diff options
Diffstat (limited to 'spec')
-rw-r--r-- | spec/zot-2012.txt | 171 |
1 files changed, 14 insertions, 157 deletions
diff --git a/spec/zot-2012.txt b/spec/zot-2012.txt index 2e1f3c3c4..bd84e63d0 100644 --- a/spec/zot-2012.txt +++ b/spec/zot-2012.txt @@ -5,178 +5,35 @@ It is not yet intended to be a definitive specification and many things like the All communications are https -First create a global unique userid +First create a global unique channel and assign a location +Site id is 'https://macgirvin.com' +Site channel-id is 'https://macgirvin.com/channel/1' -Site userid: -https://macgirvin.com/1 +$guid = base64url_encode(hash('whirlpool','https://macgirvin.com/channel/1.' . mt_rand(1000000,9999999),1); -$guuid = base64url_encode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1); +$guid_sig = base64_urlencode(rsa_sign($guid,$myprivatekey)); +$location = Site id +$location_sig = base64_urlencode(rsa_sign($location,$myprivatekey)); -Then create a hashed site destination. -$gduid = base64url_encode(hash('whirlpool', $guuid . 'https://macgirvin.com',1); +This information will identify a channel+site pair in the future. When contact is made initially, a lookup is performed to a well known URL at this site to verify the signatures of both the guid and the site. After this information has been verified, it is stored and we can use them to uniquely identify a channel/location pair in the future. -These two keys will identify you as a person+site pair in the future. -You will also obtain a password upon introducing yourself to a site. -This can be used to edit locations in the future. You will always keep your global unique userid +If a new location is provided, this process is repeated but only the new location needs to be verified and stored. +Messages are sent by providing this information in an HTTP post to the other site, along with a protocol version specifier and type of message. For some message types, the message is included. Others will require a security handshake with the remote site calling back the original to verify the identity assertion and the message is only collected at that time. -The steps to connect with somebody are to first register your location with their site. -Then introduce yourself to the person. This contains flags for the desired relationship. -At some future time, they may confirm and adjust the relationship based on their comfort level. -Lack of confirmation is tantamount to denial. +Multiple messages may be sent, and a callback may result in the collection of multiple messages destined for this site, not necessarily limited to the channel/location which was asserted. + -You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint. -They may do likewise. +Permissions: -A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere. -You do not need to register locations with each person, only with the site. +Permissions are available for several different activities. This list is enumerated by a POST to the permissions service with the above channel+location information. An array of permissions will be returned. If no identity assertion is made, a list of the default channel permissions is returned. -Introduce yourself to a site: -POST https://example.com/post -{ -'type' => 'register' -'person' => $guuid -'address' => $gduid -'site' => 'https://macgirvin.com' -'info' => 'mike@macgirvin.com' -} - -Returns: - -{ -'success' => 'true' -'pass' => me_encrypt($random_string) -} - ---- -Add location ---- - -POST https://example.com/post - -{ -'type' => 'location' -'person' => $guuid -'address' => $new_gduid -'site' => 'https://newsite.com' -'info' => 'mike@newsite.com' -'pass' => me_encrypt($gduid . '.' . $pass) -} - -Returns: - -{ -'success' => 'true' -'pass' => me_encrypt($random_string) -} - ---- -Remove location ---- - -POST https://example.com/post - -{ -'type' => 'remove_location' -'person' => $guuid -'address' => $gduid -'pass' => me_encrypt($pass) -} - -Returns: - -{ -'success' => 'true' -'message' => 'OK' -} - - ------------- -Make friends ------------- -This message may be reversed/repeated by the destination site to confirm. -flags is the desired friendship bits. The same message may be used with different flags -to edit or remove a relationship. - - -POST https://example.com/post - -{ -'type' => 'contact' -'person' => $gduid -'address' => $guuid -'target' => 'bobjones@example.com' -'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0 -'confirm' => me_encrypt($guuid . '.' . $pass) -} - -Returns: - -{ -'success' => 'true' -'message' => 'OK' -'flags' => PENDING=1 -} - - - - - - - -------- -Message -------- - -Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer. - - - - - -POST https://example.com/post - -{ -'type' => 'post' -'person' => $guuid -'address' => $gduid -'post' => $post_id -} - -Returns: -{ -'success' => 'true' -'message' => 'OK' -} - - --------- -Callback --------- - -POST https://macgirvin.com/post - -{ -'type' => 'retrieve' -'retrieve' => $post_id -'challenge' => you_encrypt('abc123') -'verify' => me_encrypt('xyz456' . '.' . $gduid) -} - -Returns: - -{ -'success' => 'true' -'message' => 'OK' -'response' => 'abc123' -'data' => encrypted or raw structured post -} |