CapTP on HTTP
From Erights
Kevin Reid (Talk | contribs) |
(yes, different mime type) |
||
Line 1: | Line 1: | ||
- | ''Motivation: [[Caja-CapTP]] attempts to reuse web protocols to minimize the amount of low-level code it requires.'' | + | ''Motivation: [[Caja-CapTP]] attempts to reuse web protocols to minimize the amount of low-level code (parsers, ...) or access (TCP, ...) it requires.'' |
This page will define a protocol for transporting a CapTP connection over HTTP. | This page will define a protocol for transporting a CapTP connection over HTTP. | ||
Line 17: | Line 17: | ||
== Connections == | == Connections == | ||
- | Unless otherwise specified, all requests and responses are | + | Unless otherwise specified, all requests and responses are JSON text following Waterken conventions {{XXX|link to docs}} for types and hyperlinks, of media type (MIME type) <code>application/captp+json</code>. ''Rationale for having a distinct media type: Web protocol design principles say that clients should not need prior knowledge that any given URL is a CapTP-related URL.'' |
After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific ''receivers'', which are web resources identified by URLs. | After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific ''receivers'', which are web resources identified by URLs. |
Latest revision as of 14:38, 1 June 2009
Motivation: Caja-CapTP attempts to reuse web protocols to minimize the amount of low-level code (parsers, ...) or access (TCP, ...) it requires.
This page will define a protocol for transporting a CapTP connection over HTTP.
Identification and security
For the protection of swiss numbers and private data, this protocol should only be used over a secure connection (HTTPS, relying on certificate authorities, or HTTPSY) or a relied-upon network.
The format of a serialized SturdyRef in this protocol is:
http[s[y]]://.../arbitrary#swissNum
The VatID data is everything but the fragment, unless HTTPSY is used in which case the host:port information is omitted. XXX formalize this
XXX specify encoding of swissNum
Connections
Unless otherwise specified, all requests and responses are JSON text following Waterken conventions XXX link to docs for types and hyperlinks, of media type (MIME type) application/captp+json
. Rationale for having a distinct media type: Web protocol design principles say that clients should not need prior knowledge that any given URL is a CapTP-related URL.
After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific receivers, which are web resources identified by URLs.
To open a CapTP-on-HTTP connection, the initiating vat sends a POST request to the above URL; the request body consists of the URL of the initiator's receiver. XXX Specify how the server obtains and verifies the client's VatID. The successful response consists of the URL of the server's receiver. XXX Specify tiebreaking scheme. All communication from then on is symmetric.