orms message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Some thoughs on ORD protocols etc.
- From: Nat Sakimura <n-sakimura@nri.co.jp>
- To: orms@lists.oasis-open.org
- Date: Mon, 27 Sep 2010 04:52:41 +0900
Since ORD draft ver.0.1 does not have any protocol in it, I have started thinking about it.
Also, despite the discussions that we had couple of months ago, I still think that ORD draft ver.0.1 lacks some important data.
So, here is what I think right now that how it should be like.
# Note: The requirements in the Use Case document is pretty good ...
Any feedback is welcome:
Requesting ORD
==============
ORD can be requested to the ORD endpoint via GET.
GET ORD_Endpoint
params
------
sp=signed parameters.
where signed parameters are
base64url_encode(ordreq)
where ordreq is :
"ordreq":{
"requester":{
"id":"url",
"name":"utf8 string",
"certs":"b64url(DER) "
},
"claim":{
"id":"url of the tempalte"
},
"dateRange":{
"start": ,
"end":
}
}
ORD Response
====================
ORD response is given in the body of the
response. It is a signed and optionally encrypted
ORD or ORDS. Response is encrypted using
the requester's public key.
Following is a JSON serialization.
(XML is more expressive, so it would be good to start from JSON, IMHO.)
"ord":{
"type":"+reputation",
"target":{
"id":"sha256(url)",
"name":"string"
},
"source":{
"id":"url",
"type":"user|engine",
"name":"name",
"certs":"b64url(DER)"
},
"requester":{
"id":"url",
"name":"utf8 string",
"certs":"b64url(DER) "
},
"claim":{
"id":"url of the tempalte",
"type":"Quantitative | Qualitative",
"score":[0,1],
"rawScore":"string",
"distribution":"TypeURI",
"mean":[0,1],
"median":[0,1],
"variance":numeric,
"sampleSize":integer,
"date":"2010-01-01T00:00:00Z",
"other":"text"
},
"inputData":{
"uri":"uri of the input data stream",
"startDate":"2010-01-01T00:00:00Z",
"endDate":"2010-07-01T00:00:00Z"
}
}
Open Reputation Data Sequence
=============================
"ords":[ord, ord, ..., ord]
Reputation Input Data
=====================
"rid":{
"ords":[ord, ord, ..., ord],
"rawInput":"blob text"
}
Signature Format
================
JSON Sigs
Encryption Format
=================
JSON Encryption
XML Encapusulation
==================
When desired, the JSON can be encapsulated
inside XML in the following manner.
<JSON id="1">JSON Object</JSON>
This is convenient when one wants to
store it for long period of time, and thus
want to apply XML DSig based timestamps.
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]