OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

orms message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Some thoughs on ORD protocols etc.

Since ORD draft ver.0.1 does not have any protocol in it, I have started thinking about it. 
Also, despite the discussions that we had couple of months ago, I still think that ORD draft ver.0.1 lacks some important data. 

So, here is what I think right now that how it should be like. 

# Note: The requirements in the Use Case document is pretty good ... 

Any feedback is welcome: 


Requesting ORD
==============

ORD can be requested to the ORD endpoint via GET. 

GET ORD_Endpoint

params
------
sp=signed parameters. 

where signed parameters are 
base64url_encode(ordreq)

where ordreq is :

"ordreq":{
"requester":{
"id":"url",
"name":"utf8 string",
"certs":"b64url(DER) "
},
"claim":{
"id":"url of the tempalte"
},
"dateRange":{
"start":  ,
"end":  
}
}

ORD Response
====================

ORD response is given in the body of the 
response. It is a signed and optionally encrypted 
ORD or ORDS. Response is encrypted using 
the requester's public key. 

Following is a JSON serialization. 
(XML is more expressive, so it would be good to start from JSON, IMHO.) 

"ord":{
"type":"+reputation",
"target":{
"id":"sha256(url)",
"name":"string"
},
"source":{
"id":"url",
"type":"user|engine",
"name":"name",
"certs":"b64url(DER)"
},
"requester":{
"id":"url",
"name":"utf8 string",
"certs":"b64url(DER) "
},
"claim":{
"id":"url of the tempalte",
"type":"Quantitative | Qualitative",
"score":[0,1],
"rawScore":"string",
"distribution":"TypeURI",
"mean":[0,1],
"median":[0,1],
"variance":numeric,
"sampleSize":integer,
"date":"2010-01-01T00:00:00Z",
"other":"text"
},
"inputData":{
"uri":"uri of the input data stream",
"startDate":"2010-01-01T00:00:00Z",
"endDate":"2010-07-01T00:00:00Z"
}
}

Open Reputation Data Sequence
=============================
"ords":[ord, ord, ..., ord]

Reputation Input Data
=====================
"rid":{
"ords":[ord, ord, ..., ord],
"rawInput":"blob text"
}

Signature Format
================
JSON Sigs

Encryption Format
=================
JSON Encryption

XML Encapusulation
==================
When desired, the JSON can be encapsulated 
inside XML in the following manner. 

<JSON id="1">JSON Object</JSON>

This is convenient when one wants to 
store it for long period of time, and thus 
want to apply XML DSig based timestamps. 





--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]