|
|
|
|
@ -1,7 +1,7 @@
|
|
|
|
|
This is the Zot! social communications protocol.
|
|
|
|
|
|
|
|
|
|
Specification revision: 1
|
|
|
|
|
01 September 2011
|
|
|
|
|
02 September 2011
|
|
|
|
|
|
|
|
|
|
Mike Macgirvin
|
|
|
|
|
This specification is public domain.
|
|
|
|
|
@ -14,6 +14,10 @@ makes use of webfinger and ActivityStreams and several concepts from RFC822
|
|
|
|
|
(email). Zot encompasses the zot delivery framework, and the zid remote
|
|
|
|
|
access protocol.
|
|
|
|
|
|
|
|
|
|
The current specification revision (1) is frozen until a reference
|
|
|
|
|
implementation is available. After that, any protocol changes will require a
|
|
|
|
|
change to the revision number.
|
|
|
|
|
|
|
|
|
|
****************
|
|
|
|
|
* Zot delivery *
|
|
|
|
|
****************
|
|
|
|
|
@ -28,6 +32,8 @@ resolvable addresses containing both salmon and zot endpoints.
|
|
|
|
|
<zot:msg xmlns:zot='http://purl.org/zot/1.0'>
|
|
|
|
|
<zot:key>((key))</zot:key>
|
|
|
|
|
<zot:iv>((iv))</zot:iv>
|
|
|
|
|
<zot:env_key>((env_key))</zot:env_key>
|
|
|
|
|
<zot:env_iv>((env_iv))</zot:env_iv>
|
|
|
|
|
<zot:env>((envelope))</zot:env>
|
|
|
|
|
<zot:sig key_id="xxx">((sender signature))</zot:sig>
|
|
|
|
|
<zot:alg>AES-256-CBC</zot:alg>
|
|
|
|
|
@ -39,15 +45,33 @@ zot:key
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
A suitable randomly generated encyption key of length 32 octets for encrypting
|
|
|
|
|
the envelope and salmon packet. This is then encrypted with the sender's
|
|
|
|
|
private key and base64url encoded.
|
|
|
|
|
the salmon packet. This is then encrypted with the sender's private key and
|
|
|
|
|
base64url encoded.
|
|
|
|
|
|
|
|
|
|
zot:iv
|
|
|
|
|
******
|
|
|
|
|
|
|
|
|
|
A suitable randomly generated initialisation vector of length 16 octets for
|
|
|
|
|
encrypting the envelope and salmon packet. This is then encrypted with the
|
|
|
|
|
sender's private key and base64url encoded.
|
|
|
|
|
encrypting the salmon packet. This is then encrypted with the sender's private
|
|
|
|
|
key and base64url encoded.
|
|
|
|
|
|
|
|
|
|
zot:env_key
|
|
|
|
|
***********
|
|
|
|
|
|
|
|
|
|
A suitable randomly generated encyption key of length 32 octets for encrypting
|
|
|
|
|
the envelope. This is then encrypted with the recipient's public key and
|
|
|
|
|
base64url encoded. For bulk deliveries, it is encrypted with the site bulk
|
|
|
|
|
delivery public key.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
zot:env_iv
|
|
|
|
|
**********
|
|
|
|
|
|
|
|
|
|
A suitable randomly generated initialisation vector of length 16 octets for
|
|
|
|
|
encrypting the envelope. This is then encrypted with the recipient's public
|
|
|
|
|
key and base64url encoded. For bulk deliveries, it is encrypted with the site
|
|
|
|
|
bulk delivery public key.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
zot:env
|
|
|
|
|
*******
|
|
|
|
|
@ -99,9 +123,8 @@ is a valid entry. A zot envelope is UTF-8 encoded, which differs from RFC822.
|
|
|
|
|
The host component MUST be US-ASCII, with punycode translation of
|
|
|
|
|
internationalised domain names applied.
|
|
|
|
|
|
|
|
|
|
The entire envelope is encrypted with alg using key and iv. Only AES-256-CBC
|
|
|
|
|
is defined as an algorithm in this specification. The encrypted envelope is
|
|
|
|
|
then base64url encoded for transmission.
|
|
|
|
|
The entire envelope is then encrypted using alg with env_key and env_iv and
|
|
|
|
|
base64url encoded for transmission.
|
|
|
|
|
|
|
|
|
|
The zot envelope MAY include remote addresses. A zot delivery agent MUST parse
|
|
|
|
|
all addresses and determine whether a delivery address to the current endpoint
|
|
|
|
|
@ -246,6 +269,7 @@ Only authentication via OpenID is defined in this version of the specification.
|
|
|
|
|
This can be used to provide access control of any web resource to any
|
|
|
|
|
webfinger identity on the internet.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*********
|
|
|
|
|
* Links *
|
|
|
|
|
*********
|
|
|
|
|
|
Friendika
12 years ago