Opened at 2022-03-01T15:34:11Z
Last modified at 2022-04-14T16:25:03Z
#3875 closed task
Server/client code for HTTP storage protocol fURLs — at Version 2
| Reported by: | itamarst | Owned by: | itamarst |
|---|---|---|---|
| Priority: | normal | Milestone: | HTTP Storage Protocol |
| Component: | unknown | Version: | n/a |
| Keywords: | Cc: | ||
| Launchpad Bug: |
Description (last modified by itamarst)
A HTTP storage fURL looks like pb://i5xb...@example.com:443/g3m5...#v=1, where i5xb... is the sha256 of the Subject Public Key Information. The g3m5... is the swissnum; the #v=1 means it's HTTP.
On the server-side:
- The HTTP server should be able to listen with TLS, given paths to key file and certificate file. (It already accepts the swissnum.)
- It should provide an API that returns the fURL in above format, at the moment purely to be used in testing.
On the client-side:
- The client should be able to determine the host/port to connect to from a fURL.
- Upon connecting, the client should verify:
- Expiration date of certificate; it hasn't expired.
- That the public key in the certificate has SPKI has that matches the one in the fURL.
- That the certificate was signed by the private key (i.e. self-signed).
Change History (2)
comment:1 Changed at 2022-03-01T15:37:54Z by itamarst
- Description modified (diff)
comment:2 Changed at 2022-03-01T15:52:17Z by itamarst
- Description modified (diff)
Note: See
TracTickets for help on using
tickets.
