diff options
Diffstat (limited to 'protocol.txt')
-rw-r--r-- | protocol.txt | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/protocol.txt b/protocol.txt index 687c085..5bf0f7e 100644 --- a/protocol.txt +++ b/protocol.txt @@ -3,9 +3,10 @@ the two participants, known as the user and the developer. (The exact composition of the JSON objects is not described here; see Types.hs for the data types that JSON serialization instances are derived -from. Also, debug-me uses a binary format instead of sending JSON +from. Also, debug-me uses a binary format instead of sending JSON over the wire. The wire format is currently implemented using the -Haskell cereal library, and is not specified.) +Haskell cereal library, and is not specified. There is also a simple +framing protocol used for communicating over websockets; see WebSockets.hs) The Activity type is the main message type. The user sends Activity Seen messages, and the developer responds with Activity Entered. @@ -73,17 +74,17 @@ in a Control message containing a SessionKey. Before the developer can enter anything, they must send a SessionKey message with their session key, and it must be accepted by the user. The developer must have a gpg private key, which is used to sign their session key. -(The user may have a gpg private key, which will sign their session key +(The user may have a gpg private key, which may sign their session key if available, but this is optional.) The user will reject session keys that are not signed by a gpg key or when the gpg key is not one they -trust. The user sends a SessionKeyAccepted/SessionKeyRejected message -to indicate if they accepted the developer's key or not. - -Note that there could be multiple developers, in which case each will -send their session key before being able to do anything except observe -the debug-me session. +trust. The user sends a SessionKeyAccepted/SessionKeyRejected control +message to indicate if they accepted the developer's key or not. Each message in the debug-me session is signed by the party that sends it, using their session key. The hash of a message includes its signature, so the activity chain proves who sent a message, and who sent the message before it, etc. + +Note that there could be multiple developers, in which case each will +send their session key before being able to do anything except observe +the debug-me session. |