diff options
| -rw-r--r-- | anastasis.rst | 127 |
1 files changed, 62 insertions, 65 deletions
diff --git a/anastasis.rst b/anastasis.rst index b3cfe309..835cc888 100644 --- a/anastasis.rst +++ b/anastasis.rst @@ -339,106 +339,103 @@ Anastasis REST API ------------------ .. _salt: +.. _config: +Receiving Configuration +^^^^^^^^^^^^^^^^^^^^^^^ -Obtain salt -^^^^^^^^^^^ - -.. http:get:: /salt - - Obtain the salt used by the escrow provider. Different providers - will use different high-entropy salt values. The resulting - **provider salt** is then used in various operations to ensure - cryptographic operations differ by provider. A provider must - never change its salt value. +.. http:get:: /config + Obtain the configuration details of the escrow provider. **Response:** - Returns a `SaltResponse`_. - - .. _SaltResponse: - .. ts:def:: SaltResponse - - interface SaltResponse { - // salt value, at least 128 bits of entropy - server_salt: string; - } - -.. _terms: - - -Receiving Terms of Service -^^^^^^^^^^^^^^^^^^^^^^^^^^ - -.. http:get:: /terms + Returns an `EscrowConfigurationResponse`_. - Obtain the terms of service provided by the escrow provider. - **Response:** + .. _EscrowConfigurationResponse: + .. ts:def:: EscrowConfigurationResponse - Returns an `EscrowTermsOfServiceResponse`_. + interface EscrowConfigurationResponse { - .. _EscrowTermsOfServiceResponse: - .. ts:def:: EscrowTermsOfServiceResponse + // Protocol identifier, clarifies that this is an Anastasis provider. + name: "anastasis"; - interface EscrowTermsOfServiceResponse { + // libtool-style representation of the Exchange protocol version, see + // https://www.gnu.org/software/libtool/manual/html_node/Versioning.html#Versioning + // The format is "current:revision:age". + version: string; - // minimum supported protocol version - min_version: number; + // Currency in which this provider processes payments. + currency: string; - // maximum supported protocol version - max_version: number; + // supported authorization methods + methods: AuthorizationMethodConfig[]; - // supported authentication methods - auth_methods: AuthenticationMethod[]; + // maximum policy upload size supported + storage_limit_in_megabytes: number; - // Payment required to maintain an account to store policy documents for a month. + // Payment required to maintain an account to store policy documents for a year. // Users can pay more, in which case the storage time will go up proportionally. - monthly_account_fee: Amount; + annual_fee: Amount; - // Amount required per policy upload. Note that the amount is NOT charged additionally - // to the monthly_storage_fee. Instead, when a payment is made, the amount is - // divided by the policy_upload_fee (and rounded down) to determine how many - // uploads can be made under the associated **payment identifier**. - policy_upload_ratio: Amount; - - // maximum policy upload size supported - policy_size_limit_in_bytes: number; - - // maximum truth upload size supported - truth_size_limit_in_bytes: number; + // Payment required to upload truth. To be paid per upload. + truth_upload_fee: Amount; // how long until the service expires deposited truth // (unless refreshed via another POST)? - truth_expiration: RelativeTime; - - // Payment required to upload truth. To be paid per upload. - truth_upload_fee: Amount; + truth_lifetime: RelativeTime; // Limit on the liability that the provider is offering with // respect to the services provided. liability_limit: Amount; - // HTML text describing the terms of service in legalese. - // May include placeholders like "${truth_upload_fee}" to - // reference entries in this response. - tos: string; + // salt value with 128 bits of entropy + // Different providers + // will use different high-entropy salt values. The resulting + // **provider salt** is then used in various operations to ensure + // cryptographic operations differ by provider. A provider must + // never change its salt value. + server_salt: string; } - .. _AuthenticationMethod: - .. ts:def:: AuthenticationMethod + .. _AuthorizationMethodConfig: + .. ts:def:: AuthorizationMethodConfig - interface AuthenticationMethod { - // name of the authentication method + interface AuthorizationMethodConfig { + // name of the authorization method name: string; - // Fee for accessing truth using this method + // Fee for accessing key share using this method usage_fee: Amount; } +.. _terms: + +Receiving Terms of Service +^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. http:get:: /terms + + Obtain the terms of service provided by the escrow provider. + + **Response:** + + Returns the terms of service of the provider, in the best language + and format available based on the client's request. + +.. http:get:: /privacy + + Obtain the privacy poliy of the service provided by the escrow provider. + + **Response:** + + Returns the privacy policy of the provider, in the best language + and format available based on the client's request. + + .. _manage-policy: |