/friendica/friendica
Diffstat (limited to 'spec/zot-2012.txt')
-rw-r--r-- | spec/zot-2012.txt | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/spec/zot-2012.txt b/spec/zot-2012.txt new file mode 100644 index 000000000..2e1f3c3c4 --- /dev/null +++ b/spec/zot-2012.txt @@ -0,0 +1,182 @@ + +Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts. +It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely. + +All communications are https + + +First create a global unique userid + + +Site userid: +https://macgirvin.com/1 + +$guuid = base64url_encode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1); + + +Then create a hashed site destination. + +$gduid = base64url_encode(hash('whirlpool', $guuid . 'https://macgirvin.com',1); + +These two keys will identify you as a person+site pair in the future. +You will also obtain a password upon introducing yourself to a site. +This can be used to edit locations in the future. You will always keep your global unique userid + + +The steps to connect with somebody are to first register your location with their site. +Then introduce yourself to the person. This contains flags for the desired relationship. +At some future time, they may confirm and adjust the relationship based on their comfort level. +Lack of confirmation is tantamount to denial. + +You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint. +They may do likewise. + +A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere. +You do not need to register locations with each person, only with the site. + + +Introduce yourself to a site: + + +POST https://example.com/post + +{ +'type' => 'register' +'person' => $guuid +'address' => $gduid +'site' => 'https://macgirvin.com' +'info' => 'mike@macgirvin.com' +} + +Returns: + +{ +'success' => 'true' +'pass' => me_encrypt($random_string) +} + +--- +Add location +--- + +POST https://example.com/post + +{ +'type' => 'location' +'person' => $guuid +'address' => $new_gduid +'site' => 'https://newsite.com' +'info' => 'mike@newsite.com' +'pass' => me_encrypt($gduid . '.' . $pass) +} + +Returns: + +{ +'success' => 'true' +'pass' => me_encrypt($random_string) +} + +--- +Remove location +--- + +POST https://example.com/post + +{ +'type' => 'remove_location' +'person' => $guuid +'address' => $gduid +'pass' => me_encrypt($pass) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +} + + +------------ +Make friends +------------ +This message may be reversed/repeated by the destination site to confirm. +flags is the desired friendship bits. The same message may be used with different flags +to edit or remove a relationship. + + +POST https://example.com/post + +{ +'type' => 'contact' +'person' => $gduid +'address' => $guuid +'target' => 'bobjones@example.com' +'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0 +'confirm' => me_encrypt($guuid . '.' . $pass) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +'flags' => PENDING=1 +} + + + + + + + +------- +Message +------- + +Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer. + + + + + +POST https://example.com/post + +{ +'type' => 'post' +'person' => $guuid +'address' => $gduid +'post' => $post_id +} + +Returns: +{ +'success' => 'true' +'message' => 'OK' +} + + +-------- +Callback +-------- + +POST https://macgirvin.com/post + +{ +'type' => 'retrieve' +'retrieve' => $post_id +'challenge' => you_encrypt('abc123') +'verify' => me_encrypt('xyz456' . '.' . $gduid) +} + +Returns: + +{ +'success' => 'true' +'message' => 'OK' +'response' => 'abc123' +'data' => encrypted or raw structured post +} + + |