summaryrefslogtreecommitdiff
path: root/design-documents/006-extensions.rst
diff options
context:
space:
mode:
Diffstat (limited to 'design-documents/006-extensions.rst')
-rw-r--r--design-documents/006-extensions.rst56
1 files changed, 37 insertions, 19 deletions
diff --git a/design-documents/006-extensions.rst b/design-documents/006-extensions.rst
index 7692bb68..42a0e575 100644
--- a/design-documents/006-extensions.rst
+++ b/design-documents/006-extensions.rst
@@ -55,7 +55,8 @@ The necessary changes to ``ExchangeKeysResponse`` are highlighted here:
//...
// Optional field with a dictionary of (name, object) pairs defining the
- // supported extensions. The name MUST be non-empty and unique.
+ // supported and enabled extensions.
+ // The name MUST be non-empty and unique.
extensions?: { name: Extension };
// Signature by the exchange master key of the SHA-256 hash of the
@@ -115,30 +116,39 @@ feature. **However**, it MUST have
// https://docs.taler.net/core/api-common.html#protocol-version-ranges
version: LibtoolVersion;
- // Additional fields defined by the feature itself
- ...
-
+ // Optional configuration object, defined by the feature itself
+ config?: object;
}
Configuration
-------------
-Extensions are *disabled* per default and must *explicetly* be enabled via the
-tool ``taler-exchange-offline``.
+Extensions are *disabled* per default and must *explicetly* be enabled in the
+the TALER configuration manually. The configurations of all enabled extensions
+are signed with the master key and uploaded to the exchange with the tool
+``taler-exchange-offline``.
+
+Each extension has its own section in the configuration, starting with the
+prefix ``exchange-extension-``, like ``[exchange-extension-age_restriction]``.
+The field ``ENABLED = YES|NO`` is used to enable or disable the corresponding
+extension. If the extension has its own configuration parameters, they MAY be
+optional, in which case the ``taler-exchange-offline`` tool MUST fill them with
+safe default values.
-The ``taler-exchange-offline-tool`` MUST offer the subcommand ``extensions``
-for enabling/disabling and setting up particular extensions. For this purpose,
-the following sub-subcommands MUST be available:
+The ``taler-exchange-offline`` tool MUST offer the subcommand ``extensions``
+for showing and signing extensions. For this purpose, the following
+sub-subcommands MUST be available:
-* ``list``: List all available extensions, their versions and criticality
-* ``enable <name>``: Enable the extension with the given name.
-* ``disable <name>``: disable the extension with the given name.
+* ``extensions show``: List all available extensions, their versions,
+ criticality and whether they are enabled.
+* ``extensions sign``: Sign the configuration of all enabled extensions with
+ the master key and prepare a JSON-object for the ``upload`` command.
-When extensions are offered by an exchange the ``extensions`` object MUST be
-signed by the exchange's master signing key. Whenever extensions are enabled
-or disabled, the offline tool MUST sign the SHA256 hash of the normalized
-JSON-string of the ``extensions`` object, if it is not empty.
+When extensions are offered and enabled by an exchange, the ``extensions``
+object MUST be signed by the exchange's master signing key. Whenever
+extensions are enabled or disabled, the offline tool MUST sign the SHA256 hash
+of the normalized JSON-string of the ``extensions`` object, if it is not empty.
In order to do so, the ``taler-exchange-offline`` tool MUST
@@ -156,13 +166,21 @@ In order to do so, the ``taler-exchange-offline`` tool MUST
Similarly, the exchange MUST reject a signed configuration with extensions it
does not know or understand.
-
Examples
--------
-**TODO**:
+A configuration for age-restriction in the taler configuration would look like
+this:
+
+.. code:: none
+
+ [exchange-extension-age_restriction]
+ ENABLED = true
+ # default:
+ AGE_GROUPS = "8:10:12:14:16:18:21"
+
-* Add examples for age-restriction and p2p.
+* TODO: Add examples for p2p.
Merchant