CapTP on HTTP
From Erights
(yes, different mime type) |
Kevin Reid (Talk | contribs) |
||
| Line 1: | Line 1: | ||
| - | ''Motivation: [[Caja-CapTP]] attempts to reuse web protocols to minimize the amount of low-level code | + | ''Motivation: [[Caja-CapTP]] attempts to reuse web protocols to minimize the amount of low-level code it requires.'' |
This page will define a protocol for transporting a CapTP connection over HTTP. | This page will define a protocol for transporting a CapTP connection over HTTP. | ||
| Line 17: | Line 17: | ||
== Connections == | == Connections == | ||
| - | Unless otherwise specified, all requests and responses are | + | Unless otherwise specified, all requests and responses are <code>application/json</code> entities following Waterken conventions {{XXX|link to docs}} for types and hyperlinks. {{XXX|Should we define our own more specific mime type?}} |
After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific ''receivers'', which are web resources identified by URLs. | After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific ''receivers'', which are web resources identified by URLs. | ||
Revision as of 03:59, 1 June 2009
Motivation: Caja-CapTP attempts to reuse web protocols to minimize the amount of low-level code it requires.
This page will define a protocol for transporting a CapTP connection over HTTP.
Identification and security
For the protection of swiss numbers and private data, this protocol should only be used over a secure connection (HTTPS, relying on certificate authorities, or HTTPSY) or a relied-upon network.
The format of a serialized SturdyRef in this protocol is:
http[s[y]]://.../arbitrary#swissNum
The VatID data is everything but the fragment, unless HTTPSY is used in which case the host:port information is omitted. XXX formalize this
XXX specify encoding of swissNum
Connections
Unless otherwise specified, all requests and responses are application/json entities following Waterken conventions XXX link to docs for types and hyperlinks. XXX Should we define our own more specific mime type?
After a connection is established, all CapTP messages are sent as HTTP POST requests to connection-specific receivers, which are web resources identified by URLs.
To open a CapTP-on-HTTP connection, the initiating vat sends a POST request to the above URL; the request body consists of the URL of the initiator's receiver. XXX Specify how the server obtains and verifies the client's VatID. The successful response consists of the URL of the server's receiver. XXX Specify tiebreaking scheme. All communication from then on is symmetric.
