X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=zot.txt;h=300b695ff0d4116e926d344a3fc6107430cf6deb;hb=30b7c689292b3a5d06fb9c52a369b53ecb05e57f;hp=93fdf3b9d8bd86f25cb3b07d65e892678927fdeb;hpb=f006b8385ad22f96c20c293f014ea73b04e2420d;p=friendica.git

diff --git a/zot.txt b/zot.txt
index 93fdf3b9d8..300b695ff0 100644
--- a/zot.txt
+++ b/zot.txt
@@ -1,7 +1,7 @@
 This is the Zot! social communications protocol. 
 
 Specification revision: 1
-01 September 2011
+15 September 2011
 
 Mike Macgirvin
 This specification is public domain.
@@ -11,9 +11,13 @@ webfinger and encapsulating salmon.
 
 First read the salmon and salmon magic envelope specifications. Zot also 
 makes use of webfinger and ActivityStreams and several concepts from RFC822
-(email). Zot encompasses the zot delivery framework, and the zid remote
+(email). Zot encompasses the zot delivery framework and the zid remote
 access protocol.
 
+The current specification revision (1) is frozen until a reference 
+implementation is available. After that, any protocol changes will require a 
+change to the revision number.  
+
 ****************
 * Zot delivery *
 ****************
@@ -21,13 +25,16 @@ access protocol.
 Format of a zot wrapper. This completely encapsulates a salmon magic envelope 
 and provides privacy protection, while defining a delivery envelope - a 
 concept familiar to email systems. All addresses in zot are webfinger 
-resolvable addresses containing both salmon and zot endpoints. 
+resolvable addresses containing zot endpoints and salmon public keys (zot 
+is a superset of salmon). 
 
 
 <?xml version='1.0' encoding='UTF-8'?>
 <zot:msg xmlns:zot='http://purl.org/zot/1.0'>
  <zot:key>((key))</zot:key>
  <zot:iv>((iv))</zot:iv>
+ <zot:env_key>((env_key))</zot:env_key>
+ <zot:env_iv>((env_iv))</zot:env_iv>
  <zot:env>((envelope))</zot:env>
  <zot:sig key_id="xxx">((sender signature))</zot:sig>
  <zot:alg>AES-256-CBC</zot:alg>
@@ -39,15 +46,33 @@ zot:key
 *******
 
 A suitable randomly generated encyption key of length 32 octets for encrypting 
-the envelope and salmon packet. This is then encrypted with the sender's 
-private key and base64url encoded.
+the salmon packet. This is then encrypted with the sender's private key and 
+base64url encoded.
 
 zot:iv
 ******
 
 A suitable randomly generated initialisation vector of length 16 octets for 
-encrypting the envelope and salmon packet. This is then encrypted with the 
-sender's private key and base64url encoded.
+encrypting the salmon packet. This is then encrypted with the sender's private 
+key and base64url encoded.
+
+zot:env_key
+***********
+
+A suitable randomly generated encyption key of length 32 octets for encrypting 
+the envelope. This is then encrypted with the recipient's public key and 
+base64url encoded. For bulk deliveries, it is encrypted with the site bulk 
+delivery public key.
+
+
+zot:env_iv
+**********
+
+A suitable randomly generated initialisation vector of length 16 octets for 
+encrypting the envelope. This is then encrypted with the recipient's public
+key and base64url encoded. For bulk deliveries, it is encrypted with the site 
+bulk delivery public key.
+
 
 zot:env
 *******
@@ -99,9 +124,8 @@ is a valid entry. A zot envelope is UTF-8 encoded, which differs from RFC822.
 The host component MUST be US-ASCII, with punycode translation of 
 internationalised domain names applied.
 
-The entire envelope is encrypted with alg using key and iv. Only AES-256-CBC
-is defined as an algorithm in this specification. The encrypted envelope is
-then base64url encoded for transmission. 
+The entire envelope is then encrypted using alg with env_key and env_iv and
+base64url encoded for transmission.
 
 The zot envelope MAY include remote addresses. A zot delivery agent MUST parse
 all addresses and determine whether a delivery address to the current endpoint
@@ -114,7 +138,7 @@ listed in the To:, Cc:, or Bcc: addresses matches the webfinger address of
 the "owner" of the endpoint.
 
 	3. The current endpoint is a bulk delivery endpoint. The bulk delivery
-ednpoint is defined elsewhere in this document. The bulk delivery agent
+endpoint is defined elsewhere in this document. The bulk delivery agent
 will deliver to all local addresses found in the address lists. 
 
 zot:sig
@@ -157,7 +181,7 @@ delivery method for non-encrypted (e.g. public) messages.
 
 Discover of the zot endpoint is based on webfinger XRD:
 
-<link rel="http://purl.org/zot/1.0/post" 
+<Link rel="http://purl.org/zot/1.0/post" 
 	href="http://example/org/zot-endpoint" />
 
 
@@ -197,6 +221,17 @@ embed alternate message formats and protocols such as
 "application/x-diaspora+xml". If a delivery agent is unable to provide any
 acceptable data format, the delivery MUST be terminated/cancelled. 
 
+Foreign Messages
+****************
+
+Messages MAY be imported from other networks and systems which have no 
+knowledge of salmon signatures. The salmon signature in this case MUST be the
+exact string 'NOTSIGNED' to indicate that the author (From address) cannot be 
+validated using salmon verification. This message MUST be relayed by a Sender
+who can provide a valid salmon signature of the message via zot:sig. Delivery
+systems MAY reject foreign messages.  
+
+
 
 **********************
 * Zid authentication *
@@ -243,9 +278,10 @@ and allow authenticated browsing to other resources on the website.
 
 Only authentication via OpenID is defined in this version of the specification.
 
-This can be used to provide access control to any web resource to any 
+This can be used to provide access control of any web resource to any 
 webfinger identity on the internet.
 
+
 *********
 * Links *
 *********