Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

zot-2012.txt 3.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182
  1. Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts.
  2. It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely.
  3. All communications are https
  4. First create a global unique userid
  5. Site userid:
  6. https://macgirvin.com/1
  7. $guuid = base64url_encode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1);
  8. Then create a hashed site destination.
  9. $gduid = base64url_encode(hash('whirlpool', $guuid . 'https://macgirvin.com',1);
  10. These two keys will identify you as a person+site pair in the future.
  11. You will also obtain a password upon introducing yourself to a site.
  12. This can be used to edit locations in the future. You will always keep your global unique userid
  13. The steps to connect with somebody are to first register your location with their site.
  14. Then introduce yourself to the person. This contains flags for the desired relationship.
  15. At some future time, they may confirm and adjust the relationship based on their comfort level.
  16. Lack of confirmation is tantamount to denial.
  17. You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint.
  18. They may do likewise.
  19. A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere.
  20. You do not need to register locations with each person, only with the site.
  21. Introduce yourself to a site:
  22. POST https://example.com/post
  23. {
  24. 'type' => 'register'
  25. 'person' => $guuid
  26. 'address' => $gduid
  27. 'site' => 'https://macgirvin.com'
  28. 'info' => 'mike@macgirvin.com'
  29. }
  30. Returns:
  31. {
  32. 'success' => 'true'
  33. 'pass' => me_encrypt($random_string)
  34. }
  35. ---
  36. Add location
  37. ---
  38. POST https://example.com/post
  39. {
  40. 'type' => 'location'
  41. 'person' => $guuid
  42. 'address' => $new_gduid
  43. 'site' => 'https://newsite.com'
  44. 'info' => 'mike@newsite.com'
  45. 'pass' => me_encrypt($gduid . '.' . $pass)
  46. }
  47. Returns:
  48. {
  49. 'success' => 'true'
  50. 'pass' => me_encrypt($random_string)
  51. }
  52. ---
  53. Remove location
  54. ---
  55. POST https://example.com/post
  56. {
  57. 'type' => 'remove_location'
  58. 'person' => $guuid
  59. 'address' => $gduid
  60. 'pass' => me_encrypt($pass)
  61. }
  62. Returns:
  63. {
  64. 'success' => 'true'
  65. 'message' => 'OK'
  66. }
  67. ------------
  68. Make friends
  69. ------------
  70. This message may be reversed/repeated by the destination site to confirm.
  71. flags is the desired friendship bits. The same message may be used with different flags
  72. to edit or remove a relationship.
  73. POST https://example.com/post
  74. {
  75. 'type' => 'contact'
  76. 'person' => $gduid
  77. 'address' => $guuid
  78. 'target' => 'bobjones@example.com'
  79. 'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0
  80. 'confirm' => me_encrypt($guuid . '.' . $pass)
  81. }
  82. Returns:
  83. {
  84. 'success' => 'true'
  85. 'message' => 'OK'
  86. 'flags' => PENDING=1
  87. }
  88. -------
  89. Message
  90. -------
  91. Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer.
  92. POST https://example.com/post
  93. {
  94. 'type' => 'post'
  95. 'person' => $guuid
  96. 'address' => $gduid
  97. 'post' => $post_id
  98. }
  99. Returns:
  100. {
  101. 'success' => 'true'
  102. 'message' => 'OK'
  103. }
  104. --------
  105. Callback
  106. --------
  107. POST https://macgirvin.com/post
  108. {
  109. 'type' => 'retrieve'
  110. 'retrieve' => $post_id
  111. 'challenge' => you_encrypt('abc123')
  112. 'verify' => me_encrypt('xyz456' . '.' . $gduid)
  113. }
  114. Returns:
  115. {
  116. 'success' => 'true'
  117. 'message' => 'OK'
  118. 'response' => 'abc123'
  119. 'data' => encrypted or raw structured post
  120. }