summaryrefslogtreecommitdiff
path: root/doc/sphinx/rest.rst
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2022-04-12 21:52:18 +0200
committerChristian Grothoff <christian@grothoff.org>2022-04-12 21:52:18 +0200
commit257c5a12043fd6a05ce2bf8aaa19fcf90eb10a78 (patch)
tree38c115b7c511450348d4c8acaca627a9a57d10a5 /doc/sphinx/rest.rst
parentadf5df0e1a05adc1abbbfdcd62385db89c9aa00c (diff)
downloadanastasis-257c5a12043fd6a05ce2bf8aaa19fcf90eb10a78.tar.gz
anastasis-257c5a12043fd6a05ce2bf8aaa19fcf90eb10a78.tar.bz2
anastasis-257c5a12043fd6a05ce2bf8aaa19fcf90eb10a78.zip
-make meta data mandatory
Diffstat (limited to 'doc/sphinx/rest.rst')
-rw-r--r--doc/sphinx/rest.rst4
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/sphinx/rest.rst b/doc/sphinx/rest.rst
index 835ac6f..6943387 100644
--- a/doc/sphinx/rest.rst
+++ b/doc/sphinx/rest.rst
@@ -174,7 +174,7 @@ In the following, UUID is always defined and used according to `RFC 4122`_.
interface MetaData {
// The meta value can be NULL if the document
// exists but no meta data was provided.
- meta?: String;
+ meta: string;
// Server-time indicative of when the recovery
// document was uploaded.
@@ -263,6 +263,8 @@ In the following, UUID is always defined and used according to `RFC 4122`_.
The server MUST refuse the upload with a ``304`` status code if the Etag matches
the latest version already known to the server.
+ *Anastasis-Policy-Meta-Data*: Encrypted meta data to be stored by the server and returned with the respective endpoint to provide an overview of the available policies. Encrypted using a random nonce and a key derived from the user ID using the salt "rmd". The plaintext metadata must consist of the policy hash (for deduplication) and the (human readable) secret name.
+
*Anastasis-Policy-Signature*: The client must provide Base-32 encoded EdDSA signature over hash of body with ``$ACCOUNT_PRIV``, affirming desire to upload an encrypted recovery document.
*Payment-Identifier*: Base-32 encoded 32-byte payment identifier that was included in a previous payment (see ``402`` status code). Used to allow the server to check that the client paid for the upload (to protect the server against DoS attacks) and that the client knows a real secret of financial value (as the **kdf_id** might be known to an attacker). If this header is missing in the client's request (or the associated payment has exceeded the upload limit), the server must return a ``402`` response. When making payments, the server must include a fresh, randomly-generated payment-identifier in the payment request. If a payment identifier is given, the Anastasis backend may block for the payment to be confirmed by Taler as specified by the ``timeout_ms`` argument.