diff options
Diffstat (limited to 'docs/rfc.html')
| -rw-r--r-- | docs/rfc.html | 164 |
1 files changed, 129 insertions, 35 deletions
diff --git a/docs/rfc.html b/docs/rfc.html index 84b5c0a..99a6a34 100644 --- a/docs/rfc.html +++ b/docs/rfc.html @@ -1220,7 +1220,7 @@ li > p:last-of-type:only-child { </tr></thead> <tfoot><tr> <td class="left">bt</td> -<td class="center">Expires 16 October 2026</td> +<td class="center">Expires 20 October 2026</td> <td class="right">[Page]</td> </tr></tfoot> </table> @@ -1233,12 +1233,12 @@ li > p:last-of-type:only-child { <dd class="internet-draft">SOLEC</dd> <dt class="label-published">Published:</dt> <dd class="published"> -<time datetime="2026-04-14" class="published">14 April 2026</time> +<time datetime="2026-04-18" class="published">18 April 2026</time> </dd> <dt class="label-intended-status">Intended Status:</dt> <dd class="intended-status">Experimental</dd> <dt class="label-expires">Expires:</dt> -<dd class="expires"><time datetime="2026-10-16">16 October 2026</time></dd> +<dd class="expires"><time datetime="2026-10-20">20 October 2026</time></dd> <dt class="label-authors">Author:</dt> <dd class="authors"> <div class="author"> @@ -1274,7 +1274,7 @@ SOLEC system.<a href="#section-abstract-1" class="pilcrow">¶</a></p> time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."<a href="#section-boilerplate.1-3" class="pilcrow">¶</a></p> <p id="section-boilerplate.1-4"> - This Internet-Draft will expire on 16 October 2026.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p> + This Internet-Draft will expire on 20 October 2026.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p> </section> </div> <div id="copyright"> @@ -1350,21 +1350,33 @@ SOLEC system.<a href="#section-abstract-1" class="pilcrow">¶</a></p> <p id="section-toc.1-1.2.2.4.2.3.1"><a href="#section-2.4.3" class="auto internal xref">2.4.3</a>. <a href="#name-handshake" class="internal xref">Handshake</a></p> </li> <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.4.2.4"> - <p id="section-toc.1-1.2.2.4.2.4.1"><a href="#section-2.4.4" class="auto internal xref">2.4.4</a>. <a href="#name-auth" class="internal xref">Auth</a></p> + <p id="section-toc.1-1.2.2.4.2.4.1"><a href="#section-2.4.4" class="auto internal xref">2.4.4</a>. <a href="#name-userauth" class="internal xref">UserAuth</a></p> </li> <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.4.2.5"> - <p id="section-toc.1-1.2.2.4.2.5.1"><a href="#section-2.4.5" class="auto internal xref">2.4.5</a>. <a href="#name-message" class="internal xref">Message</a></p> + <p id="section-toc.1-1.2.2.4.2.5.1"><a href="#section-2.4.5" class="auto internal xref">2.4.5</a>. <a href="#name-serverauth" class="internal xref">ServerAuth</a></p> </li> <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.4.2.6"> - <p id="section-toc.1-1.2.2.4.2.6.1"><a href="#section-2.4.6" class="auto internal xref">2.4.6</a>. <a href="#name-test" class="internal xref">Test</a></p> + <p id="section-toc.1-1.2.2.4.2.6.1"><a href="#section-2.4.6" class="auto internal xref">2.4.6</a>. <a href="#name-message" class="internal xref">Message</a></p> +</li> + <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.4.2.7"> + <p id="section-toc.1-1.2.2.4.2.7.1"><a href="#section-2.4.7" class="auto internal xref">2.4.7</a>. <a href="#name-test" class="internal xref">Test</a></p> </li> </ul> </li> <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.5"> <p id="section-toc.1-1.2.2.5.1"><a href="#section-2.5" class="auto internal xref">2.5</a>. <a href="#name-sequential-operations" class="internal xref">Sequential operations</a></p> +</li> + <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.6"> + <p id="section-toc.1-1.2.2.6.1"><a href="#section-2.6" class="auto internal xref">2.6</a>. <a href="#name-client-server-connection-in" class="internal xref">Client-Server connection initialisation</a></p> +</li> + <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.7"> + <p id="section-toc.1-1.2.2.7.1"><a href="#section-2.7" class="auto internal xref">2.7</a>. <a href="#name-exchanging-messages-between" class="internal xref">Exchanging messages between servers</a></p> <ul class="compact toc ulBare ulEmpty"> -<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.5.2.1"> - <p id="section-toc.1-1.2.2.5.2.1.1"><a href="#section-2.5.1" class="auto internal xref">2.5.1</a>. <a href="#name-connection-initialisation" class="internal xref">Connection initialisation</a></p> +<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.7.2.1"> + <p id="section-toc.1-1.2.2.7.2.1.1"><a href="#section-2.7.1" class="auto internal xref">2.7.1</a>. <a href="#name-authentication" class="internal xref">Authentication</a></p> +</li> + <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.7.2.2"> + <p id="section-toc.1-1.2.2.7.2.2.1"><a href="#section-2.7.2" class="auto internal xref">2.7.2</a>. <a href="#name-server-server-connection-in" class="internal xref">Server-Server connection initialisation</a></p> </li> </ul> </li> @@ -1582,7 +1594,7 @@ Text is encoded using UTF-8.<a href="#section-2.3.3-1" class="pilcrow">¶</a></p </tr> <tr> <td class="text-left" rowspan="1" colspan="1">0x04</td> - <td class="text-left" rowspan="1" colspan="1">Auth</td> + <td class="text-left" rowspan="1" colspan="1">UserAuth</td> <td class="text-left" rowspan="1" colspan="1">C</td> </tr> <tr> @@ -1591,6 +1603,11 @@ Text is encoded using UTF-8.<a href="#section-2.3.3-1" class="pilcrow">¶</a></p <td class="text-left" rowspan="1" colspan="1">SC</td> </tr> <tr> + <td class="text-left" rowspan="1" colspan="1">0x06</td> + <td class="text-left" rowspan="1" colspan="1">ServerAuth</td> + <td class="text-left" rowspan="1" colspan="1">S</td> + </tr> + <tr> <td class="text-left" rowspan="1" colspan="1">0xFF</td> <td class="text-left" rowspan="1" colspan="1">Test</td> <td class="text-left" rowspan="1" colspan="1">R</td> @@ -1641,7 +1658,7 @@ Text is encoded using UTF-8.<a href="#section-2.3.3-1" class="pilcrow">¶</a></p <tbody> <tr> <td class="text-left" rowspan="1" colspan="1">0x01</td> - <td class="text-left" rowspan="1" colspan="1">Auth failed. Invalid username or password.</td> + <td class="text-left" rowspan="1" colspan="1">Client auth failed. Invalid username or password.</td> </tr> <tr> <td class="text-left" rowspan="1" colspan="1">0x02</td> @@ -1713,10 +1730,10 @@ different auth method will be used.<a href="#section-2.4.3.1-1" class="pilcrow"> </div> </section> </div> -<div id="auth"> +<div id="userauth"> <section id="section-2.4.4"> - <h4 id="name-auth"> -<a href="#section-2.4.4" class="section-number selfRef">2.4.4. </a><a href="#name-auth" class="section-name selfRef">Auth</a> + <h4 id="name-userauth"> +<a href="#section-2.4.4" class="section-number selfRef">2.4.4. </a><a href="#name-userauth" class="section-name selfRef">UserAuth</a> </h4> <table class="center" id="table-6"> <caption><a href="#table-6" class="selfRef">Table 6</a></caption> @@ -1739,10 +1756,10 @@ different auth method will be used.<a href="#section-2.4.3.1-1" class="pilcrow"> </table> </section> </div> -<div id="message"> +<div id="serverauth"> <section id="section-2.4.5"> - <h4 id="name-message"> -<a href="#section-2.4.5" class="section-number selfRef">2.4.5. </a><a href="#name-message" class="section-name selfRef">Message</a> + <h4 id="name-serverauth"> +<a href="#section-2.4.5" class="section-number selfRef">2.4.5. </a><a href="#name-serverauth" class="section-name selfRef">ServerAuth</a> </h4> <table class="center" id="table-7"> <caption><a href="#table-7" class="selfRef">Table 7</a></caption> @@ -1755,6 +1772,28 @@ different auth method will be used.<a href="#section-2.4.3.1-1" class="pilcrow"> <tbody> <tr> <td class="text-left" rowspan="1" colspan="1">string</td> + <td class="text-left" rowspan="1" colspan="1">name</td> + </tr> + </tbody> + </table> +</section> +</div> +<div id="message"> +<section id="section-2.4.6"> + <h4 id="name-message"> +<a href="#section-2.4.6" class="section-number selfRef">2.4.6. </a><a href="#name-message" class="section-name selfRef">Message</a> + </h4> +<table class="center" id="table-8"> + <caption><a href="#table-8" class="selfRef">Table 8</a></caption> +<thead> + <tr> + <th class="text-left" rowspan="1" colspan="1">Type</th> + <th class="text-left" rowspan="1" colspan="1">Name</th> + </tr> + </thead> + <tbody> + <tr> + <td class="text-left" rowspan="1" colspan="1">string</td> <td class="text-left" rowspan="1" colspan="1">source_address</td> </tr> <tr> @@ -1774,14 +1813,14 @@ different auth method will be used.<a href="#section-2.4.3.1-1" class="pilcrow"> </section> </div> <div id="test"> -<section id="section-2.4.6"> +<section id="section-2.4.7"> <h4 id="name-test"> -<a href="#section-2.4.6" class="section-number selfRef">2.4.6. </a><a href="#name-test" class="section-name selfRef">Test</a> +<a href="#section-2.4.7" class="section-number selfRef">2.4.7. </a><a href="#name-test" class="section-name selfRef">Test</a> </h4> -<p id="section-2.4.6-1">Test payload is used for encoder and decoders testing. Clients and servers -should ignore this kind of payload.<a href="#section-2.4.6-1" class="pilcrow">¶</a></p> -<table class="center" id="table-8"> - <caption><a href="#table-8" class="selfRef">Table 8</a></caption> +<p id="section-2.4.7-1">Test payload is used for encoder and decoders testing. Clients and servers +should ignore this kind of payload.<a href="#section-2.4.7-1" class="pilcrow">¶</a></p> +<table class="center" id="table-9"> + <caption><a href="#table-9" class="selfRef">Table 9</a></caption> <thead> <tr> <th class="text-left" rowspan="1" colspan="1">Type</th> @@ -1835,12 +1874,14 @@ should ignore this kind of payload.<a href="#section-2.4.6-1" class="pilcrow">¶ <p id="section-2.5-1">Some operations require multiple rounds of communication. In this case payloads are send in a sequence. Payload that is not part of this specific operation (for example incoming message) cannot interrupt this process.<a href="#section-2.5-1" class="pilcrow">¶</a></p> -<div id="connection-initialisation"> -<section id="section-2.5.1"> - <h4 id="name-connection-initialisation"> -<a href="#section-2.5.1" class="section-number selfRef">2.5.1. </a><a href="#name-connection-initialisation" class="section-name selfRef">Connection initialisation</a> - </h4> -<div class="lang-ascii-art sourcecode" id="section-2.5.1-1"> +</section> +</div> +<div id="client-server-connection-initialisation"> +<section id="section-2.6"> + <h3 id="name-client-server-connection-in"> +<a href="#section-2.6" class="section-number selfRef">2.6. </a><a href="#name-client-server-connection-in" class="section-name selfRef">Client-Server connection initialisation</a> + </h3> +<div class="lang-ascii-art sourcecode" id="section-2.6-1"> <pre>+--------+ +--------+ | Client | | Server | +----+---+ +----+---+ @@ -1851,19 +1892,72 @@ specific operation (for example incoming message) cannot interrupt this process. | Send [Handshake] | +--------------------------->| | | - | +- If [ver_major] does not match server - | | protocol version close the connection + | +- If [ver_major] does not match + | | server protocol version close + | | the connection. | | - | Send [Auth] | + | Send [UserAuth] | +--------------------------->| | | | Send [Error 0x01] | - |<---------------------------+- If [username] or [password] does not match - | | and close the connection + |<---------------------------+- If [username] or [password] + | | does not match and close + | | the connection. + | | + | Send [Sucesss] | + |<---------------------------+ +</pre><a href="#section-2.6-1" class="pilcrow">¶</a> +</div> +</section> +</div> +<div id="exchanging-messages-between-servers"> +<section id="section-2.7"> + <h3 id="name-exchanging-messages-between"> +<a href="#section-2.7" class="section-number selfRef">2.7. </a><a href="#name-exchanging-messages-between" class="section-name selfRef">Exchanging messages between servers</a> + </h3> +<p id="section-2.7-1">Exchanging messages between SOLEC servers is a core concept behind the project. +Sending message to user residing on a different server require estabilishing a +connection between both servers.<a href="#section-2.7-1" class="pilcrow">¶</a></p> +<div id="authentication"> +<section id="section-2.7.1"> + <h4 id="name-authentication"> +<a href="#section-2.7.1" class="section-number selfRef">2.7.1. </a><a href="#name-authentication" class="section-name selfRef">Authentication</a> + </h4> +<p id="section-2.7.1-1">Server authentication is crucial to prevent message spoofing and other forms of +abuse. Server cannot use same auth process as clients because that would require +creating account for each server on any other server which is impossible. +Possible solution are TLS or other public key based protocol.<a href="#section-2.7.1-1" class="pilcrow">¶</a></p> +<p id="section-2.7.1-2">As for now the issue remains open and server authorization uses mock +[ServerAuth] payload which specifies just the connecting server name. +This is obviously insecure.<a href="#section-2.7.1-2" class="pilcrow">¶</a></p> +</section> +</div> +<div id="server-server-connection-initialisation"> +<section id="section-2.7.2"> + <h4 id="name-server-server-connection-in"> +<a href="#section-2.7.2" class="section-number selfRef">2.7.2. </a><a href="#name-server-server-connection-in" class="section-name selfRef">Server-Server connection initialisation</a> + </h4> +<div class="lang-ascii-art sourcecode" id="section-2.7.2-1"> +<pre>+--------+ +--------+ +| Server | | Server | ++----+---+ +----+---+ + | | + | Initialise TCP connection | + +--------------------------->| + | | + | Send [Handshake] | + +--------------------------->| + | | + | +- If [ver_major] does not match + | | server protocol version close + | | the connection. + | | + | Send [ServerAuth] | + +--------------------------->| | | | Send [Sucesss] | |<---------------------------+ -</pre><a href="#section-2.5.1-1" class="pilcrow">¶</a> +</pre><a href="#section-2.7.2-1" class="pilcrow">¶</a> </div> </section> </div> |