aboutsummaryrefslogtreecommitdiffstats
path: root/spec
diff options
context:
space:
mode:
Diffstat (limited to 'spec')
-rw-r--r--spec/zot-2012.txt182
1 files changed, 182 insertions, 0 deletions
diff --git a/spec/zot-2012.txt b/spec/zot-2012.txt
new file mode 100644
index 000000000..2e1f3c3c4
--- /dev/null
+++ b/spec/zot-2012.txt
@@ -0,0 +1,182 @@
+
+Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts.
+It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely.
+
+All communications are https
+
+
+First create a global unique userid
+
+
+Site userid:
+https://macgirvin.com/1
+
+$guuid = base64url_encode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1);
+
+
+Then create a hashed site destination.
+
+$gduid = base64url_encode(hash('whirlpool', $guuid . 'https://macgirvin.com',1);
+
+These two keys will identify you as a person+site pair in the future.
+You will also obtain a password upon introducing yourself to a site.
+This can be used to edit locations in the future. You will always keep your global unique userid
+
+
+The steps to connect with somebody are to first register your location with their site.
+Then introduce yourself to the person. This contains flags for the desired relationship.
+At some future time, they may confirm and adjust the relationship based on their comfort level.
+Lack of confirmation is tantamount to denial.
+
+You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint.
+They may do likewise.
+
+A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere.
+You do not need to register locations with each person, only with the site.
+
+
+Introduce yourself to a site:
+
+
+POST https://example.com/post
+
+{
+'type' => 'register'
+'person' => $guuid
+'address' => $gduid
+'site' => 'https://macgirvin.com'
+'info' => 'mike@macgirvin.com'
+}
+
+Returns:
+
+{
+'success' => 'true'
+'pass' => me_encrypt($random_string)
+}
+
+---
+Add location
+---
+
+POST https://example.com/post
+
+{
+'type' => 'location'
+'person' => $guuid
+'address' => $new_gduid
+'site' => 'https://newsite.com'
+'info' => 'mike@newsite.com'
+'pass' => me_encrypt($gduid . '.' . $pass)
+}
+
+Returns:
+
+{
+'success' => 'true'
+'pass' => me_encrypt($random_string)
+}
+
+---
+Remove location
+---
+
+POST https://example.com/post
+
+{
+'type' => 'remove_location'
+'person' => $guuid
+'address' => $gduid
+'pass' => me_encrypt($pass)
+}
+
+Returns:
+
+{
+'success' => 'true'
+'message' => 'OK'
+}
+
+
+------------
+Make friends
+------------
+This message may be reversed/repeated by the destination site to confirm.
+flags is the desired friendship bits. The same message may be used with different flags
+to edit or remove a relationship.
+
+
+POST https://example.com/post
+
+{
+'type' => 'contact'
+'person' => $gduid
+'address' => $guuid
+'target' => 'bobjones@example.com'
+'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0
+'confirm' => me_encrypt($guuid . '.' . $pass)
+}
+
+Returns:
+
+{
+'success' => 'true'
+'message' => 'OK'
+'flags' => PENDING=1
+}
+
+
+
+
+
+
+
+-------
+Message
+-------
+
+Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer.
+
+
+
+
+
+POST https://example.com/post
+
+{
+'type' => 'post'
+'person' => $guuid
+'address' => $gduid
+'post' => $post_id
+}
+
+Returns:
+{
+'success' => 'true'
+'message' => 'OK'
+}
+
+
+--------
+Callback
+--------
+
+POST https://macgirvin.com/post
+
+{
+'type' => 'retrieve'
+'retrieve' => $post_id
+'challenge' => you_encrypt('abc123')
+'verify' => me_encrypt('xyz456' . '.' . $gduid)
+}
+
+Returns:
+
+{
+'success' => 'true'
+'message' => 'OK'
+'response' => 'abc123'
+'data' => encrypted or raw structured post
+}
+
+