summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc2801.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc2801.txt')
-rw-r--r--doc/rfc/rfc2801.txt16243
1 files changed, 16243 insertions, 0 deletions
diff --git a/doc/rfc/rfc2801.txt b/doc/rfc/rfc2801.txt
new file mode 100644
index 0000000..9a16cd7
--- /dev/null
+++ b/doc/rfc/rfc2801.txt
@@ -0,0 +1,16243 @@
+
+
+
+
+
+
+Network Working Group D. Burdett
+Request for Comments: 2801 Commerce One
+Category: Informational April 2000
+
+
+ Internet Open Trading Protocol - IOTP
+ Version 1.0
+
+Status of this Memo
+
+ This memo provides information for the Internet community. It does
+ not specify an Internet standard of any kind. Distribution of this
+ memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+Abstract
+
+ The Internet Open Trading Protocol (IOTP) provides an interoperable
+ framework for Internet commerce. It is payment system independent and
+ encapsulates payment systems such as SET, Secure Channel
+ Credit/Debit, Mondex, CyberCoin, GeldKarte, etc. IOTP is able to
+ handle cases where such merchant roles as the shopping site, the
+ Payment Handler, the Delivery Handler of goods or services, and the
+ provider of customer support are performed by different parties or by
+ one party.
+
+Table of Contents
+
+ 1. Background .....................................................7
+ 1.1 Commerce on the Internet, a Different Model .................7
+ 1.2 Benefits of IOTP ............................................9
+ 1.3 Baseline IOTP ..............................................10
+ 1.4 Objectives of Document .....................................10
+ 1.5 Scope of Document ..........................................11
+ 1.6 Document Structure .........................................11
+ 1.7 Intended Readership ........................................13
+ 1.7.1 Reading Guidelines ...................................13
+ 2. Introduction ..................................................14
+ 2.1 Trading Roles ..............................................16
+ 2.2 Trading Exchanges ..........................................18
+ 2.2.1 Offer Exchange .......................................19
+ 2.2.2 Payment Exchange .....................................21
+ 2.2.3 Delivery Exchange ....................................24
+ 2.2.4 Authentication Exchange ..............................26
+ 2.3 Scope of Baseline IOTP .....................................28
+
+
+
+Burdett Informational [Page 1]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 3. Protocol Structure ............................................31
+ 3.1 Overview ...................................................32
+ 3.1.1 IOTP Message Structure ...............................32
+ 3.1.2 IOTP Transactions ....................................34
+ 3.2 IOTP Message ...............................................35
+ 3.2.1 XML Document Prolog ..................................37
+ 3.3 Transaction Reference Block ................................37
+ 3.3.1 Transaction Id Component .............................38
+ 3.3.2 Message Id Component .................................39
+ 3.3.3 Related To Component .................................41
+ 3.4 ID Attributes ..............................................42
+ 3.4.1 IOTP Message ID Attribute Definition .................43
+ 3.4.2 Block and Component ID Attribute Definitions .........44
+ 3.4.3 Example of use of ID Attributes ......................46
+ 3.5 Element References .........................................46
+ 3.6 Extending IOTP .............................................48
+ 3.6.1 Extra XML Elements ...................................49
+ 3.6.2 Opaque Embedded Data .................................50
+ 3.7 Packaged Content Element ...................................50
+ 3.7.1 Packaging HTML .......................................52
+ 3.7.2 Packaging XML ........................................53
+ 3.8 Identifying Languages ......................................54
+ 3.9 Secure and Insecure Net Locations ..........................54
+ 3.10 Cancelled Transactions .....................................55
+ 3.10.1 Cancelling Transactions ..............................55
+ 3.10.2 Handling Cancelled Transactions ......................56
+ 4. IOTP Error Handling ...........................................56
+ 4.1 Technical Errors ...........................................57
+ 4.2 Business Errors ............................................57
+ 4.3 Error Depth ................................................58
+ 4.3.1 Transport Level ......................................58
+ 4.3.2 Message Level ........................................58
+ 4.3.3 Block Level ..........................................59
+ 4.4 Idempotency, Processing Sequence, and Message Flow .........61
+ 4.5 Server Role Processing Sequence ............................62
+ 4.5.1 Initiating Transactions ..............................62
+ 4.5.2 Processing Input Messages ............................63
+ 4.5.3 Cancelling a Transaction .............................70
+ 4.5.4 Retransmitting Messages ..............................70
+ 4.6 Client Role Processing Sequence ............................71
+ 4.6.1 Initiating Transactions ..............................71
+ 4.6.2 Processing Input Messages ............................72
+ 4.6.3 Cancelling a Transaction .............................74
+ 4.6.4 Retransmitting Messages ..............................74
+ 5. Security Considerations .......................................74
+ 5.1 Determining whether to use digital signatures ..............74
+ 5.2 Symmetric and Asymmetric Cryptography ......................76
+ 5.3 Data Privacy ...............................................77
+
+
+
+Burdett Informational [Page 2]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 5.4 Payment Protocol Security ..................................77
+ 6. Digital Signatures and IOTP ...................................77
+ 6.1 How IOTP uses Digital Signatures ...........................77
+ 6.1.1 IOTP Signature Example ...............................80
+ 6.1.2 OriginatorInfo and RecipientInfo Elements ............82
+ 6.1.3 Using signatures to Prove Actions Complete
+ Successfully .........................................83
+ 6.2 Checking a Signature is Correctly Calculated ...............84
+ 6.3 Checking a Payment or Delivery can occur ...................85
+ 6.3.1 Check Request Block sent Correct Organisation ........86
+ 6.3.2 Check Correct Components present in Request Block ....91
+ 6.3.3 Check an Action is Authorised ........................91
+ 7. Trading Components ............................................93
+ 7.1 Protocol Options Component .................................96
+ 7.2 Authentication Request Component ...........................97
+ 7.3 Authentication Response Component ..........................98
+ 7.4 Trading Role Information Request Component .................99
+ 7.5 Order Component ...........................................100
+ 7.5.1 Order Description Content ...........................101
+ 7.5.2 OkFrom and OkTo Timestamps ..........................101
+ 7.6 Organisation Component ....................................102
+ 7.6.1 Organisation IDs ....................................104
+ 7.6.2 Trading Role Element ................................105
+ 7.6.3 Contact Information Element .........................108
+ 7.6.4 Person Name Element .................................109
+ 7.6.5 Postal Address Element ..............................110
+ 7.7 Brand List Component ......................................111
+ 7.7.1 Brand Element .......................................113
+ 7.7.2 Protocol Brand Element ..............................115
+ 7.7.3 Protocol Amount Element .............................116
+ 7.7.4 Currency Amount Element .............................117
+ 7.7.5 Pay Protocol Element ................................118
+ 7.8 Brand Selection Component .................................120
+ 7.8.1 Brand Selection Brand Info Element ..................122
+ 7.8.2 Brand Selection Protocol Amount Info Element ........122
+ 7.8.3 Brand Selection Currency Amount Info Element ........123
+ 7.9 Payment Component .........................................123
+ 7.10 Payment Scheme Component ..................................125
+ 7.11 Payment Receipt Component .................................126
+ 7.12 Payment Note Component ....................................128
+ 7.13 Delivery Component ........................................129
+ 7.13.1 Delivery Data Element ...............................130
+ 7.14 Consumer Delivery Data Component ..........................132
+ 7.15 Delivery Note Component ...................................133
+ 7.16 Status Component ..........................................134
+ 7.16.1 Offer Completion Codes ..............................137
+ 7.16.2 Payment Completion Codes ............................138
+ 7.16.3 Delivery Completion Codes ...........................140
+
+
+
+Burdett Informational [Page 3]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 7.16.4 Authentication Completion Codes .....................142
+ 7.16.5 Undefined Completion Codes ..........................144
+ 7.16.6 Transaction Inquiry Completion Codes ................144
+ 7.17 Trading Role Data Component ...............................144
+ 7.17.1 Who Receives a Trading Role Data Component ..........145
+ 7.18 Inquiry Type Component ....................................146
+ 7.19 Signature Component .......................................147
+ 7.19.1 IOTP usage of signature elements and attributes .....148
+ 7.19.2 Offer Response Signature Component ..................150
+ 7.19.3 Payment Receipt Signature Component .................151
+ 7.19.4 Delivery Response Signature Component ...............152
+ 7.19.5 Authentication Request Signature Component ..........152
+ 7.19.6 Authentication Response Signature Component .........153
+ 7.19.7 Inquiry Request Signature Component .................153
+ 7.19.8 Inquiry Response Signature Component ................153
+ 7.19.9 Ping Request Signature Component ....................153
+ 7.19.10 Ping Response Signature Component...................154
+ 7.20 Certificate Component .....................................154
+ 7.20.1 IOTP usage of signature elements and attributes .....154
+ 7.21 Error Component ...........................................154
+ 7.21.1 Error Processing Guidelines .........................157
+ 7.21.2 Error Codes .........................................158
+ 7.21.3 Error Location Element ..............................162
+ 8. Trading Blocks ...............................................163
+ 8.1 Trading Protocol Options Block ............................166
+ 8.2 TPO Selection Block .......................................167
+ 8.3 Offer Response Block ......................................168
+ 8.4 Authentication Request Block ..............................169
+ 8.5 Authentication Response Block .............................170
+ 8.6 Authentication Status Block ...............................171
+ 8.7 Payment Request Block .....................................171
+ 8.8 Payment Exchange Block ....................................173
+ 8.9 Payment Response Block ....................................173
+ 8.10 Delivery Request Block ....................................175
+ 8.11 Delivery Response Block ...................................176
+ 8.12 Inquiry Request Trading Block .............................177
+ 8.13 Inquiry Response Trading Block ............................177
+ 8.14 Ping Request Block ........................................179
+ 8.15 Ping Response Block .......................................179
+ 8.16 Signature Block ...........................................181
+ 8.16.1 Signature Block with Offer Response .................182
+ 8.16.2 Signature Block with Payment Request ................182
+ 8.16.3 Signature Block with Payment Response ...............182
+ 8.16.4 Signature Block with Delivery Request ...............182
+ 8.16.5 Signature Block with Delivery Response ..............182
+ 8.17 Error Block ...............................................183
+ 8.18 Cancel Block ..............................................184
+ 9. Internet Open Trading Protocol Transactions ..................184
+
+
+
+Burdett Informational [Page 4]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 9.1 Authentication and Payment Related IOTP Transactions ......185
+ 9.1.1 Authentication Document Exchange ....................188
+ 9.1.2 Offer Document Exchange .............................194
+ 9.1.3 Payment Document Exchange ...........................203
+ 9.1.4 Delivery Document Exchange ..........................209
+ 9.1.5 Payment and Delivery Document Exchange ..............212
+ 9.1.6 Baseline Authentication IOTP Transaction ............216
+ 9.1.7 Baseline Deposit IOTP Transaction ...................218
+ 9.1.8 Baseline Purchase IOTP Transaction ..................220
+ 9.1.9 Baseline Refund IOTP Transaction ....................222
+ 9.1.10 Baseline Withdrawal IOTP Transaction ................224
+ 9.1.11 Baseline Value Exchange IOTP Transaction ............226
+ 9.1.12 Valid Combinations of Document Exchanges ............230
+ 9.1.13 Combining Authentication Transactions with other
+ Transactions ........................................234
+ 9.2 Infrastructure Transactions ...............................235
+ 9.2.1 Baseline Transaction Status Inquiry IOTP Transaction 235
+ 9.2.2 Baseline Ping IOTP Transaction ......................241
+ 10. Retrieving Logos .............................................244
+ 10.1 Logo Size .................................................245
+ 10.2 Logo Color Depth ..........................................245
+ 10.3 Logo Net Location Examples ................................246
+ 11. Brands .......................................................246
+ 11.1 Brand Definitions and Brand Selection .....................246
+ 11.1.1 Definition of Payment Instrument ....................247
+ 11.1.2 Definition of Brand .................................247
+ 11.1.3 Definition of Dual Brand ............................248
+ 11.1.4 Definition of Promotional Brand .....................248
+ 11.1.5 Identifying Promotional Brands ......................249
+ 11.2 Brand List Examples .......................................251
+ 11.2.1 Simple Credit Card Based Example ....................252
+ 11.2.2 Credit Card Brand List Including Promotional Brands..253
+ 11.2.3 Brand Selection Example .............................254
+ 11.2.4 Complex Electronic Cash Based Brand List ............255
+ 12. IANA Considerations ..........................................257
+ 12.1 Codes Controlled by IANA ..................................257
+ 12.2 Codes not controlled by IANA ..............................263
+ 13. Internet Open Trading Protocol Data Type Definition ..........263
+ 14. Glossary .....................................................277
+ 15. References ...................................................284
+ 16. Author's Address .............................................287
+ 17. Full Copyright Statement .....................................290
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 5]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+Table of Figures
+
+ Figure 1 IOTP Trading Roles 16
+ Figure 2 Offer Exchange 19
+ Figure 3 Payment Exchange 22
+ Figure 4 Delivery Exchange 25
+ Figure 5 Authentication Exchange 27
+ Figure 6 IOTP Message Structure 33
+ Figure 7 An IOTP Transaction 34
+ Figure 8 Example use of ID attributes 46
+ Figure 9 Element References 48
+ Figure 10 Signature Digests 79
+ Figure 11 Example use of Signatures for Baseline Purchase 81
+ Figure 12 Checking a Payment Handler can carry out a Payment 87
+ Figure 13 Checking a Delivery Handler can carry out a Delivery 90
+ Figure 14 Trading Components 94
+ Figure 15 Brand List Element Relationships 113
+ Figure 16 Trading Blocks 164
+ Figure 17 Payment and Authentication Message Flow Combinations 187
+ Figure 18 Authentication Document Exchange 190
+ Figure 19 Brand Dependent Offer Document Exchange 196
+ Figure 20 Brand Independent Offer Exchange 198
+ Figure 21 Payment Document Exchange 204
+ Figure 22 Delivery Document Exchange 210
+ Figure 23 Payment and Delivery Document Exchange 214
+ Figure 24 Baseline Authentication IOTP Transaction 217
+ Figure 25 Baseline Deposit IOTP Transaction 219
+ Figure 26 Baseline Purchase IOTP Transaction 221
+ Figure 27 Baseline Refund IOTP Transaction 223
+ Figure 28 Baseline Withdrawal IOTP Transaction 225
+ Figure 29 Baseline Value Exchange IOTP Transaction 228
+ Figure 30 Baseline Value Exchange Signatures 230
+ Figure 31 Valid Combinations of Document Exchanges 231
+ Figure 32 Baseline Transaction Status Inquiry 238
+ Figure 33 Baseline Ping Messages 242
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 6]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+1. Background
+
+ The Internet Open Trading Protocol (IOTP) provides an interoperable
+ framework for Internet commerce. It is payment system independent and
+ encapsulates payment systems such as SET, Mondex, CyberCash,
+ DigiCash, GeldKarte, etc. IOTP is able to handle cases where such
+ merchant roles as the shopping site, the Payment Handler, the
+ Delivery Handler of goods or services, and the provider of customer
+ support are performed by different parties or by one party.
+
+ The developers of IOTP seek to provide a virtual capability that
+ safely replicates the real world, the paper based, traditional,
+ understood, accepted methods of trading, buying, selling, value
+ exchanging that has existed for many hundreds of years. The
+ negotiation of who will be the parties to the trade, how it will be
+ conducted, the presentment of an offer, the method of payment, the
+ provision of a payment receipt, the delivery of goods and the receipt
+ of goods. These are events that are taken for granted in the course
+ of real world trade. IOTP has been produced to provide the same for
+ the virtual world, and to prepare and provide for the introduction of
+ new models of trading made possible by the expanding presence of the
+ virtual world.
+
+ The other fundamental ideal of the IOTP effort is to produce a
+ definition of these trading events in such a way that no matter where
+ produced, two unfamiliar parties using electronic commerce
+ capabilities to buy and sell that conform to the IOTP specifications
+ will be able to complete the business safely and successfully.
+
+ In summary, IOTP supports:
+
+ o Familiar trading models
+
+ o New trading models
+
+ o Global interoperability
+
+ The remainder of this section provides background to why IOTP was
+ developed. The specification itself starts in the next chapter.
+
+1.1 Commerce on the Internet, a Different Model
+
+ The growth of the Internet and the advent of electronic commerce are
+ bringing about enormous changes around the world in society, politics
+ and government, and in business. The ways in which trading partners
+ communicate, conduct commerce, are governed have been enriched and
+ changed forever.
+
+
+
+
+Burdett Informational [Page 7]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ One of the very fundamental changes about which IOTP is concerned is
+ taking place in the way consumers and merchants trade.
+ Characteristics of trading that have changed markedly include:
+
+ o Presence: Face-to-face transactions become the exception, not the
+ rule. Already with the rise of mail order and telephone order
+ placement this change has been felt in western commerce.
+ Electronic commerce over the Internet will further expand the
+ scope and volume of transactions conducted without ever seeing the
+ people who are a part of the enterprise with whom one does
+ business.
+
+ o Authentication: An important part of personal presence is the
+ ability of the parties to use familiar objects and dialogue to
+ confirm they are who they claim to be. The seller displays one or
+ several well known financial logos that declaim his ability to
+ accept widely used credit and debit instruments in the payment
+ part of a purchase. The buyer brings government or financial
+ institution identification that assures the seller she will be
+ paid. People use intangibles such as personal appearance and
+ conduct, location of the store, apparent quality and familiarity
+ with brands of merchandise, and a good clear look in the eye to
+ reinforce formal means of authentication.
+
+ o Payment Instruments: Despite the enormous size of bank card
+ financial payments associations and their members, most of the
+ world's trade still takes place using the coin of the realm or
+ barter. The present infrastructure of the payments business cannot
+ economically support low value transactions and could not survive
+ under the consequent volumes of transactions if it did accept low
+ value transactions.
+
+ o Transaction Values: New meaning for low value transactions arises
+ in the Internet where sellers may wish to offer for example, pages
+ of information for fractions of currency that do not exist in the
+ real world.
+
+ o Delivery: New modes of delivery must be accommodated such as
+ direct electronic delivery. The means by which receipt is
+ confirmed and the execution of payment change dramatically where
+ the goods or services have extremely low delivery cost but may in
+ fact have very high value. Or, maybe the value is not high, but
+ once delivery occurs the value is irretrievably delivered so
+ payment must be final and non-refundable but delivery nonetheless
+ must still be confirmed before payment. Incremental delivery such
+ as listening or viewing time or playing time are other models that
+ operate somewhat differently in the virtual world.
+
+
+
+
+Burdett Informational [Page 8]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+1.2 Benefits of IOTP
+
+ ELECTRONIC COMMERCE SOFTWARE VENDORS
+
+ Electronic Commerce Software Vendors will be able to develop e-
+ commerce products which are more attractive as they will inter-
+ operate with any other vendors' software. However, since IOTP focuses
+ on how these solutions communicate, there is still plenty of
+ opportunity for product differentiation.
+
+ PAYMENT BRANDS
+
+ IOTP provides a standard framework for encapsulating payment
+ protocols. This means that it is easier for payment products to be
+ incorporated into IOTP solutions. As a result the payment brands will
+ be more widely distributed and available on a wider variety of
+ platforms.
+
+ MERCHANTS
+
+ There are several benefits for Merchants:
+
+ o they will be able to offer a wider variety of payment brands,
+
+ o they can be more certain that the customer will have the software
+ needed to complete the purchase
+
+ o through receiving payment and delivery receipts from their
+ customers, they will be able to provide customer care knowing that
+ they are dealing with the individual or organisation with which
+ they originally traded
+
+ o new merchants will be able to enter this new (Internet) market-
+ place with new products and services, using the new trading
+ opportunities which IOTP presents
+
+ BANKS AND FINANCIAL INSTITUTIONS
+
+ There are also several benefits for Banks and Financial Institutions:
+
+ o they will be able to provide IOTP support for merchants
+
+ o they will find new opportunities for IOTP related services:
+
+ - providing customer care for merchants
+ - fees from processing new payments and deposits
+
+
+
+
+
+Burdett Informational [Page 9]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o they have an opportunity to build relationships with new types of
+ merchants
+
+ CUSTOMERS
+
+ For Customers there are several benefits:
+
+ o they will have a larger selection of merchants with whom they can
+ trade
+
+ o there is a more consistent interface when making the purchase
+
+ o there are ways in which they can get their problems fixed through
+ the merchant (rather than the bank!)
+
+ o there is a record of their transaction which can be used, for
+ example, to feed into accounting systems or, potentially, to
+ present to the tax authorities
+
+1.3 Baseline IOTP
+
+ This specification is Baseline IOTP. It is a Baseline in that it
+ contains ways of doing trades on the Internet which are the most
+ common, for example purchases and refunds.
+
+ The group that has worked on the IOTP see an extended version being
+ developed over time but feel a need to focus on a limited function
+ but completely usable specification in order that implementers can
+ develop solutions that work now.
+
+ During this period it is anticipated that there will be no changes to
+ the scope of this specification with the only changes made being
+ limited to corrections where problems are found. Software solutions
+ have been developed based on earlier versions of this specification
+ (for example version 0.9 published in early 1998 and earlier
+ revisions of version 1.0 published during 1999) which prove that the
+ IOTP works.
+
+1.4 Objectives of Document
+
+ The objectives of this document are to provide a specification of
+ version 1.0 of the Internet Open Trading Protocols which can be used
+ to design and implement systems which support electronic trading on
+ the Internet using the Internet Open Trading Protocols.
+
+
+
+
+
+
+
+Burdett Informational [Page 10]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The purpose of the document is:
+
+ o to allow potential developers of products based on the protocol to
+ develop software/hardware solutions which use the protocol
+
+ o to allow the financial services industry to understand a
+ developing electronic commerce trading protocol that encapsulates
+ (without modification) any of the current or developing payment
+ schemes now being used or considered by their merchant customer
+ base
+
+1.5 Scope of Document
+
+ The protocol describes the content, format and sequences of messages
+ that pass among the participants in an electronic trade - consumers,
+ merchants and banks or other financial institutions, and customer
+ care providers. These are required to support the electronic
+ commerce transactions outlined in the objectives above.
+
+ The protocol is designed to be applicable to any electronic payment
+ scheme since it targets the complete purchase process where the
+ movement of electronic value from the payer to the payee is only one,
+ but important, step of many that may be involved to complete the
+ trade.
+
+ Payment Scheme which IOTP could support include MasterCard Credit,
+ Visa Credit, Mondex Cash, Visa Cash, GeldKarte, eCash, CyberCoin,
+ Millicent, Proton, etc.
+
+ Each payment scheme contains some message flows which are specific to
+ that scheme. These scheme-specific parts of the protocol are
+ contained in a set of payment scheme supplements to this
+ specification.
+
+ The document does not prescribe the software and processes that will
+ need to be implemented by each participant. It does describe the
+ framework necessary for trading to take place.
+
+ This document also does not address any legal or regulatory issues
+ surrounding the implementation of the protocol or the information
+ systems which use them.
+
+1.6 Document Structure
+
+ The document consists of the following sections:
+
+ o Section 1 - Background: This section gives a brief background on
+ electronic commerce and the benefits IOTP offers.
+
+
+
+Burdett Informational [Page 11]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Section 2 - Introduction: This section describes the various
+ Trading Exchanges and shows how these trading exchanges are used
+ to construct the IOTP Transactions. This section also explains
+ various Trading Roles that would participate in electronic trade.
+
+ o Section 3 - Protocol Structure: This section summarises how
+ various IOTP transactions are constructed using the Trading Blocks
+ and Trading Components that are the fundamental building blocks
+ for IOTP transactions. All IOTP transaction messages are well
+ formed XML documents.
+
+ o Section 4 - IOTP Error Handling: This section describes how to
+ process exceptions and errors during the protocol message exchange
+ and trading exchange processing. This section provides a generic
+ overview of the exception handling. This section should be read
+ carefully.
+
+ o Section 5 - Security Considerations: This section considers from
+ an IETF perspective, how IOTP addresses security. It includes: how
+ to determine whether to use digital signatures with IOTP, how IOTP
+ address data privacy, and how security built into payment
+ protocols relate to IOTP security.
+
+ o Section 6 - Digital Signatures and IOTP: This section provides an
+ overview of how IOTP uses digital signatures; how to check a
+ signature is correctly calculated and how the various Trading
+ Roles that participate in trade should check signatures when
+ required.
+
+ o Section 7 - Trading Components: This section defines the XML
+ elements required by Trading Components.
+
+ o Section 8 - Trading Blocks: This section describes how Trading
+ Blocks are constructed from Trading Components.
+
+ o Section 9 - Internet Open Trading Protocol Transactions: This
+ section describes all the IOTP Baseline transactions. It refers to
+ Trading Blocks and Trading Components and Signatures. This section
+ doesn't directly link error handling during the protocol
+ exchanges, the reader is advised to understand Error Handling as
+ defined in section before reading this section.
+
+ o Section 10 - Retrieving Logos: This section describes how IOTP
+ specific logos can be retrieved.
+
+
+
+
+
+
+
+Burdett Informational [Page 12]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Section 11 - Brands: This section provides: an overview of Brand
+ Definitions and Brand Selection which describe how a Consumer can
+ select a Brand from a list provided by the Merchant; as well as
+ some examples of Brand Lists.
+
+ o Section 12 - IANA Considerations: This section describes how new
+ values for codes used by IOTP are co-ordinated.
+
+ o Section 13 - Internet Open Trading Protocol Data Type Definition:
+ This section contains the XML Data Type Definitions for IOTP.
+
+ o Section 14 - Glossary. This describes all the major terminology
+ used by IOTP.
+
+ o Section 15 - A list of the other documents referenced by the IOTP
+ specification.
+
+ o Section 16 - The Author's Address
+
+ o Section 17 - Full Copyright Statement
+
+1.7 Intended Readership
+
+ Software and hardware developers; development analysts; business and
+ technical planners; industry analysts; merchants; bank and other
+ payment handlers; owners, custodians, and users of payment protocols.
+
+1.7.1 Reading Guidelines
+
+ This IOTP specification is structured primarily in a sequence
+ targeted at people who want to understand the principles of IOTP.
+ However from practical implementation experience by implementers of
+ earlier of versions of the protocol new readers who plan to implement
+ IOTP may prefer to read the document in a different sequence as
+ described below.
+
+ Review the transport independent parts of the specification. This
+ covers:
+
+ o Section 14 - Glossary
+
+ o Section 1 - Background
+
+ o Section 2 - Introduction
+
+ o Section 3 - Protocol Structure
+
+ o Section 4 - IOTP Error Handling
+
+
+
+Burdett Informational [Page 13]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Section 5 - Security Considerations
+
+ o Section 9 - Internet Open Trading Protocol Transactions
+
+ o Section 11 - Brands
+
+ o Section 12 - IANA Considerations
+
+ o Section 10 - Retrieving Logos
+
+ Review the detailed XML definitions:
+
+ o Section 8 - Trading Blocks
+
+ o Section 7 - Trading Components
+
+ o Section 6 - Digital Signatures and IOTP
+
+2. Introduction
+
+ The Internet Open Trading Protocols (IOTP) define a number of
+ different types of IOTP Transactions:
+
+ o Purchase. This supports a purchase involving an offer, a payment
+ and optionally a delivery
+
+ o Refund. This supports the refund of a payment as a result of,
+ typically, an earlier purchase
+
+ o Value Exchange. This involves two payments which result in the
+ exchange of value from one combination of currency and payment
+ method to another
+
+ o Authentication. This supports one organisation or individual to
+ check that another organisation or individual are who they appear
+ to be.
+
+ o Withdrawal. This supports the withdrawal of electronic cash from a
+ financial institution
+
+ o Deposit. This supports the deposit of electronic cash at a
+ financial institution
+
+ o Inquiry. This supports inquiries on the status of an IOTP
+ transaction which is either in progress or is complete
+
+
+
+
+
+
+Burdett Informational [Page 14]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Ping. This supports a simple query which enables one IOTP aware
+ application to determine whether another IOTP application running
+ elsewhere is working or not.
+
+ These IOTP Transactions are "Baseline" transactions since they have
+ been identified as a minimum useful set of transactions. Later
+ versions of IOTP may include additional types of transactions.
+
+ Each of the IOTP Transactions above involve:
+
+ o a number of organisations playing a Trading Role, and
+
+ o a set of Trading Exchanges. Each Trading Exchange involves the
+ exchange of data, between Trading Roles, in the form of a set of
+ Trading Components.
+
+ Trading Roles, Trading Exchanges and Trading Components are described
+ below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 15]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+2.1 Trading Roles
+
+ The Trading Roles identify the different parts which organisations
+ can take in a trade. The five Trading Roles used within IOTP are
+ illustrated in the diagram below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ Merchant Customer Care Provider resolves ----------
+ ---------------------------------------------->| Merchant |
+ | Consumer disputes and problems |Cust.Care.|
+ | | Provider |
+ | ----------
+ |
+ Payment Handler accepts or makes ----------
+ | ------------------------------------------>| Payment |
+ | | Payment for Merchant | Handler |
+ | | ----------
+ v v
+ ---------- Consumer makes purchases or obtains ----------
+ | Consumer |<--------------------------------------->| Merchant |
+ ---------- refund from Merchant ----------
+ ^
+ | Delivery Handler supplies goods or ----------
+ |---------------------------------------------->|Deliverer |
+ services for Merchant | Handler |
+ ----------
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 1 IOTP Trading Roles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 16]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The roles are:
+
+ o Consumer. The person or organisation which is to receive and pay
+ for the goods or services
+
+ o Merchant. The person or organisation from whom the purchase is
+ being made and who is legally responsible for providing the goods
+ or services and receives the benefit of the payment made
+
+ o Payment Handler. The entity that physically receives the payment
+ from the Consumer on behalf of the Merchant
+
+ o Delivery Handler. The entity that physically delivers the goods or
+ services to the Consumer on behalf of the Merchant.
+
+ o Merchant Customer Care Provider. The entity that is involved with
+ customer dispute negotiation and resolution on behalf of the
+ Merchant
+
+ Roles may be carried out by the same organisation or different
+ organisations. For example:
+
+ o in the simplest case one physical organisation (e.g., a merchant)
+ could handle the purchase, accept the payment, deliver the goods
+ and provide merchant customer care
+
+ o at the other extreme, a merchant could handle the purchase but
+ instruct the consumer to pay a bank or financial institution,
+ request that delivery be made by an overnight courier firm and to
+ contact an organisation which provides 24x7 service if problems
+ arise.
+
+ Note that in this specification, unless stated to the contrary, when
+ the words Consumer, Merchant, Payment Handler, Delivery Handler or
+ Customer Care Provider are used, they refer to the Trading Role
+ rather than an actual organisation.
+
+ An individual organisation may take multiple roles. For example a
+ company which is selling goods and services on the Internet could
+ take the role of Merchant when selling goods or services and the role
+ of Consumer when the company is buying goods or services itself.
+
+ As roles occur in different places there is a need for the
+ organisations involved in the trade to exchange data, i.e. to carry
+ out Trading Exchanges, so that the trade can be completed.
+
+
+
+
+
+
+Burdett Informational [Page 17]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+2.2 Trading Exchanges
+
+ The Internet Open Trading Protocols identify four Trading Exchanges
+ which involve the exchange of data between the Trading Roles. The
+ Trading Exchanges are:
+
+ o Offer. The Offer Exchange results in the Merchant providing the
+ Consumer with the reason why the trade is taking place. It is
+ called an Offer since the Consumer must accept the Offer if a
+ trade is to continue
+
+ o Payment. The Payment Exchange results in a payment of some kind
+ between the Consumer and the Payment Handler. This may occur in
+ either direction
+
+ o Delivery. The Delivery Exchange transmits either the on-line
+ goods, or delivery information about physical goods from the
+ Delivery Handler to the Consumer, and
+
+ o Authentication. The Authentication Exchange can be used by any
+ Trading Role to authenticate another Trading Role to check that
+ they are who they appear to be.
+
+ IOTP Transactions are composed of various combinations of these
+ Trading Exchanges. For example, an IOTP Purchase transaction
+ includes Offer, Payment, and Delivery Trading Exchanges. As another
+ example, an IOTP Value Exchange transaction is composed of an Offer
+ Trading Exchange and two Payment Trading Exchanges.
+
+ Trading Exchanges consist of Trading Components that are transmitted
+ between the various Trading Roles. Where possible, the number of
+ round-trip delays in an IOTP Transaction is minimised by packing the
+ Components from several Trading Exchanges into combination IOTP
+ Messages. For example, the IOTP Purchase transaction combines a
+ Delivery Organisation Component with an Offer Response Component in
+ order to avoid an extra Consumer request and response.
+
+ Each of the IOTP Trading Exchanges is described in more detail below.
+ For clarity of description, these describe the Trading Exchanges as
+ though they were standalone operations. For performance reasons, the
+ Trading Exchanges are intermingled in the actual IOTP Transaction
+ definitions.
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 18]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+2.2.1 Offer Exchange
+
+ The goal of the Offer Exchange is for the Merchant to provide the
+ Consumer with information about the trade so that the Consumer can
+ decide whether to continue with the trade. This is illustrated in the
+ figure below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Merchant
+STEP | |
+ 1. Consumer decides to trade and sends information about the
+ transaction (requests an offer) to the Merchant e.g.,
+ using HTML.
+
+ C --> M Data: Information on what is being purchased (Offer Request)
+ - outside scope of IOTP
+
+ 2. Merchant checks the information provided by the Consumer,
+ creates an Offer optionally signs it and sends it to the
+ Consumer.
+
+ C <-- M OFFER RESPONSE. Components: Status; Organisation(s)
+ (Consumer, DelivTo, Merchant, Payment Handler, Customer
+ Care); Order; Payment; Delivery; TradingRoleData (optional)
+ Offer Response Signature (optional) that signs other
+ components
+
+ 3. Consumer checks the information from the Merchant and
+ decides whether to continue.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 2 Offer Exchange
+
+ An Offer Exchange uses the following Trading Components that are
+ passed between the Consumer and the Merchant:
+
+ o the Status component is used to indicate to other parties that a
+ valid Offer Response has been generated
+
+ o the Organisation Component contains information which describes
+ the Organisations which are taking a role in the trade:
+
+ - the consumer provides information, about who the consumer is
+ and, if goods or services are being delivered, where the goods
+ or services are to be delivered to
+
+
+
+
+Burdett Informational [Page 19]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - the merchant augments this information by providing information
+ about the merchant, the Payment Handler, the customer care
+ provider and, if goods or services are being delivered, the
+ Delivery Handler
+
+ o the Order Component contains descriptions of the goods or services
+ which will result from the trade if the consumer agrees to the
+ offer. This information is sent by the Merchant to the consumer
+ who should verify it
+
+ o the Payment Component generated by the Merchant, contains details
+ of how much to pay, the currency and the payment direction, for
+ example the consumer could be asking for a refund. Note that there
+ may be more than one payment in a trade
+
+ o the Delivery Component, also generated by the Merchant, is used if
+ goods or services are being delivered. This contains information
+ about how delivery will occur, for example by post or using e-mail
+
+ o the Trading Role Data component contains data the Merchant wants
+ to forward to another Trading Role such as a Payment Handler or
+ Delivery Handler
+
+ o the "Offer Response" Signature Component, if present, digitally
+ signs all of the above components to ensure their integrity.
+
+ The exact content of the information provided by the Merchant to the
+ Consumer will vary depending on the type of IOTP Transaction. For
+ example:
+
+ o low value purchases may not need a signature
+
+ o the amount to be paid may vary depending on the payment brand and
+ payment protocol used
+
+ o some offers may not involve the delivery of any goods
+
+ o a value exchange will involve two payments
+
+ o a merchant may not offer customer care.
+
+ Information provided by the consumer to the merchant is provided
+ using a variety of methods, for example, it could be provided:
+
+ o using [HTML] pages as part of the "shopping experience" of the
+ consumer.
+
+
+
+
+
+Burdett Informational [Page 20]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Using the Open Profiling Standard [OPS] which has recently been
+ proposed,
+
+ o in the form of Organisation Components associated with an
+ authentication of a Consumer by a Merchant
+
+ o as Order Components in a later version of IOTP.
+
+2.2.2 Payment Exchange
+
+ The goal of the Payment Exchange is for a payment to be made from the
+ Consumer to a Payment Handler or vice versa using a payment brand and
+ payment protocol selected by the Consumer. A secondary goal is to
+ optionally provide the Consumer with a digitally signed Payment
+ Receipt which can be used to link the payment to the reason for the
+ payment as described in the Offer Exchange.
+
+ Payment Exchanges can work in a variety of ways. The most general
+ case where the trade is dependent on the payment brand and protocol
+ used is illustrated in the diagram below. Simpler payment exchanges
+ are possible.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer Pay Handler
+ | Merchant |
+STEP | | |
+ 1. Consumer decides to trade and sends information
+ about the transaction (requests an offer) to the
+ Merchant e.g., using HTML.
+
+ C --> M Information on what is being paid for (outside
+ scope of IOTP
+
+ 2. Merchant decides which payment brand, payment
+ protocols and currencies/amounts to offer,
+ places then in a Brand List Component and sends
+ them to the Consumer
+
+ C <-- M Components: Brand List
+
+ 3. Consumer selects the payment brand, protocol and
+ currency/amount to use, creates a Brand Selection
+ component and sends it to the Merchant
+
+ C --> M Component: Brand List Selection
+
+
+
+
+
+
+Burdett Informational [Page 21]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 4. Merchant checks Brand Selection, creates a Payment
+ Amount information, optionally signs it to
+ authorise payment and sends it to the Consumer
+
+ C <-- M Component: Payment; Organisation(s) (Merchant and
+ Payment Handler); Optional Offer Response Signature
+ that signs other components
+
+ 5. Consumer checks the Payment Amount information and
+ if OK requests that the payment starts by sending
+ information to the Payment Handler
+
+ C --------> P PAYMENT REQUEST. Components: Status, Payment;
+ Organisations (Merchant and Payment Handler);
+ Trading Role Data (optional); Optional Offer
+ Response Signature that signs other components;
+ Pay Scheme Data
+
+ 6. Payment Handler checks information including
+ optional signature and if OK starts exchanging Pay
+ Scheme Data components for selected payment brand
+ and payment protocol
+
+ C <-------> P PAYMENT EXCHANGE. Component: Pay Scheme Data
+
+ 7. Eventually payment protocol messages finish so
+ Payment Handler sends Pay Receipt and optional
+ signature to the Consumer as proof of payment
+
+ C <-------> P PAYMENT RESPONSE. Components: Status, Pay Receipt;
+ Payment Note; Trading Role Data (optional);
+ Optional Offer Response Signature; Optional
+ Payment Receipt Signature that binds the payment
+ to the Offer
+
+ 8. Consumer checks Payment Receipt is OK
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 3 Payment Exchange
+
+ A Payment Exchange uses the following Trading Components that are
+ passed between the Consumer, the Merchant and the Payment Handler:
+
+ o The Brand List Component contains a list of payment brands (for
+ example, MasterCard, Visa, Mondex, GeldKarte), payment protocols
+ (for example SET Version 1.0, Secure Channel Credit Debit (SCCD -
+ the name used for a credit or debit card payment where
+
+
+
+Burdett Informational [Page 22]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ unauthorised access to account information is prevented through
+ use of secure channel transport mechanisms such as SSL/TLS) as
+ well as currencies/amounts that apply. The Merchant sends the
+ Brand List to the Consumer. The consumer compares the payment
+ brands, protocols and currencies/amounts on offer with those that
+ the Consumer supports and makes a selection.
+
+ o The Brand Selection Component contains the Consumer's selection.
+ Payment brand, protocol, currency/amount and possibly protocol-
+ specific information is sent back to the Merchant. This
+ information may be used to change information in the Offer
+ Exchange. For example, a merchant could choose to offer a discount
+ to encourage the use of a store card.
+
+ o the Status component is used to indicate to the Payment Handler
+ that an earlier exchange (e.g., an Offer Exchange) has
+ successfully completed and by the Payment Handler to indicate the
+ completion status of the Payment Exchange.
+
+ o The Organisation Components are generated by the Merchant. They
+ contain details of the Merchant and Payment Handler Roles:
+
+ - the Merchant role is required so that the Payment Handler can
+ identify which Merchant initiated the payment. Typically, the
+ result of the Payment Handler accepting (or making) a payment
+ on behalf of the Merchant will be a credit or debit transaction
+ to the Merchant's account held by the Payment Handler. These
+ transactions are outside the scope of this version of IOTP
+
+ - the Payment Handler role is required so that the Payment
+ Handler can check that it is the correct Payment Handler to be
+ used for the payment
+
+ o The Payment Component contains details of how much to pay, the
+ currency and the payment direction
+
+ o The "Offer Response" Signature Component, if present, digitally
+ signs all of the above components to ensure their integrity. Note
+ that the Brand List and Brand Selection Components are not signed
+ until the payment information is created (step 4 in the diagram)
+
+ o the Trading Role Data component contains from other roles (e.g., a
+ Merchant) that needs to be forwarded to the Payment Handler
+
+ o The Payment Scheme Component contains messages from the payment
+ protocol used in the Trade. For example they could be SET
+ messages, Mondex messages, GeldKarte Messages or one of the other
+ payment methods supported by IOTP. The content of the Payment
+
+
+
+Burdett Informational [Page 23]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Scheme Component is defined in the supplements that describe how
+ IOTP works with various payment protocols.
+
+ o The Payment Receipt Component contains a record of the payment.
+ The content depends upon the payment protocol used.
+
+ o The "Payment Receipt" Signature Component provides proof of
+ payment by digitally signing both the Payment Receipt Component
+ and the Offer Response Signature. The signature on the offer
+ digitally signs the Order, Organisation and Delivery Components
+ contained in the Offer. This signature effectively binds the
+ payment to the offer.
+
+ The example of a Payment Exchange above is the most general case.
+ Simpler cases are also possible. For example, if the amount paid is
+ not dependent on the payment brand and protocol selected then the
+ payment information generated by step 3 can be sent to the Consumer
+ at the same time as the Brand List Component generated by step 1.
+ These and other variations are described in the Baseline Purchase
+ IOTP Transaction (see section 9.1.8).
+
+2.2.3 Delivery Exchange
+
+ The goal of the Delivery Exchange is to cause purchased goods to be
+ delivered to the consumer either online or via physical delivery. A
+ second goal is to provide a "delivery note" to the consumer,
+ providing details about the delivery, such as shipping tracking
+ number. The result of the delivery may also be signed so that it can
+ be used for customer care in the case of problems with physical
+ delivery. The message flow is illustrated in the diagram below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ CONSUMER DELIVERY
+ | HANDLER
+ | Merchant |
+STEP | | |
+ 1. Consumer decides to trade and sends information
+ about what to deliver and who is to take delivery,
+ to the Merchant e.g., using HTML.
+
+ C --> M Information on what is being delivered (outside
+ scope of IOTP)
+
+ 2. Merchant checks the information provided by the
+ Consumer, adds information about how the delivery
+ will occur, information about the Organisations
+ involved in the delivery and optionally sings it
+ and sends it to the Consumer
+
+
+
+Burdett Informational [Page 24]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ C <-- M Components: Delivery; Organisations (Delivery
+ Handler, Deliver To); Order, Optional Offer
+ Response Signature
+
+ 3. Consumer checks delivery information is OK,
+ obtains authorisation for the delivery, for
+ example by making a payment, and sends the
+ delivery information to the Delivery Handler
+
+ C --------> D DELIVERY REQUEST. Components: Status; Delivery,
+ Organisations: (Merchant, Delivery Handler,
+ DelivTo); Order, Trading Role Data (optional);
+ Optional Offer Response Signature, Optional
+ Payment Receipt Signature (from Payment Exchange)
+
+ 4. Delivery Handler checks information and
+ authorisation. Starts or schedules delivery and
+ creates and then sends a delivery not tot the
+ Consumer which can optionally be signed.
+
+ C <-------- D DELIVERY RESPONSE. Components: Status; Delivery
+ Note, Trading Role Data (optional); Optional
+ Delivery Response Signature
+
+ 5. Consumer checks delivery note is OK and accepts or
+ waits for delivery as described in the the Delivery
+ Note.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 4 Delivery Exchange
+
+A Delivery Exchange uses the following Trading Components that are
+passed between the Consumer, the Merchant and the Delivery Handler:
+
+ o the Status component is used to indicate to the Delivery Handler
+ that an earlier exchange (e.g., an Offer Exchange or Payment
+ Exchange) has successfully completed and by the Delivery Handler
+ to indicate the completion status of the Delivery Exchange.
+
+ o The Organisation Component(s) contain details of the Deliver To,
+ Delivery Handler and Merchant Roles:
+
+ - the Deliver To role indicates where the goods or services are
+ to be delivered to
+
+
+
+
+
+
+Burdett Informational [Page 25]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - the Delivery Handler role is required so that the Delivery
+ Handler can check that she is the correct Delivery Handler to
+ do the delivery
+
+ - the Merchant role is required so that the Delivery Handler can
+ identify which Merchant initiated the delivery
+
+ o The Order Component, contains information about the goods or
+ services to be delivered
+
+ o The Delivery Component contains information about how delivery
+ will occur, for example by post or using e-mail.
+
+ o The "Offer Response" Signature Component, if present, digitally
+ signs all of the above components to ensure their integrity.
+
+ o The "Payment Receipt" Signature Component provides proof of
+ payment by digitally signing the Payment Receipt Component and the
+ Offer Signature. This is used by the Delivery Handler to check
+ that delivery is authorised
+
+ o The Delivery Note Component contains customer care information
+ related to a physical delivery, or alternatively the actual
+ "electronic goods". The Consumer's software does not interpret
+ information about a physical delivery but should have the ability
+ to display the information, both at the time of the delivery and
+ later if the Consumer selects the Trade to which this delivery
+ relates from a transaction list
+
+ o The "Delivery Response" Signature Component, if present, provides
+ proof of the results of the Delivery by digitally signing the
+ Delivery Note and any Offer Response or Payment Response
+ signatures that the Delivery Handler received.
+
+2.2.4 Authentication Exchange
+
+ The goal of the Authentication Exchange is to allow one Organisation,
+ for example a financial institution, to be able to check that another
+ Organisation, for example a consumer, is who they appear to be.
+
+ An Authentication Exchange involves:
+
+ o an Authenticator - the Organisation which is requesting the
+ authentication, and
+
+ o an Authenticatee - the Organisation being authenticated.
+
+
+
+
+
+Burdett Informational [Page 26]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ This is illustrated in the diagram below.
+
+ +*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Organisation 1
+ (Authenticatee)
+ | Organisation 2
+ | (Authenticator)
+STEP | |
+ 1. First Organisation, e.g., a Consumer, takes an action (for
+ example by pressing a button on an HTML page) which
+ requires that the Organisation is authenticated
+
+ 1 --> 2 Need for Authentication (outside scope of IOTP)
+
+ 2. The second Organisation generates an Authentication
+ Request - including challenge data, and a list of the
+ algorithms that may be used for the authentication -
+ and/or a request for the Organisation information then
+ sends it to the first Organisation
+
+ 1 <-- 2 AUTHENTICATION REQUEST. Components: Authentication
+ Request, Trading Role Information Request
+
+ 3. The first Organisation optionally checks any signature
+ associated with the Authentication Request then uses the
+ specified authentication algorithm to generate an
+ Authentication Response which is sent back to the second
+ Organisation together with details of any Organisation
+ information requested
+
+ 1 --> 2 AUTHENTICATION RESPONSE. Component: Authentication
+ Response, Organisation(s)
+
+ 4. The Authentication Response is checked against the
+ challenge data to check that the first Organisation is
+ who they appear to be and the result recorded in a Status
+ Component which is then sent back to the first
+ Organisation.
+
+ 1 <-- 2 AUTHENTICATION STATUS. Component: Status
+
+ 5. The first Organisation then optionally checks the results
+ indicated by the Status and any associated signature and
+ takes the appropriate action or stops.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 5 Authentication Exchange
+
+
+
+Burdett Informational [Page 27]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ An Authentication Exchange uses the following Trading Components that
+ are passed between the two Organisations:
+
+ o the Authentication Request Component that requests an
+ Authentication and indicates the authentication algorithm and
+ optional challenge data to be used.
+
+ o A Trading Role Information Request Component that requests
+ information about an Organisation, for example a ship to address.
+
+ o The Authentication Response Component which contains the challenge
+ response generated by the recipient of the Authentication Request
+ Component.
+
+ o Organisation Components that contain the result of the Trading
+ Role Information Request
+
+ o the Status Component which contains the results of the second
+ party's verification of the Authentication Response.
+
+2.3 Scope of Baseline IOTP
+
+ This specification describes the IOTP Transactions which make up
+ Baseline IOTP. As described in the preface, IOTP will evolve over
+ time. This section defines the initial conformance criteria for
+ implementations that claim to "support IOTP."
+
+ The main determinant on the scope of an IOTP implementation is the
+ roles which the solution is designed to support. The roles within
+ IOTP are described in more detail in section 2.1 Trading Roles. To
+ summarise the roles are: Merchant, Consumer, Payment Handler,
+ Delivery Handler and Customer Care Provider.
+
+ Payment Handlers who can be of three types:
+
+ o those who accept a payment as part of a purchase or make a payment
+ as part of a refund,
+
+ o those who accept value as part of a deposit transaction, or
+
+ o those that issue value a withdrawal transaction
+
+ The following table defines, for each role, the IOTP Transactions and
+ Trading Blocks which must be supported for that role.
+
+
+
+
+
+
+
+Burdett Informational [Page 28]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Merchants
+
+ ECash ECash
+ Store Value Value Consumer Payment Delivery
+ Issuer Acquirer Handler Handler
+
+ TRANSACTIONS
+
+Purchase Must Must
+
+ Merchants
+
+ ECash ECash
+ Store Value Value Consumer Payment Delivery
+ Issuer Acquirer Handler Handler
+
+Refund Must b)
+ Depends
+
+Authentication May Must May b)
+ Depends
+
+Value Exchange May Must
+
+Withdrawal Must b)
+ Depends
+
+Deposit Must b)
+ Depends
+
+Inquiry Must Must Must May Must Must
+
+Ping Must Must Must May Must Must
+
+TRADING BLOCKS
+
+TPO Must Must Must Must
+
+TPO Selection Must Must Must Must
+
+Auth-Request a) a) a)
+ Depends Depends Depends
+
+Auth-Reply a) a) a)
+ Depends Depends Depends
+
+Offer Response Must Must Must Must
+
+
+
+
+Burdett Informational [Page 29]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+Payment Must Must
+Request
+
+Payment Must Must
+Exchange
+
+Payment Must Must
+Response
+
+Delivery Must Must
+Request
+
+Delivery Must Must
+Response
+
+ Merchants
+
+ ECash ECash
+ Store Value Value Consumer Payment Delivery
+ Issuer Acquirer Handler Handler
+
+Inquiry Must Must Must Must Must Must
+Request
+
+Inquiry Must Must Must Must Must Must
+Response
+
+Ping Request Must Must Must Must Must Must
+
+Ping Response Must Must Must Must Must Must
+
+Signature Must Must Must Limited Must Must
+
+Error Must Must Must Must Must Must
+
+ In the above table:
+
+ o "Must" means that a Trading Role must support the Transaction or
+ Trading Block.
+
+ o "May" means that an implementation may support the Transaction or
+ Trading Block at the option of the developer.
+
+ o "Depends" means implementation of the Transaction or Trading Block
+ depends on one of the following conditions:
+
+ - if Baseline Authentication IOTP Transaction is supported;
+
+
+
+
+Burdett Informational [Page 30]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - if required by a Payment Method as defined in its IOTP
+ Supplement document.
+
+ o "Limited" means the Trading Block must be understood and its
+ content manipulated but not in every respect. Specifically, on the
+ Signature Block, Consumers do not have to be able to validate
+ digital signatures.
+
+ An IOTP solution must support all the IOTP Transactions and Trading
+ Blocks required by at least one role (column) as described in the
+ above table for that solution to be described as "supporting IOTP".
+
+3. Protocol Structure
+
+ The previous section provided an introduction which explained:
+
+ o Trading Roles which are the different roles which Organisations
+ can take in a trade: Consumer, Merchant, Payment Handler, Delivery
+ Handler and Customer Care Provider, and
+
+ o Trading Exchanges where each Trading Exchange involves the
+ exchange of data, between Trading Roles, in the form of a set of
+ Trading Components.
+
+ This section describes:
+
+ o how Trading Components are constructed into Trading Blocks and the
+ IOTP Messages which are physically sent in the form of [XML]
+ documents between the different Trading Roles,
+
+ o how IOTP Messages are exchanged between Trading Roles to create an
+ IOTP Transaction
+
+ o the XML definitions of an IOTP Message including a Transaction
+ Reference Block - an XML element which identifies an IOTP
+ Transaction and the IOTP Message within it
+
+ o the definitions of the XML ID Attributes which are used to
+ identify IOTP Messages, Trading Blocks and Trading Components and
+ how these are referred to using Element References from other XML
+ elements
+
+ o how extra XML Elements and new user defined values for existing
+ IOTP codes can be used when Extending IOTP,
+
+ o how IOTP uses the Packaged Content Element to embed data such as
+ payment protocol messages or detailed order definitions within an
+ IOTP Message
+
+
+
+Burdett Informational [Page 31]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o how IOTP Identifies Languages so that different languages can be
+ used within IOTP Messages
+
+ o how IOTP handles both Secure and Insecure Net Locations when
+ sending messages
+
+ o how an IOTP Transaction can be cancelled.
+
+3.1 Overview
+
+3.1.1 IOTP Message Structure
+
+ The structure of an IOTP Message and its relationship with Trading
+ Blocks and Trading Components is illustrated in the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 32]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+IOTP MESSAGE <---------- IOTP Message - an XML Document which is
+ | transported between the Trading Roles
+ |-Trans Ref Block <----- Trans Ref Block - contains information which
+ | | describes the IOTP Transaction and the IOTP
+ | | Message.
+ | |-Trans Id Comp. <--- Transaction Id Component - uniquely
+ | | identifies the IOTP Transaction. The Trans Id
+ | | Components are the same across all IOTP
+ | | messages that comprise a single IOTP
+ | | transaction.
+ | |-Msg Id Comp. <----- Message Id Component - identifies and
+ | describes an IOTP Message within an IOTP
+ | Transaction
+ |-Signature Block <----- Signature Block (optional) - contains one or
+ | | more Signature Components and their
+ | | associated Certificates
+ | |-Signature Comp. <-- Signature Component - contains digital
+ | | signatures. Signatures may sign digests of
+ | | the Trans Ref Block and any Trading Component
+ | | in any IOTP Message in the same IOTP
+ | | transaction.
+ | |-Certificate Comp. < Certificate Component (Optional) Used to check
+ | the signature.
+ |-Trading Block <------- Trading Block - an XML Element within an IOTP
+ | |-Trading Comp. Message that contains a predefined set of
+ | |-Trading Comp. Trading Components
+ | |-Trading Comp.
+ | |-Trading Comp. <--- Trading Components - XML Elements within a
+ | Trading Block that contain a predefined set
+ |-Trading Block of XML elements and attributes containing
+ | |-Trading Comp. information required to support a Trading
+ | |-Trading Comp. Exchange
+ | |-Trading Comp.
+ | |-Trading Comp.
+ | |-Trading Comp.
+
+*-*-*-*-*-*--*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 6 IOTP Message Structure
+
+ The diagram also introduces the concept of a Transaction Reference
+ Block. This block contains, amongst other things, a globally unique
+ identifier for the IOTP Transaction. Also each block and component is
+ given an ID Attribute (see section 3.4) which is unique within an
+ IOTP Transaction. Therefore the combination of the ID attribute and
+
+
+
+
+Burdett Informational [Page 33]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the globally unique identifier in the Transaction Reference Block is
+ sufficient to uniquely identify any Trading Block or Trading
+ Component.
+
+3.1.2 IOTP Transactions
+
+ A predefined set of IOTP Messages exchanged between the Trading Roles
+ constitute an IOTP Transaction. This is illustrated in the diagram
+ below.
+
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+
+ CONSUMER MERCHANT
+ Generate first
+ IOTP Message
+ --- |
+ | | v
+ Process incoming | I | -------------
+ IOTP Message & <------------- | | ------------ | IOTP Message |
+generate next IOTP | | -------------
+ Message | N |
+ | | |
+ v | |
+ ------------- | T | Process incoming
+ | IOTP Message | -------------- | | -----------> IOTP Message &
+ ------------- | | generate next
+ | E | IOTP Message
+ | | |
+ | | v
+ Process incoming | R | -------------
+ IOTP Message <------------- | | ------------ | IOTP Message |
+generate last IOTP | | -------------
+ Message & stop | N |
+ | | |
+ v | |
+ ------------- | E | Process last
+ | IOTP Message | -------------- | | -------------> incoming IOTP
+ ------------- | | Message & stop
+ | | T | |
+ v | | v
+ STOP --- STOP
+
+*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
+
+ Figure 7 An IOTP Transaction
+
+
+
+
+
+Burdett Informational [Page 34]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ In the above diagram the Internet is shown as the transport
+ mechanism. This is not necessarily the case. IOTP Messages can be
+ transported using a variety of transport mechanisms.
+
+ The IOTP Transactions (see section 9) in this version of IOTP are
+ specifically:
+
+ o Purchase. This supports a purchase involving an offer, a payment
+ and optionally a delivery
+
+ o Refund. This supports the refund of a payment as a result of,
+ typically, an earlier purchase
+
+ o Value Exchange. This involves two payments which result in the
+ exchange of value from one combination of currency and payment
+ method to another
+
+ o Authentication. This supports the remote authentication of one
+ Trading Role by another Trading Role using a variety of
+ authentication algorithms, and the provision of an Organisation
+ Information about the Trading Role that is being authenticated for
+ use in, for example, the creation of an offer
+
+ o Withdrawal. This supports the withdrawal of electronic cash from a
+ financial institution
+
+ o Deposit. This supports the deposit of electronic cash at a
+ financial institution
+
+ o Inquiry This supports inquiries on the status of an IOTP
+ transaction which is either in progress or is complete
+
+ o Ping This supports a simple query which enables one IOTP aware
+ application to determine whether another IOTP application running
+ elsewhere is working or not.
+
+3.2 IOTP Message
+
+ As described earlier, IOTP Messages are [XML] documents which are
+ physically sent between the different Trading Roles that are taking
+ part in a trade.
+
+ The XML definition of an IOTP Message is as follows.
+
+ <!ELEMENT IotpMessage
+ ( TransRefBlk,
+ SigBlk?,
+ ErrorBlk?,
+
+
+
+Burdett Informational [Page 35]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ( AuthReqBlk |
+ AuthRespBlk |
+ AuthStatusBlk |
+ CancelBlk |
+ DeliveryReqBlk |
+ DeliveryRespBlk |
+ InquiryReqBlk |
+ InquiryRespBlk |
+ OfferRespBlk |
+ PayExchBlk |
+ PayReqBlk |
+ PayRespBlk |
+ PingReqBlk |
+ PingRespBlk |
+ TpoBlk |
+ TpoSelectionBlk
+ )*
+ ) >
+ <!ATTLIST IotpMessage
+ xmlns CDATA
+ 'iotp:ietf.org/iotp-v1.0'
+
+ Content:
+
+ TransRefBlk This contains information which describes an IOTP
+ Message within an IOTP Transaction (see section
+ 3.3 immediately below)
+
+ AuthReqBlk, These are the Trading Blocks.
+ AuthRespBlk,
+ DeliveryReqBlk, The Trading Blocks present within an IOTP Message,
+ DeliveryRespBlk and the content of a Trading Block itself is
+ ErrorBlk dependent on the type of IOTP Transaction being
+ InquiryReqBlk, carried out - see the definition of each
+ InquiryRespBlk, transaction in section 9 Internet Open Trading
+ OfferRespBlk, Protocol Transactions.
+ PayExchBlk,
+ PayReqBlk, Full definitions of each Trading Block are
+ PayRespBlk, described in section 8.
+ PingReqBlk,
+ PingRespBlk,
+ SigBlk,
+ TpoBlk,
+ TpoSelectionBlk
+
+ Attributes:
+
+ xmlns The [XML Namespace] definition for IOTP messages.
+
+
+
+Burdett Informational [Page 36]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+3.2.1 XML Document Prolog
+
+ The IOTP Message is the root element of the XML document. It
+ therefore needs to be preceded by an appropriate XML Document Prolog.
+ For example:
+
+ <?XML Version='1.0'?>
+ <!DOCTYPE IotpMessage >
+ <IotpMessage>
+ ...
+ </IotpMessage>
+
+3.3 Transaction Reference Block
+
+ A Transaction Reference Block contains information which identifies
+ the IOTP Transaction and IOTP Message. The Transaction Reference
+ Block contains:
+
+ o a Transaction Id Component which globally uniquely identifies the
+ IOTP Transaction. The Transaction Id Components are the same
+ across all IOTP messages that comprise a single IOTP transaction,
+
+ o a Message Id Component which provides control information about
+ the IOTP Message as well as uniquely identifying the IOTP Message
+ within an IOTP Transaction, and
+
+ o zero or more Related To Components which link this IOTP
+ Transaction to either other IOTP Transactions or other events
+ using the identifiers of those events.
+
+ The definition of a Transaction Reference Block is as follows:
+
+ <!ELEMENT TransRefBlk (TransId, MsgId, RelatedTo*) >
+ <!ATTLIST TransRefBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Transaction Reference Block within the IOTP
+ Transaction (see section 3.4 ID Attributes).
+
+ Content:
+
+ TransId See 3.3.1 Transaction Id Component immediately
+ below.
+
+ MsgId See 3.3.2 Message Id Component immediately below.
+
+
+
+Burdett Informational [Page 37]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ RelatedTo See 3.3.3 Related To Component immediately below.
+
+3.3.1 Transaction Id Component
+
+ This contains information which globally uniquely identifies the IOTP
+ Transaction. Its definition is as follows:
+
+ <!ELEMENT TransId EMPTY >
+ <!ATTLIST TransId
+ ID ID #REQUIRED
+ Version NMTOKEN #FIXED '1.0'
+ IotpTransId CDATA #REQUIRED
+ IotpTransType CDATA #REQUIRED
+ TransTimeStamp CDATA #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Transaction Id Component within the IOTP
+ Transaction.
+
+ Version This identifies the version of IOTP, and therefore
+ the structure of the IOTP Messages, which the IOTP
+ Transaction is using.
+
+ IotpTransId Contains data which uniquely identifies the IOTP
+ Transaction. It must conform to the rules for
+ Message Ids in [RFC 822].
+
+ IotpTransTyp This is the type of IOTP Transaction being carried
+ out. For Baseline IOTP it identifies a "standard"
+ IOTP Transaction and implies the sequence and
+ content of the IOTP Messages exchanged between the
+ Trading Roles. The valid values for Baseline IOTP
+ are:
+ o BaselineAuthentication
+ o BaselineDeposit
+ o BaselinePurchase
+ o BaselineRefund
+ o BaselineWithdrawal
+ o BaselineValueExchange
+ o BaselineInquiry
+ o BaselinePing
+
+ Values of IotpTransType are managed under the
+ procedure described in section 12 IANA
+ Considerations which also allows user defined
+ values of IotpTransType to be defined.
+
+
+
+Burdett Informational [Page 38]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ In later versions of IOTP, this list will be
+ extended to support different types of standard
+ IOTP Transaction. It is also likely to support the
+ type Dynamic which indicates that the sequence of
+ steps within the transaction are non-standard.
+
+ TransTimeStamp Where the system initiating the IOTP Transaction
+ has an internal clock, it is set to the time at
+ which the IOTP Transaction started in [UTC]
+ format.
+
+ The main purpose of this attribute is to provide
+ an alternative way of identifying a transaction by
+ specifying the time at which it started.
+
+ Some systems, for example, hand held devices may
+ not be able to generate a time stamp. In this
+ case this attribute should contain the value "NA"
+ for Not Available.
+
+3.3.2 Message Id Component
+
+ The Message Id Component provides control information about the IOTP
+ Message as well as uniquely identifying the IOTP Message within an
+ IOTP Transaction. Its definition is as follows.
+
+ <!ELEMENT MsgId EMPTY >
+ <!ATTLIST MsgId
+ ID ID #REQUIRED
+ RespIotpMsg NMTOKEN #IMPLIED
+ xml:lang NMTOKEN #REQUIRED
+ LangPrefList NMTOKENS #IMPLIED
+ CharSetPrefList NMTOKENS #IMPLIED
+ SenderTradingRoleRef NMTOKEN #IMPLIED
+ SoftwareId CDATA #REQUIRED
+ TimeStamp CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ IOTP Message within the IOTP Transaction (see
+ section 3.4 ID Attributes). Note that if an
+ IOTP Message is resent then the value of this
+ attribute remains the same.
+
+ RespIotpMsg This contains the ID attribute of the Message
+ Id Component of the IOTP Message to which this
+ IOTP Message is a response. In this way all
+
+
+
+Burdett Informational [Page 39]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the IOTP Messages in an IOTP Transaction are
+ unambiguously linked together. This field is
+ required on every IOTP Message except the
+ first IOTP Message in an IOTP Transaction.
+
+ SenderTradingRoleRef The Element Reference (see section 3.5) of the
+ Trading Role which has generated the IOTP
+ message. It is used to identify the Net
+ Locations (see section 3.9) of the Trading
+ Role to which problems Technical Errors (see
+ section 4.1) with any of Trading Blocks should
+ be reported.
+
+ Xml:lang Defines the language used by attributes or
+ child elements within this component, unless
+ overridden by an xml:lang attribute on a child
+ element. See section 3.8 Identifying
+ Languages.
+
+ LangPrefList Optional list of Language codes that conform
+ to [XML] Language Identification. It is used
+ by the sender to indicate, in preference
+ sequence, the languages that the receiver of
+ the message ideally should use when generating
+ a response. There is no obligation on the
+ receiver to respond using one of the indicated
+ languages, but using one of the languages is
+ likely to provide an improved user experience.
+
+ CharSetPrefList Optional list of Character Set identifiers
+ that conform to [XML] Characters. It is used
+ by the sender to indicate, in preference
+ sequence, the character sets that the receiver
+ of the message ideally should use when
+ generating a response. There is no obligation
+ on the receiver to respond using one of the
+ character sets indicated, but using one of the
+ character sets is likely to provide an
+ improved user experience.
+
+ SoftwareId This contains information which identifies the
+ software which generated the IOTP Message. Its
+ purpose is to help resolve interoperability
+ problems that might occur as a result of
+ incompatibilities between messages produced by
+ different software. It is a single text string
+ in the language defined by xml:lang. It must
+ contain, as a minimum:
+
+
+
+Burdett Informational [Page 40]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the name of the software manufacturer
+ o the name of the software
+ o the version of the software, and
+ o the build of the software
+
+ TimeStamp Where the device sending the message has an
+ internal clock, it is set to the time at which
+ the IOTP Message was created in [UTC] format.
+
+3.3.3 Related To Component
+
+ The Related To Component links IOTP Transactions to either other IOTP
+ Transactions or other events using the identifiers of those events.
+ Its definition is as follows.
+
+ <!ELEMENT RelatedTo (PackagedContent) >
+ <!ATTLIST RelatedTo
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ RelationshipType NMTOKEN #REQUIRED
+ Relation CDATA #REQUIRED
+ RelnKeyWords NMTOKENS #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Related To Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ RelationshipType Defines the type of the relationship. Valid values
+ are:
+
+ o IotpTransaction. in which case the Packaged
+ Content Element contains an IotpTransId of
+ another IOTP Transaction
+ o Reference in which case the Packaged Content
+ Element contains the reference of some other,
+ non-IOTP document.
+
+ Values of RelationshipType are controlled under
+ the procedures defined in section 12 IANA
+ Considerations which also allows user defined
+ values to be defined.
+
+
+
+
+Burdett Informational [Page 41]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Relation The Relation attribute contains a phrase in the
+ language defined by xml:lang which describes the
+ nature of the relationship between the IOTP
+ transaction that contains this component and
+ another IOTP Transaction or other event. The exact
+ words to be used are left to the implementers of
+ the IOTP software.
+
+ The purpose of the attribute is to provide the
+ Trading Roles involved in an IOTP Transaction with
+ an explanation of the nature of the relationship
+ between the transactions.
+
+ Care should be taken that the words used to in the
+ Relation attribute indicate the "direction" of the
+ relationship correctly. For example: one
+ transaction might be a refund for another earlier
+ transaction. In this case the transaction which is
+ a refund should contain in the Relation attribute
+ words such as "refund for" rather than "refund to"
+ or just "refund".
+
+ RelnKeyWords This attribute contains keywords which could be
+ used to help identify similar relationships, for
+ example all refunds. It is anticipated that
+ recommended keywords will be developed through
+ examination of actual usage. In this version of
+ the specification there are no specific
+ recommendations and the keywords used are at the
+ discretion of implementers.
+
+ Content:
+
+ PackagedContent The Packaged Content (see section 3.7) contains
+ data which identifies the related transaction. Its
+ format varies depending on the value of the
+ RelationshipType.
+
+3.4 ID Attributes
+
+ IOTP Messages, Blocks (i.e. Transaction Reference Blocks and Trading
+ Blocks), Trading Components (including the Transaction Id Component
+ and the Signature Component) and some of their child elements are
+ each given an XML "ID" attribute which is used to identify an
+ instance of these XML elements. These identifiers are used so that
+ one element can be referenced by another. All these attributes are
+ given the attribute name ID.
+
+
+
+
+Burdett Informational [Page 42]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The values of each ID attribute are unique within an IOTP transaction
+ i.e. the set of IOTP Messages which have the same globally unique
+ Transaction ID Component. Also, once the ID attribute of an element
+ has been assigned a value it is never changed. This means that
+ whenever an element is copied, the value of the ID attribute remains
+ the same.
+
+ As a result it is possible to use these IDs to refer to and locate
+ the content of any IOTP Message, Block or Component from any other
+ IOTP Message, Block or Component in the same IOTP Transaction using
+ Element References (see section 3.5).
+
+ This section defines the rules for setting the values for the ID
+ attributes of IOTP Messages, Blocks and Components.
+
+3.4.1 IOTP Message ID Attribute Definition
+
+ The ID attribute of the Message Id Component of an IOTP Message must
+ be unique within an IOTP Transaction. It's definition is as follows:
+
+ IotpMsgId_value ::= IotpMsgIdPrefix IotpMsgIdSuffix
+ IotpMsgIdPrefix ::= NameChar (NameChar)*
+ IotpMsgIdSuffix ::= Digit (Digit)*
+
+ IotpMsgIdPrefix Apart from messages which contain: an Inquiry
+ Request Trading Block, an Inquiry Response Trading
+ Block, a Ping Request Trading Block or a Ping
+ Response Trading Block; then the same prefix is
+ used for all messages sent by the Merchant or
+ Consumer role as follows:
+
+ o "M" - Merchant
+ o "C" - Consumer
+
+ For messages which contain an Inquiry Request
+ Trading Block or a Ping Request Trading Block, the
+ prefix is set to "I" for Inquiry.
+
+ For messages which contain an Inquiry Response
+ Trading Block or a Ping Response Trading Block,
+ the prefix is set to "Q".
+
+ The prefix for the other roles in a trade is
+ contained within the Organisation Component for
+ the role and are typically set by the Merchant.
+ The following is recommended as a guideline and
+ must not be relied upon:
+
+
+
+
+Burdett Informational [Page 43]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o "P" - First (only) Payment Handler
+ o "R" - Second Payment Handler
+ o "D" - Delivery Handler
+ o "C" - Deliver To
+
+ As a guideline, prefixes should be limited to one
+ character.
+
+ NameChar has the same definition as the [XML]
+ definition of NameChar.
+
+ IotpMsgIdSuffix The suffix consists of one or more digits. The
+ suffix must be unique within a Trading Role within
+ an IOTP Transaction. The following is recommended
+ as a guideline and must not be relied upon:
+
+ o the first IOTP Message sent by a trading role
+ is given the suffix "1"
+ o the second and subsequent IOTP Messages sent
+ by the same trading role are incremented by one
+ for each message
+ o no leading zeroes are included in the suffix
+
+ Put more simply the Message Id Component of the
+ first IOTP Message sent by a Consumer would have
+ an ID attribute of, "C1", the second "C2", the
+ third "C3" etc.
+
+ Digit has the same definition as the [XML]
+ definition of Digit.
+
+3.4.2 Block and Component ID Attribute Definitions
+
+ The ID Attribute of Blocks and Components must also be unique within
+ an IOTP Transaction. Their definition is as follows:
+
+ BlkOrCompId_value ::= IotpMsgId_value "." IdSuffix
+ IdSuffix ::= Digit (Digit)*
+
+ IotpMsgId_value The ID attribute of the Message ID Component of
+ the IOTP Message where the Block or Component is
+ first used.
+
+ In IOTP, Trading Components and Trading Blocks are
+ copied from one IOTP Message to another. The ID
+ attribute does not change when an existing Trading
+ Block or Component is copied to another IOTP
+ Message.
+
+
+
+Burdett Informational [Page 44]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ IdSuffix The suffix consists of one or more digits. The
+ suffix must be unique within the ID attribute of
+ the Message ID Component used to generate the ID
+ attribute. The following is recommended as a
+ guideline and must not be relied upon:
+
+ o the first Block or Component sent by a trading
+ role is given the suffix "1"
+ o the ID attributes of the second and subsequent
+ Blocks or Components are incremented by one for
+ each new Block or Component added to an IOTP
+ Message
+ o no leading zeroes are included in the suffix
+
+ Put more simply, the first new Block or Component
+ added to the second IOTP Message sent, for
+ example, by a consumer would have a an ID
+ attribute of "C2.1", the second "C2.2", the third
+ "C2.3" etc.
+
+ Digit has the same definition as the [XML]
+ definition of Digit.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 45]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+3.4.3 Example of use of ID Attributes
+
+ The diagram below illustrates how ID attribute values are used.
+
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ 1st IOTP MESSAGE 2nd IOTP MESSAGE
+ (e.g., from Merchant to (e.g., from Consumer to
+ Consumer Payment Handler)
+
+IOTP MESSAGE IOTP MESSAGE *
+ |-Trans Ref Block. ID=M1.1 |-Trans Ref Block.ID=C1.1*
+ | |-Trans Id Comp. ID = M1.2 ------------>| |-Trans Id Comp.
+ | | Copy Element | | ID=M1.2
+ | |-Msg Id Comp. ID = M1 | |-Msg Id Comp. ID=C1 *
+ | |
+ |-Signature Block. ID=M1.8 |-Signature Block.ID=C1.5*
+ | |-Sig Comp. ID=M1.15 ------------------>| |-Comp. ID=M1.15
+ | Copy Element |
+ |-Trading Block. ID=M1.3 |-Trading Block.ID=C1.2 *
+ | |-Comp. ID=M1.4 -------------------------->|-Comp. ID=M1.4
+ | | Copy Element |
+ | |-Comp. ID=M1.5 -------------------------->|-Comp. ID=M1.5
+ | | Copy Element |
+ | |-Comp. ID=M1.6 |-Comp. ID=C1.3 *
+ | |-Comp. ID=M1.7 |-Comp. ID=C1.4 *
+ |
+ |-Trading Block. ID=M1.9
+ |-Comp. ID=M1.10 * = new elements
+ |-Comp. ID=M1.11
+ |-Comp. ID=M1.12
+ |-Comp. ID=M1.13
+
+*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
+
+ Figure 8 Example use of ID attributes
+
+3.5 Element References
+
+ A Trading Component or one of its child XML elements, may contain an
+ XML attribute that refers to another Block (i.e. a Transaction
+ Reference Block or a Trading Block) or Trading Component (including a
+ Transaction Id and Signature Component). These Element References are
+ used for many purposes, a few examples include:
+
+ o identifying an XML element whose Digest is included in a Signature
+ Component,
+
+
+
+
+Burdett Informational [Page 46]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o referring to the Payment Handler Organisation Component which is
+ used when making a Payment
+
+ An Element Reference always contains the value of an ID attribute of
+ a Block or Component.
+
+ Identifying the IOTP Message, Trading Block or Trading Component
+ which is referred to by an Element Reference, involves finding the
+ XML element which:
+
+ o belongs to the same IOTP Transaction (i.e. the Transaction Id
+ Components of the IOTP Messages match), and
+
+ o where the value of the ID attribute of the element matches the
+ value of the Element Reference.
+
+ Note: The term "match" in this specification has the same definition
+ as the [XML] definition of match.
+
+ An example of "matching" an Element Reference is illustrated in the
+ example below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 47]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ 1st IOTP MESSAGE 2nd IOTP MESSAGE
+ (e.g., from Merchant to (e.g., from Consumer to
+ Consumer Payment Handler)
+
+ IOTP MESSAGE IOTP MESSAGE
+ |-Trans Ref Block. ID=M1.1 Trans ID |-Trans RefBlock. ID=C1.1
+ | |-Trans Id Comp. ID = M1.2 <-Components-|->|-TransId Comp.ID=M1.2
+ | | must be | |
+ | |-Msg Id Comp. ID = M1 Identical | |-Msg Id Comp. ID=C1
+ | ^ |
+ |-Signature Block. ID=M1.8 | |-Signature Block.ID=C1.5
+ | |-Sig Comp. ID=M1.15 | | |-Comp. ID=M1.15
+ | AND |
+ |-Trading Block. ID=M1.3 | |-Trading Block. ID=C1.2
+ | |-Comp. ID=M1.4 | |-Comp. ID=M1.4
+ | | v |
+ | |-Comp. ID=M1.5 <-------- -ID Attribute |-Comp. ID=M1.5
+ | | and El Ref |
+ | |-Comp. ID=M1.6 values must |-Comp. ID=C1.3
+ | | match--------|--> El Ref=M1.5
+ | |-Comp. ID=M1.7 |-Comp. ID=C1.4
+ |
+ |-Trading Block. ID=M1.9
+ |-Comp. ID=M1.10
+ |-Comp. ID=M1.11
+ |-Comp. ID=M1.12
+ |-Comp. ID=M1.13
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
+
+ Figure 9 Element References
+
+ Note: Element Reference attributes are defined as "NMTOKEN" rather
+ than "IDREF" (see [XML]). This is because an IDREF requires that the
+ XML element referred to is in the same XML Document. With IOTP this
+ is not necessarily the case.
+
+3.6 Extending IOTP
+
+ Baseline IOTP defines a minimum protocol which systems supporting
+ IOTP must be able to accept. As new versions of IOTP are developed,
+ additional types of IOTP Transactions will be defined. In addition to
+ this, Baseline and future versions of IOTP will support user
+ extensions to IOTP through two mechanisms:
+
+
+
+
+
+Burdett Informational [Page 48]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o extra XML elements, and
+
+ o new values for existing IOTP codes.
+
+3.6.1 Extra XML Elements
+
+ The XML element and attribute names used within IOTP constitute an
+ [XML Namespace] as identified by the xmlns attribute on the
+ IotpMessage element. This allows IOTP to support the inclusion of
+ additional XML elements within IOTP messages through the use of [XML
+ Namespaces].
+
+ Using XML Namespaces, extra XML elements may be included at any level
+ within an IOTP message including:
+
+ o new Trading Blocks
+
+ o new Trading Components
+
+ o new XML elements within a Trading Component.
+
+ The following rules apply:
+
+ o any new XML element must be declared according to the rules for
+ [XML Namespaces]
+
+ o new XML elements which are either Trading Blocks or Trading
+ Components must contain an ID attributes with an attribute name of
+ ID.
+
+ In order to make sure that extra XML elements can be processed
+ properly, IOTP reserves the use of a special attribute,
+ IOTP:Critical, which takes the values True or False and may appear in
+ extra elements added to an IOTP message.
+
+ The purpose of this attribute is to allow an IOTP aware application
+ to determine if the IOTP transaction can safely continue.
+ Specifically:
+
+ o if an extra XML element has an "IOTP:Critical" attribute with a
+ value of "True" and an IOTP aware application does not know how to
+ process the element and its child elements, then the IOTP
+ transaction has a Technical Error (see section 4.1) and must fail.
+
+ o if an extra XML element has an "IOTP:Critical" attribute with a
+ value of "False" then the IOTP transaction may continue if the
+ IOTP aware application does not know how to process it. In this
+ case:
+
+
+
+Burdett Informational [Page 49]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - any extra XML elements contained within an XML element defined
+ within the IOTP namespace, must be included with that element
+ whenever the IOTP XML element is used or copied by IOTP
+
+ - the content of the extra element must be ignored except that it
+ must be included when it is used in the creation of a digest as
+ part of the generation of a signature
+
+ o if an extra XML element has no "IOTP:Critical" attribute then it
+ must be treated as if it had an "IOTP:Critical" attribute with a
+ value of "True"
+
+ o if an XML element contains an "IOTP:Critical" attribute, then the
+ value of that attribute is assumed to apply to all the child
+ elements within that element
+
+ In order to ensure that documents containing "IOTP:Critical" are
+ valid, it is declared as part of the DTD for the extra element as:
+
+ IOTP:Critical (True | False ) 'True'
+
+3.6.2 Opaque Embedded Data
+
+ If IOTP is to be extended using Opaque Embedded Data then a Packaged
+ Content Element (see section 3.7) should be used to encapsulate the
+ data.
+
+3.7 Packaged Content Element
+
+ The Packaged Content element supports the concept of an embedded data
+ stream, transformed to both protect it against misinterpretation by
+ transporting systems and to ensure XML compatibility. Examples of its
+ use in IOTP include:
+
+ o to encapsulate payment scheme messages, such as SET messages,
+
+ o to encapsulate a description of an order, a payment note, or a
+ delivery note.
+
+ In general it is used to encapsulate one or more data streams.
+
+ This data stream has three standardised attributes that allow for
+ identification, decoding and interpretation of the contents. Its
+ definition is as follows.
+
+
+
+
+
+
+
+Burdett Informational [Page 50]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT PackagedContent (#PCDATA) >
+ <!ATTLIST PackagedContent
+ Name CDATA #IMPLIED
+ Content NMTOKEN "PCDATA"
+ Transform (NONE|BASE64) "NONE" >
+
+ Attributes:
+
+ Name Optional. Distinguishes between multiple
+ occurrences of Packaged Content Elements at the
+ same point in IOTP. For example:
+ <ABCD>
+ <PackagedContent Name='FirstPiece'>
+ snroasdfnas934k
+ </PackagedContent>
+ <PackagedContent Name='SecondPiece'>
+ dvdsjnl5poidsdsflkjnw45
+ </PackagedContent>
+ </ABCD>
+
+ The name attribute may be omitted, for example if
+ there is only one Packaged Content element.
+
+ Content This identifies what type of data is contained
+ within the Content of the Packaged Content
+ Element. The valid values for the Content
+ attribute are as follows:
+ o PCDATA. The content of the Packaged Content
+ Element can be treated as PCDATA with no
+ further processing.
+ o MIME. The content of the Packaged Content
+ Element is a complete MIME item. Processing
+ should include looking for MIME headers inside
+ the Packaged Content Element.
+ o MIME:mimetype. The content of the Packaged
+ Content Element is MIME content, with the
+ following header "Content-Type: mimetype".
+ Although it is possible to have MIME:mimetype
+ with the Transform attribute set to NONE, it is
+ far more likely to have Transform attribute set
+ to BASE64. Note that if Transform is NONE is
+ used, then the entire content must still
+ conform to PCDATA. Some characters will need to
+ be encoded either as the XML default entities,
+ or as numeric character entities.
+
+
+
+
+
+
+Burdett Informational [Page 51]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o XML. The content of the Packaged Content
+ Element can be treated as an XML document.
+ Entities and CDATA sections, or Transform set
+ to BASE64, must be used to ensure that the
+ Packaged Content Element contents are
+ legitimate PCDATA.
+
+ Values of the Content attribute are controlled
+ under the procedures defined in section 12 IANA
+ Considerations which also allows user defined
+ values to be defined.
+
+ Transform This identifies the transformation that has been
+ done to the data before it was placed in the
+ content. Valid values are:
+
+ o NONE. The PCDATA content of the Packaged
+ Content Element is the correct representation
+ of the data. Note that entity expansion must
+ occur first (i.e. replacement of &amp; and
+ &#9;) before the data is examined. CDATA
+ sections may legitimately occur in a Packaged
+ Content Element where the Transform attribute
+ is set to NONE.
+ o BASE64. The PCDATA content of the Packaged
+ Content Element represents a BASE64 encoding of
+ the actual content.
+
+ Content:
+
+ PCDATA This is the actual data which has been embedded.
+ The format of the data and rules on how to decode
+ it are contained in the Content and the Transform
+ attributes
+
+ Note that any special details, especially custom attributes, must be
+ represented at a higher level.
+
+3.7.1 Packaging HTML
+
+ The packaged content may contain HTML. In this case the following
+ conventions are followed:
+
+ o references to any documents, images or other things, such as
+ sounds or web pages, which can affect the recipient's
+ understanding of the data which is being packaged must refer to
+ other Packaged Elements contained within the same parent element,
+ e.g., an Order Description
+
+
+
+Burdett Informational [Page 52]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o if more than one Packaged Content element is included within a
+ parent element in order to meet the previous requirement, then the
+ Name attribute of the top level Packaged Content from which
+ references to all other Packaged Elements can be determined,
+ should have a value of Main
+
+ o relative references to other documents, images, etc. from one
+ Packaged Content element to another are realised by setting the
+ value of the relative reference to the Name attribute of another
+ Packaged Content element at the same level and within the same
+ parent element
+
+ o no external references that require the reference to be resolved
+ immediately should be used. As this could make the HTML difficult
+ or impossible to display completely
+
+ o [MIME] is used to encapsulate the data inside each Packaged
+ Element. This means that the information in the MIME header used
+ to identify the type of data which has been encapsulated and
+ therefore how it should be displayed.
+
+ If the above conventions are not followed by, for example, including
+ external references which must be resolved, then the recipient of the
+ HTML should be informed.
+
+ Note: As an implementation guideline the values of the Name
+ Attributes allocated to Packaged Content elements should make it
+ possible to extract each Packaged Content into a directory and then
+ display the HTML directly
+
+3.7.2 Packaging XML
+
+ Support for XML is recommended. When XML needs to be displayed, for
+ example to display the content of an Order Description to a Consumer,
+ then implementers should follow the latest recommendations of the
+ World Wide Web Consortium.
+
+ Note: At the time of writing this specification, standards are under
+ development that specify XML style sheets that show how XML documents
+ should be displayed. See:
+
+ o "Extensible Stylesheet Language (XSL) Specification" at
+ http://www.w3.org/TR/WD-xsl, and
+
+ o "Associating stylesheets with XML documents" at
+ http://www.w3.org/TR/xml-stylesheet.
+
+
+
+
+
+Burdett Informational [Page 53]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Once these standards become W3C "Recommendations", then it is
+ anticipated that this specification will be amended if practical.
+
+3.8 Identifying Languages
+
+ IOTP uses [XML] Language Identification to specify which languages
+ are used within the content and attributes of IOTP Messages.
+
+ The following principles have been used in order to determine which
+ XML elements contain an xml:lang Attributes:
+
+ o a mandatory xml:lang attribute is contained on every Trading
+ Component which contains attributes or content which may need to
+ be displayed or printed in a particular language
+
+ o an optional xml:lang attribute is included on child elements of
+ these Trading Components. In this case the value of xml:lang, if
+ present, overrides the value for the Trading Component.
+
+ xml:lang attributes which follow these principles are included in the
+ Trading Components and their child XML elements defined in section 7.
+
+ A sender of a message, typically a Consumer can indicate a preference
+ for a language, and a character set by specifying a list of preferred
+ languages/character sets in a Message Id Component (see section
+ 3.3.2). Note that there is no obligation on the receiver of such a
+ message to respond using one of the listed languages/character sets
+ as they may not have the technology to be able to do it. It also
+ means that the ability to handle these lists is not a requirement for
+ conformance to this specification. However the ability to respond,
+ for example using one of the stated languages/character sets is
+ likely to provide a better user experience.
+
+3.9 Secure and Insecure Net Locations
+
+ IOTP contains several "Net Locations" which identify places where,
+ typically, IOTP Messages may be sent. Net Locations come in two
+ types:
+
+ o "Secure" Net Locations which are net locations where privacy of
+ data is secured using, for example, encryption methods such as
+ [SSL/TLS], and
+
+ o "Insecure" Net Locations where privacy of data is not assured.
+
+ Note that either a Secure Net Location or an Insecure Net Location or
+ both must be present.
+
+
+
+
+Burdett Informational [Page 54]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If only one of the two Net Locations is present, then the one present
+ must be used.
+
+ Where both types of net location are present then either may be used
+ depending on the preference of the sender of the message.
+
+3.10 Cancelled Transactions
+
+ Any Trading Role involved in an IOTP transaction may cancel that
+ transaction at any time.
+
+3.10.1 Cancelling Transactions
+
+ IOTP Transactions are cancelled by sending an IOTP message containing
+ just a Cancel Block with an appropriate Status Component to the other
+ Trading Role involved in the Trading Exchange.
+
+ Note: The Cancel Block can be sent asynchronously of any other IOTP
+ Message. Specifically it can be sent either before sending or after
+ receiving an IOTP Message from the other Trading Role
+
+ If an IOTP Transaction is cancelled during a Trading Exchange (i.e.
+ the interval between sending a "request" block and receiving the
+ matching "response" block) then the Cancel Block is sent to the same
+ location as the next IOTP Message in the Trading Exchange would have
+ been sent.
+
+ If a Consumer cancels a transaction after a Trading Exchange has
+ completed (i.e. the "response" block for the Trading Exchange has
+ been received), but before the IOTP Transaction has finished then the
+ Consumer sends a Cancel Block with an appropriate Status Component to
+ the net location identified by the SenderNetLocn or
+ SecureSenderNetLocn contained in the Protocol Options Component (see
+ section 7.1) contained in the TPO Block (see section 8.1) for the
+ transaction. This is normally the Merchant Trading Role.
+
+ A Consumer should not send a Cancel Block after the IOTP Transaction
+ has completed. Cancelling a complete transaction should be treated as
+ a technical error.
+
+ After cancelling the IOTP Transaction, the Consumer should go to the
+ net location specified by the CancelNetLocn attribute contained in
+ the Trading Role Element for the Organisation that was sent the
+ Cancel Block.
+
+ A non-Consumer Trading Role should only cancel a transaction:
+
+ o after a request block has been received and
+
+
+
+Burdett Informational [Page 55]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o before the response block has been sent
+
+ If a non-Consumer Trading Role cancels a transaction at any other
+ time it should be treated by the recipient as an error.
+
+3.10.2 Handling Cancelled Transactions
+
+ If a Cancel Block is received by a Consumer at a point in the IOTP
+ Transaction when cancellation is allowed, then the Consumer should
+ stop the transaction.
+
+ If a Cancel Block is received by a non-Consumer role, then the
+ Trading Role should anticipate that the Consumer may go to the
+ location specified by the CancelNetLocn attribute contained in the
+ Trading Role Element for the Trading Role.
+
+4. IOTP Error Handling
+
+ IOTP is designed as a request/response protocol where each message is
+ composed of a number of Trading Blocks which contain a number of
+ Trading Components. There are several interrelated considerations in
+ handling errors, re-transmissions, duplicates, and the like. These
+ factors mean IOTP aware applications must manage message flows more
+ complex than the simple request/response model. Also a wide variety
+ of errors can occur in messages as well as at the transport level or
+ in Trading Blocks or Components.
+
+ This section describes at a high level how IOTP handles errors,
+ retries and idempotency. It covers:
+
+ o the different types of errors which can occur. This is divided
+ into:
+
+ - "technical errors" which are independent of the purpose of the
+ IOTP Message,
+
+ - "business errors" which indicate that there is a problem
+ specific to the process (e.g., payment or delivery) which is
+ being carried out, and
+
+ o the depth of the error which indicates whether the error is at the
+ transport, message or block/component level
+
+ o how the different trading roles should handle the different types
+ of messages which they may receive.
+
+
+
+
+
+
+Burdett Informational [Page 56]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+4.1 Technical Errors
+
+ Technical Errors are those which are independent of the meaning of
+ the message. This means, they can affect any attempt at IOTP
+ communication. Typically they are handled in a standard fashion with
+ a limited number of standard options for the user. Specifically these
+ are:
+
+ o retrying the transmission, or
+
+ o cancelling the transaction.
+
+ When communications are operating sufficiently well, a technical
+ error is indicated by an Error Component (see section 7.21) in an
+ Error Block (see section 8.17) sent by the party which detected the
+ error in an IOTP message to the party which sent the erroneous
+ message.
+
+ If communications are too poor, a message which was sent may not
+ reach its destination. In this case a time-out might occur.
+
+ The Error Codes associated with Technical Errors are recorded in the
+ Error Component which lists all the different technical errors which
+ can be set.
+
+4.2 Business Errors
+
+ Business Errors may occur when the IOTP messages are "technically"
+ correct. They are connected with a particular process, for example,
+ an offer, payment, delivery or authentication, where each process has
+ a different set of possible business errors.
+
+ For example, "Insufficient funds" is a reasonable payment error but
+ makes no sense for a delivery while "Back ordered" is a reasonable
+ delivery error but not meaningful for a payment. Business errors are
+ indicated in the Status Component (see section 7.16) of a "response
+ block" of the appropriate type, for example a Payment Response Block
+ or a Delivery Response Block. This allows whatever additional
+ response related information is needed to accompany the error
+ indication.
+
+ Business errors must usually be presented to the user so that they
+ can decide what to do next. For example, if the error is insufficient
+ funds in a Brand Independent Offer (see section 9.1.2.2), the user
+ might wish to choose a different payment instrument/account of the
+ same brand or a different brand or payment system. Alternatively, if
+
+
+
+
+
+Burdett Informational [Page 57]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the IOTP based implementation allows it and it makes sense for that
+ instrument, the user might want to put more funds into the
+ instrument/account and try again.
+
+4.3 Error Depth
+
+ The three levels at which IOTP errors can occur are the transport
+ level, the message level, and the block level. Each is described
+ below.
+
+4.3.1 Transport Level
+
+ This level of error indicates a fundamental problem in the transport
+ mechanism over which the IOTP communication is taking place.
+
+ All transport level errors are technical errors and are indicated by
+ either an explicit transport level error indication, such as a "No
+ route to destination" error from TCP/IP, or by a time out where no
+ response has been received to a request.
+
+ The only reasonable automatic action when faced with transport level
+ errors is to retry and, after some number of automatic retries, to
+ inform the user.
+
+ The explicit error indications that can be received are transport
+ dependent and the documentation for the appropriate IOTP Transport
+ supplement should be consulted for errors and appropriate actions.
+
+ Appropriate time outs to use are a function of both the transport
+ being used and of the payment system if the request encapsulates
+ payment information. The transport and payment system specific
+ documentation should be consulted for time out and automatic retry
+ parameters. Frequently there is no way to directly inform the other
+ party of transport level errors but they should generally be logged
+ and if automatic recovery is unsuccessful and there is a human user,
+ the user should be informed.
+
+4.3.2 Message Level
+
+ This level of error indicates a fundamental technical problem with an
+ entire IOTP message. For example, the XML is not "Well Formed", or
+ the message is too large for the receiver to handle or there are
+ errors in the Transaction Reference Block (see section 3.3) so it is
+ not possible to figure out what transaction the message relates to.
+
+ All message level errors are technical errors and are indicated by
+ Error Components (see section 7.21) sent to the other party. The
+ Error Component includes a Severity attribute which indicates whether
+
+
+
+Burdett Informational [Page 58]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the error is a Warning and may be ignored, a TransientError which
+ indicates that a retry may resolve the problem or a HardError in
+ which case the transaction must fail.
+
+ The Technical Errors (see section 7.21.2 Error Codes) that are
+ Message Level errors are:
+
+ o XML not well formed. The document is not well formed XML (see
+ [XML])
+
+ o XML not valid. The document is not valid XML (see [XML])
+
+ o block level technical errors (see section 4.3.3) on the
+ Transaction Reference Block (see section 3.3) and the Signature
+ Block only. Checks on these blocks should only be carried out if
+ the XML is valid
+
+ Note that checks on the Signature Block include checking, where
+ possible, that each Signature Component is correctly calculated. If
+ the Signature is incorrectly calculated then the data that should
+ have been covered by the signature can not be trusted and must be
+ treated as erroneous. A description of how to check a signature is
+ correctly calculated is contained in section 6.2.
+
+4.3.3 Block Level
+
+ A Block level error indicates a problem with a block or one of its
+ components in an IOTP message (apart from Transaction Reference or
+ Signature Blocks). The message has been transported properly, the
+ overall message structure and the block/component(s) including the
+ Transaction Reference and Signature Blocks are meaningful but there
+ is some error related to one of the other blocks.
+
+ Block level errors can be either:
+
+ o technical errors, or
+
+ o business errors
+
+ Technical Errors are further divided into:
+
+ o Block Level Attribute and Element Checks, and
+
+ o Block and Component Consistency Checks
+
+ o Transient Technical Errors
+
+
+
+
+
+Burdett Informational [Page 59]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If a technical error occurs related to a block or component, then an
+ Error Component is generated for return.
+
+4.3.3.1 Block Level Attribute and Element Checks
+
+ Block Level Attribute and Element Checks occur only within the same
+ block. Checks which involve cross-checking against other blocks are
+ covered by Block and Component Consistency Checks.
+
+ The Block Level Attribute & Element checks are:
+
+ o checking that each attribute value within each element in a block
+ conforms to any rules contained within this IOTP specification
+
+ o checking that the content of each element conforms to any rules
+ contained within this IOTP specification
+
+ o if the previous checks are OK, then checking the consistency of
+ attribute values and element content against other attribute
+ values or element content within any other components in the same
+ block.
+
+4.3.3.2 Block and Component Consistency Checks
+
+ Block and Component Consistency Checks consist of:
+
+ o checking that the combination of blocks and/or components present
+ in the IOTP Message are consistent with the rules contained within
+ this IOTP specification
+
+ o checking for consistency between attributes and element content
+ within the blocks within the same IOTP message.
+
+ o checking for consistency between attributes and elements in blocks
+ in this IOTP message and blocks received in earlier IOTP messages
+ for the same IOTP transaction
+
+ If the block passes the "Block Level Attribute and Element Checks"
+ and the "Block and Component Consistency Checks" then it is processed
+ either by the IOTP Aware application or perhaps by some "back-end"
+ system such as a payment server.
+
+4.3.3.3 Transient Technical Errors
+
+ During the processing of the Block some temporary failure may occur
+ that can potentially be recovered by the other trading role re-
+ transmitting, at some slightly later time, the original message that
+ they sent. In this case the other role is informed of the Transient
+
+
+
+Burdett Informational [Page 60]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Error by sending them an Error Component (see section 7.21) with the
+ Severity Attribute set to TransientError and the MinRetrySecs
+ attribute set to some value suitable for the Transport Mechanism
+ and/or payment protocol being used (see appropriate Transport and
+ payment protocol Supplements).
+
+ Note that transient technical errors can be generated by any of the
+ Trading Roles involved in transaction.
+
+4.3.3.4 Block Level Business Errors
+
+ If a business error occurs in a process such as a Payment or a
+ Delivery, then the appropriate type of response block is returned
+ containing a Status Component (see section 7.16) with the
+ ProcessState attribute set to Failed and the CompletionCode
+ indicating the nature of the problem.
+
+ Some business errors may be "transient" in that the Consumer role may
+ be able to recover and complete the transaction in some other way.
+ For example if the Credit Card that a consumer provided had
+ insufficient funds for a purchase, then the Consumer may recover by
+ using a different credit card.
+
+ Recovery from "transient" business errors is dependent on the
+ CompletionCode. See the definition of the Status Component for what
+ is possible.
+
+ Note that no Error Component or Error Block is generated for business
+ errors.
+
+4.4 Idempotency, Processing Sequence, and Message Flow
+
+ IOTP messages are actually a combination of blocks and components as
+ described in 3.1.1 IOTP Message Structure. Especially in future
+ extensions of IOTP, a rich variety of combinations of such blocks and
+ components can occur. It is important that the multiple
+ transmission/receipt of the "same" request for an action that will
+ change state does not result in that action occurring more than once.
+ This is called idempotency. For example, a customer paying for an
+ order would want to pay the full amount only once. Most network
+ transport mechanisms have some probability of delivering a message
+ more than once or not at all, perhaps requiring retransmission. On
+ the other hand, a request for status can reasonably be repeated and
+ should be processed fresh each time it is received.
+
+
+
+
+
+
+
+Burdett Informational [Page 61]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Correct implementation of IOTP can be modelled by a particular
+ processing order as detailed below. Any other method that is
+ indistinguishable in the messages sent between the parties is equally
+ acceptable.
+
+4.5 Server Role Processing Sequence
+
+ "Server roles" are any Trading Role which is not the Consumer role.
+ They are "Server roles" since they typically receive a request which
+ they must service and then produce a response. However server roles
+ can also initiate transactions. More specifically Server Roles must
+ be able to:
+
+ o Initiate a transaction (see section 4.5.1). These are divided
+ into:
+
+ - payment related transactions and
+
+ - infrastructure transactions
+
+ o Accept and process a message received from another role (see
+ section 4.5.2). This includes:
+
+ - identifying if the message belongs to a transaction that has
+ been received before
+
+ - handling duplicate messages
+
+ - generating Transient errors if the servers that process the
+ input message are too busy to handle it
+
+ - processing the message if it is error free, authorised and, if
+ appropriate, producing a response to send back to the other
+ role
+
+ o Cancel a current transaction if requested (see section 4.5.3)
+
+ o Re-transmit messages if a response was expected but has not been
+ received in a reasonable time (see section 4.5.4).
+
+4.5.1 Initiating Transactions
+
+ Server Roles may initiate a variety of different types of
+ transaction. Specifically:
+
+ o an Inquiry Transaction (see section 9.2.1)
+
+ o a Ping Transaction (see section 9.2.2)
+
+
+
+Burdett Informational [Page 62]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o an Authentication Transaction (see section 9.1.6)
+
+ o a Payment Related Transaction such as:
+
+ - a Deposit (see section 9.1.7)
+
+ - a Purchase (see section 9.1.8)
+
+ - a Refund (see section 9.1.9)
+
+ - a Withdrawal (see section 9.1.10)
+
+ - a Value Exchange (see section 9.1.11)
+
+4.5.2 Processing Input Messages
+
+ Processing input messages involves the following:
+
+ o checking the structure and identity of the message
+
+ o checking for and handling duplicate messages
+
+ o processing non-duplicate original messages which includes:
+
+ - checking for errors, then if no errors are found
+
+ - processing the message to produce an output message if
+ appropriate
+
+ Each of these is discussed in more detail below.
+
+4.5.2.1 Checking Structure and Message Identity
+
+ It is critical to check that the message is "well formed" XML and
+ that the transaction identifier (IotpTransId attribute on the TransId
+ Component) within the IOTP message can be successfully identified
+ since an IotpTransId will be needed to generate a response.
+
+ If the input message is not well formed then generate an Error
+ Component with a Severity of HardError and ErrorCode of
+ XmlNotWellFrmd.
+
+ If the message is well formed but the IotpTransId cannot be
+ identified then generate an ErrorComponent with:
+
+ o a Severity of HardError and an ErrorCode of AttMissing,
+
+
+
+
+
+Burdett Informational [Page 63]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o a PackagedContent containing "IotpTransId" - the missing
+ attribute.
+
+ Insert the Error Component inside an Error Block with a new
+ TransactionId component with a new IotpTransId and return it to the
+ sender of the original message.
+
+4.5.2.2 Checking/Handling Duplicate Messages
+
+ If the input message can be identified as potentially a valid input
+ message then check to see if an "identical" input message has been
+ received before. Identical means that all blocks, components,
+ elements, attribute values and element content in the input message
+ are the same.
+
+ Note: The recommended way of checking for identical messages is to
+ check for equal values of their [DOM-HASH]
+
+ If an identical message has been received before then check to see if
+ the processing of the previous message has completed.
+
+ If processing has not completed then generate an Error Component with
+ a Severity of Transient Error and an Error Code of MsgBeingProc to
+ indicate the message is being processed and send it back to the
+ sender of the Input Message requesting that the original message be
+ resent after an appropriate period of time.
+
+ Otherwise, if processing has completed and resulted in an output
+ message then retrieve the last message that was sent and send it
+ again.
+
+ If the message is not a duplicate then it should be processed.
+
+4.5.2.3 Processing Non-Duplicate Message
+
+ Once it's been established that the message is not a duplicate, then
+ it can be processed. This involves:
+
+ o checking that a server is available to handle the message,
+ generating a Transient Error if it is not
+
+ o checking the Transaction is Not Already in error or cancelled
+
+ o validating the input message. This includes:
+
+ - checking for message level errors
+
+ - checking for block level errors
+
+
+
+Burdett Informational [Page 64]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - checking any encapsulated data
+
+ o checking for errors in the sequence that blocks have been received
+
+ o generating error components for any errors that result
+
+ o if neither hard errors nor transient errors result, then
+ processing the message and generating an output message, if
+ required, for return to the sender of the Input Message
+
+ Note: This approach to handling of duplicate input messages means, if
+ absolutely "identical" messages are received then absolutely
+ "identical" messages are returned. This also applies to Inquiry and
+ Ping transactions when in reality the state of a transaction or the
+ processing ability of the servers may have changed. If up-to-date
+ status of transactions or servers is required, then an IOTP
+ transaction with a new value for the ID attribute of the MsgId
+ component must be used.
+
+ Each of the above steps is discussed below.
+
+ CHECKING A SERVER IS AVAILABLE
+
+ The process that is handling the input message should check that the
+ rest of the system is not so busy that a response in a reasonable
+ time cannot be produced.
+
+ If the server is too busy, then it should generate an Error Component
+ with a Severity of Transient Error and an Error Code of SystemBusy
+ and send it back to the sender of the Input Message requesting that
+ the original message be resent after an appropriate period of time.
+
+ Note: Some servers may occasionally become very busy due to
+ unexpected increases in workload. This approach allows short peaks in
+ workloads to be handled by delaying the input of messages by asking
+ the sender of the message to resubmit later.
+
+ CHECKING THE TRANSACTION IS NOT ALREADY IN ERROR OR CANCELLED
+
+ Check that:
+
+ o previous messages received or sent did not contain or result in
+ Hard Errors, and
+
+ o the Transaction has not been cancelled by either the Consumer or
+ the Server Trading Role
+
+
+
+
+
+Burdett Informational [Page 65]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If it has then, ignore the message. A transaction with hard errors or
+ that has been cancelled, cannot be restarted.
+
+ CHECK FOR MESSAGE AND BLOCK LEVEL ERRORS
+
+ If the transaction is still OK then check for message level errors.
+ This involves:
+
+ o checking the XML is valid
+
+ o checking that the elements, attributes and content of the
+ Transaction Reference Block are without error and conform to this
+ specification
+
+ o checking the digital signature which involves:
+
+ - checking that the Signature value is correctly calculated, and
+
+ - the hash values in the digests are correctly calculated where
+ the source of the hash value is available.
+
+ Checking for block level errors involves:
+
+ o checking within each block (apart from the Transaction Reference
+ Block) that:
+
+ - the attributes, elements and element contents are valid
+
+ - the values of the attributes, elements and element contents are
+ consistent within the block
+
+ o checking that the combination of blocks are valid
+
+ o checking that the values of the attribute, elements and element
+ contents are consistent between the blocks in the input message
+ and blocks in earlier messages either sent or received. This
+ includes checking that the presence of a block is valid for a
+ particular transaction type
+
+ If the message contains any encapsulated data, then if possible check
+ the encapsulated data for errors using additional software to check
+ the data where appropriate.
+
+4.5.2.4 Check for Errors in Block Sequence
+
+ Note: For reasons of brevity, the following explanations of how to
+ check for errors in Block sequence, the phrase "refers to an IOTP
+ transaction" is interpreted as "is contained in an IOTP Message where
+
+
+
+Burdett Informational [Page 66]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the Trans Ref Block contains an IotpTransId that refers to". So, for
+ example, " If an Error or Cancel Block refers to an IOTP transaction
+ that is not recognised then ..." should be interpreted as " If an
+ Error or Cancel Block is contained in an IOTP Message where the Trans
+ Ref Block contains an IotpTransId that refers to an IOTP transaction
+ that is not recognised then ...
+
+ Errors in the sequence that blocks arrive depends on the block.
+ Blocks where checking for sequence is required are:
+
+ o Error and Cancel Blocks. If an Error or Cancel Block refers to an
+ IOTP transaction that is not recognised then it is a Hard Error.
+ Do not return an error if Error or Cancel Blocks have been
+ received for the IOTP Transaction before to avoid looping.
+
+ o Inquiry Request and Response Blocks. If an Inquiry Request or an
+ Inquiry Response Block refers to an IOTP transaction that is not
+ recognised then it is a Hard Error
+
+ o Authentication Request Block. If an Authentication Request Block
+ refers to an IOTP transaction that is recognised it is a Hard
+ Error
+
+ o Authentication Response Block. Check as follows:
+
+ - if an Authentication Response Block does not refer to an IOTP
+ transaction that is recognised it is a Hard Error, otherwise
+
+ - if the Authentication Response Block doesn't refer to an
+ Authentication Request that had been previously sent then it is
+ a Hard Error, otherwise
+
+ - if an Authentication Response for the same IOTP transaction has
+ been received before and the Authentication was successful then
+ it is a Hard Error.
+
+ o Authentication Status Block. Check as follows:
+
+ - if an Authentication Status Block does not refer to an IOTP
+ transaction that is recognised it is a Hard Error, otherwise
+
+ - if the Authentication Status Block doesn't refer to an
+ Authentication Response that had been previously sent then it
+ is a Hard Error, otherwise
+
+ - if an Authentication Status for the same IOTP transaction has
+ been received before then it is a Warning Error
+
+
+
+
+Burdett Informational [Page 67]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o TPO Selection Block (Merchant only). Check as follows:
+
+ - if the TPO Selection Block doesn't refer to an IOTP Transaction
+ that is recognised then it is a Hard Error, otherwise
+
+ - if the TPO Selection Block refers to an IOTP Transaction where
+ a TPO Block and Offer Response (in one message) had previously
+ been sent then it is a Hard Error, otherwise
+
+ - if the TPO Selection Block does not refer to an IOTP
+ Transaction where a TPO Block only (i.e. without an Offer
+ Response) had previously been sent then it is a Hard Error,
+ otherwise
+
+ - if a TPO Selection Block for the same TPO Block has been
+ received before then it is a Hard Error
+
+ o Payment Request Block (Payment Handler only). Check as follows:
+
+ - if the Payment Request Block refers to an IOTP Transaction that
+ is not recognised then its OK, otherwise
+
+ - if the Payment Request Block refers to IOTP Transaction that
+ was not for a Payment then it is a Hard Error, otherwise
+
+ - if there was a previous payment that failed with a non-
+ recoverable Completion Code then it is a Hard Error, otherwise
+
+ - if a previous payment is still in progress then it is a Hard
+ Error
+
+ o Payment Exchange Block (Payment Handler only). Check as follows:
+
+ - if the Payment Exchange Block doesn't refer to an IOTP
+ Transaction that is recognised then it is a Hard Error,
+ otherwise
+
+ - if the Payment Exchange doesn't refer to an IOTP Transaction
+ where a Payment Exchange had previously been sent then it a
+ Hard Error
+
+ o Delivery Request (Delivery Handler Only). If the Delivery Request
+ Block refers to an IOTP Transaction that is recognised by the
+ Server then it is a Hard Error
+
+
+
+
+
+
+
+Burdett Informational [Page 68]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If any Error Components have been generated then collect them into an
+ Error Block for sending to the sender of the Input message. Note that
+ Error Blocks should be sent back to the sender of the message and to
+ the ErrorLogNetLocn for the Trading Role of the sender if one is
+ specified.
+
+ Note: The above checking on the sequence of Authentication Responses
+ and Payment Requests supports the Consumer re-submitting a repeat
+ action request since the previous one failed, for example:
+
+ o because they did not know the correct response (e.g., a password)
+ on an authentication or,
+
+ o they were unable to pay as there were insufficient funds on a
+ credit card
+
+ PROCESS THE ERROR FREE INPUT MESSAGE
+
+ If the input message passes the previous checks then it can be
+ processed to produce an output message if required. Note that:
+
+ o Inquiry Requests on Ping Transactions should be ignored
+
+ o if the Input message contains an Error Block with a Transient
+ Error then wait for the required time then resend the previous
+ message, if a response to the earlier message has not been
+ received
+
+ o if the input message contains a Error Component with a HardError
+ or a Cancel Block then stop all further processing of the
+ transaction. This includes suppressing the sending of any messages
+ currently being generated or responding to any new non-duplicate
+ messages that are received
+
+ o processing of encapsulated messages (e.g., Payment Protocol
+ Messages) may result in additional transient errors
+
+ o a digital signature can only safely be generated once all the
+ blocks and components have been generated and it is known which
+ elements in the message need to be signed.
+
+ If an output message is generated then it should be saved so that it
+ can be resent as required if an identical input message is received
+ again. Note that output messages that contain transient errors are
+ not saved so that they can be processed afresh when the input message
+ is received again.
+
+
+
+
+
+Burdett Informational [Page 69]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+4.5.3 Cancelling a Transaction
+
+ This process is used to cancel a transaction running on an IOTP
+ server. It is initiated by some other process as a result of an
+ external request from another system or server that is being run by
+ the same Trading Role. The processing required is as follows:
+
+ o if the IotpTransId of the transaction to be cancelled is not
+ recognised, or complete then fail the request, otherwise
+
+ o if the IotpTransId refers to a Ping Transaction then fail the
+ request, otherwise
+
+ o determine which Document Exchange to cancel and generate a Cancel
+ Block and send it to the other party
+
+ Note: Cancelling a transaction on an IOTP server typically arises for
+ a business reason. For example a merchant may have attempted
+ authentication several times without success and as a result decides
+ to cancel the transaction. Therefore the process that decides to take
+ this action needs to send a message from the process/server that made
+ the business decision to the IOTP server with the instruction that
+ the IOTP transaction should be cancelled.
+
+4.5.4 Retransmitting Messages
+
+ The server should periodically check for transactions where a message
+ is expected in return but none has been received after a time that is
+ dependent on factors such as:
+
+ o the Transport Mechanism being used;
+
+ o the time required to process encapsulated messages (e.g., Payment
+ messages) and
+
+ o whether or not human input is required.
+
+ If no message has been received the original message should be
+ resent. This should occur up to a maximum number of times dependent
+ on the reliability of the Transport Mechanism being used.
+
+ If no response is received after the required time then the
+ Transaction should be "timed out". In this case, set the process
+ state of the transaction to Failed, and a completion code of either:
+
+ o TimedOutRcvr if the transaction can potentially recovered later,
+ or
+
+
+
+
+Burdett Informational [Page 70]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o TimedOutNoRcvr if the transaction is non-recoverable
+
+4.6 Client Role Processing Sequence
+
+ The "Client role" in IOTP is the Consumer Trading Role.
+
+ Note: A company or Organisation that is a Merchant, for example, may
+ take on the Trading Role of a Consumer when making purchases or
+ downloading or withdrawing electronic cash.
+
+ More specifically the Consumer Role must be able to:
+
+ o Initiate a transaction (see section 4.6.1). These are divided
+ into:
+
+ - payment related transactions and
+
+ - infrastructure transactions
+
+ o Accept and process a message received from another role (see
+ section 4.6.2). This includes:
+
+ - identifying if the message belongs to a transaction that has
+ been received before
+
+ - handling duplicate messages
+
+ - generating Transient errors if the servers that process the
+ input message are too busy to handle it
+
+ - processing the message if it is error free and, if appropriate,
+ producing a response to send back to the other role
+
+ o Cancel a current transaction if requested, for example by the User
+ (see section 4.6.3)
+
+ o Re-transmit messages if a response was expected but has not been
+ received in a reasonable time (see section 4.6.4).
+
+4.6.1 Initiating Transactions
+
+ The Consumer Role may initiate a number of different types of
+ transaction. Specifically:
+
+ o an Inquiry Transaction (see section 9.2.1)
+
+ o a Ping Transaction (see section 9.2.2)
+
+
+
+
+Burdett Informational [Page 71]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o an Authentication Transaction (see section 9.1.6)
+
+4.6.2 Processing Input Messages
+
+ Processing of Input Messages for a Consumer Role is the same as for
+ an IOTP Server (see section 4.5.2) except in the area of checking for
+ Errors in Block Sequence (for an IOTP Server see section 4.5.2.4).
+ This is described below
+
+ Note: The description of the processing for an IOTP Server includes
+ consideration of multi-threading of input messages and multi-tasking
+ of requests. For the Consumer Role - particularly if running on a
+ stand-alone system such as a PC - use of multi-threading is a
+ decision of the implementer of the consumer role IOTP solution.
+
+4.6.2.1 Check for Errors in Block Sequence
+
+ The handling of the following blocks is the same as for an IOTP
+ Server (see section 4.5.2.4) except that the Consumer Role is
+ substituted for IOTP Server Role:
+
+ o Error and Cancel Blocks,
+
+ o Inquiry Request and Response Blocks,
+
+ o Authentication Request, Response and Status Blocks.
+
+ For the other blocks a Consumer role might receive, the potential
+ errors in the sequence that blocks arrive depends on the block.
+ Blocks where checking for sequence is required are:
+
+ o TPO Block. Check as follows:
+
+ - if the input message also contains an Authentication Request
+ block and an Offer Response Block then there is a Hard Error,
+ otherwise
+
+ - if the input message also contains an Authentication Request
+ block and Authentication Status block then there is Hard Error
+ otherwise,
+
+
+ - if the input message also contains an Authentication Request
+ block and the IOTP Transaction is recognised by the Consumer
+ role's system, then there is a Hard Error, otherwise
+
+
+
+
+
+
+Burdett Informational [Page 72]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - if the input message also contains an Authentication Status
+ block and the IOTP Transaction is not recognised by the
+ Consumer role's system then there is a Hard Error, otherwise
+
+ - if input message also contains an Authentication Status Block
+ and the Authentication Status Block has not been sent after an
+ earlier Authentication Response message then there is a hard
+ error
+
+ - if input message also contains an Offer Response Block and the
+ IOTP Transaction is recognised by the Consumer role's system
+ then there is a Hard Error, otherwise
+
+ - if the TPO Block occurs on its own and the IOTP Transaction is
+ recognised by the Consumer role's system then there is a Hard
+ Error
+
+ o Offer Response Block. Check as follows:
+
+ - if the Offer Response Block is part of a Brand Independent
+ Offer Exchange (see section 9.1.2.2) then there is no sequence
+ checking as it is part of the first message received, otherwise
+
+ - if the Offer Response Block is not part of an IOTP Transaction
+ that is recognised by the Consumer role then there is a Hard
+ Error, otherwise
+
+ - if the Offer Response Block does not refer to an IOTP
+ transaction where a TPO Selection Block was the last message
+ sent then there is a Hard Error
+
+ o Payment Exchange Block. Check as follows:
+
+ - if the Payment Exchange Block doesn't refer to an IOTP
+ Transaction that is recognised by the Consumer role's system
+ then there is a Hard Error, otherwise
+
+ - if the Payment Exchange doesn't refer to an IOTP Transaction
+ where either a Payment Request or a Payment Exchange block was
+ most recently sent then there is a Hard Error
+
+ o Payment Response Block. Check as follows:
+
+ - if the Payment Response Block doesn't refer to an IOTP
+ Transaction that is recognised by the Consumer role's system
+ then there is a Hard Error, otherwise
+
+
+
+
+
+Burdett Informational [Page 73]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - if the Payment Response doesn't refer to an IOTOP Transaction
+ where either a Payment Request or a Payment Exchange block was
+ most recently sent then there is a Hard Error
+
+ o Delivery Response Block. Check as follows:
+
+ - if the Delivery Response Block doesn't refer to an IOTP
+ Transaction that is recognised by the Consumer role's system
+ then there is a Hard Error, otherwise
+
+ - If the Delivery Response doesn't refer to an IOTP Transaction
+ where either a Payment Request or a Payment Exchange block was
+ most recently sent then there is a Hard Error
+
+4.6.3 Cancelling a Transaction
+
+ This process cancels a current transaction on an Consumer role's
+ system as a result of an external request from the user, or another
+ system or server in the Consumer's role. The processing is the same
+ as for an IOTP Server (see section 4.5.3).
+
+4.6.4 Retransmitting Messages
+
+ The process of retransmitting messages is the same as for an IOTP
+ Server (see section 4.5.4).
+
+5. Security Considerations
+
+ This section considers, from an IETF perspective how IOTP addresses
+ security. The next section (see section 6. Digital Signatures and
+ IOTP) describes how IOTP uses Digital Signatures when these are
+ needed.
+
+ This section covers:
+
+ o determining whether to use digital signatures
+
+ o data privacy, and
+
+ o payment protocol security.
+
+5.1 Determining whether to use digital signatures
+
+ The use of digital signatures within IOTP are entirely optional. IOTP
+ can work successfully entirely without the use of digital signatures.
+
+ Ultimately it is up to the Merchant, or other trading role, to decide
+ whether IOTP Messages will include signatures, and for the Consumer
+
+
+
+Burdett Informational [Page 74]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ to decide whether carrying out a transaction without signatures is an
+ acceptable risk. If Merchants discover that transactions without
+ signatures are not being accepted, then they will either:
+
+ o start using signatures,
+
+ o find a method of working which does not need signatures, or
+
+ o accept a lower volume and value of business.
+
+ A non-exhaustive list of the reasons why digital signatures might be
+ used follows:
+
+ o the Merchant (or other trading role) wants to demonstrate that
+ they can be trusted. If, for example, a merchant generates an
+ Offer Response Signature (see section 7.19.2) using a certificate
+ from a trusted third party, known to the Consumer, then the
+ Consumer can check the signature and certificate and so more
+ reasonably rely on the offer being from the actual Organisation
+ the Merchant claims to be. In this case signatures using
+ asymmetric cryptography are likely to be required
+
+ o the Merchant, or other Trading Role, want to generate a record of
+ the transaction that is fit for a particular purpose. For example,
+ with appropriate trust hierarchies, digital signatures could be
+ checked by the Consumer to determine:
+
+ - if it would be accepted by tax authorities as a valid record of
+ a transaction, or
+
+ - if some warranty, for example from a "Better Business Bureau"
+ orsimilar was being provided
+
+ o the Payment Handler, or Delivery Handler, needs to know that the
+ request is unaltered and authorised. For example, in IOTP, details
+ of how much to pay is sent to the Consumer in the Offer Response
+ and then forwarded to the Payment Handler in a Payment Request. If
+ the request is not signed, the Consumer could change the amount
+ due by, for example, removing a digit. If the Payment Handler has
+ no access to the original payment information in the Offer
+ Response, then, without signatures, the Payment Handler cannot be
+ sure that the data has not been altered. Similarly, if the payment
+ information is not digitally signed, the Payment Handler cannot be
+ sure who is the Merchant that is requesting the payment
+
+ o a Payment Handler or Delivery Handler wants to provide a non-
+ refutable record of the completion status of a Payment or
+ Delivery. If a Payment Response or Delivery Response is signed,
+
+
+
+Burdett Informational [Page 75]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ then the Consumer can later use the record of the Payment or
+ Delivery to prove that it occurred. This could be used, for
+ example, for customer care purposes.
+
+ A non-exhaustive list of the reasons why digital signatures might not
+ be used follows:
+
+ o trading roles are combined therefore changes to data made by the
+ consumer can be detected. One of the reasons for using signatures
+ is so that one trading role can determine if data has been changed
+ by the Consumer or some other party. However if the trading roles
+ have access to the necessary data, then it might be possible to
+ compare, for example, the payment information in the Payment
+ Request with the payment information in the Offer Response. Access
+ to the data necessary could be realised by, for example, the
+ Merchant and Payment Handler roles being carried out by the same
+ Organisation on the same system, or the Merchant and Payment
+ Handler roles being carried out on different systems but the
+ systems can communicate in some way. (Note this type of
+ communication is outside the current scope of IOTP)
+
+ o the processing cost of the cryptography is too high. For example,
+ if a payment is being made of only a few cents, the cost of
+ carrying out all the cryptography associated with generating and
+ checking digital signatures might make the whole transaction
+ uneconomic. Co-locating trading roles, could help avoid this
+ problem.
+
+5.2 Symmetric and Asymmetric Cryptography
+
+ The advantage of using symmetric keys with IOTP is that no Public Key
+ Infrastructure need be set up and just the Merchant, Payment Handler
+ and Delivery Handler need to agree on the shared secrets to use.
+
+ However the disadvantage of symmetric cryptography is that the
+ Consumer cannot easily check the credentials of the Merchant, Payment
+ Handler, etc. that they are dealing with. This is likely to reduce,
+ somewhat, the trust that the Consumer will have carrying out the
+ transaction.
+
+ However it should be noted that even if asymmetric cryptography is
+ being used, the Consumer does not NEED to be provided with any
+ digital certificates as the integrity of the transaction is
+ determined by, for example, the Payment Handler checking the Offer
+ Response Signature copied to the Payment Request.
+
+ Note that symmetric, asymmetric or both types of cryptography may be
+ used in a single transaction.
+
+
+
+Burdett Informational [Page 76]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+5.3 Data Privacy
+
+ Privacy of information is provided by sending IOTP Messages between
+ the various Trading Roles using a secure channel such as [SSL/TLS].
+ Use of a secure channel within IOTP is optional.
+
+5.4 Payment Protocol Security
+
+ IOTP is designed to be completely blind to the payment protocol being
+ used to effect a payment. From the security perspective, this means
+ that IOTP neither helps, nor hinders, the achievement of payment
+ security.
+
+ If it is necessary to consider payment security from an IOTP
+ perspective, then this should be included in the payment protocol
+ supplement which describes how IOTP supports that payment protocol.
+
+ However what IOTP is designed to do is to use digital signatures to
+ bind together the record, contained in a "response" message, of each
+ trading exchange in a transaction. For example IOTP can bind
+ together: an Offer, a Payment and a Delivery.
+
+6. Digital Signatures and IOTP
+
+ IOTP can work successfully without using any digital signatures
+ although in an open networking environment it will be less secure -
+ see 5. Security Considerations for a description of the factors that
+ need to be considered.
+
+ However, this section describes how to use digital signatures in the
+ many situations when they will be needed. Topics covered are:
+
+ o an overview of how IOTP uses digital signatures
+
+ o how to check a signature is correctly calculated
+
+ o how Payment Handlers and Delivery Handlers check they can carry
+ out payments or deliveries on behalf of a Merchant.
+
+6.1 How IOTP uses Digital Signatures
+
+ In general, signatures when used with IOTP:
+
+ o are always treated as IOTP Components (see section 7)
+
+ o contain digests of one or more IOTP Components or Trading Blocks,
+ possibly including other Signature Components, in any IOTP message
+ within the same IOTP Transaction
+
+
+
+Burdett Informational [Page 77]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o identify:
+
+ - which Organisation signed (originated) the signature, and
+
+ - which Organisation(s) should process the signature in order to
+ check that the Action the Organisation should take can occur.
+
+ Digital certificates may be associated with digital signatures if
+ asymmetric cryptography is being used. However if symmetric
+ cryptography is being used, then the digital certificate will be
+ replaced by some identifier of the secret key to use.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 78]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The way in which Signatures Components digest one or more elements is
+ illustrated in the figure below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ IOTP MESSAGE SIGNATURE COMPONENT
+
+ IOTP Message Signature Id = P1.3
+ |-Trans Ref Block digest TransRefBlk |-Manifest
+ | | ID=P1.1-----------------------------|->|-Digest of P1.1--
+ | |-Trans Id Comp digest TransIdComp | | |
+ | | ID = M1.2----------------------------|->|-Digest of M1.2--|
+ | |-Msg Id Comp. digest Signature | | |
+ | | ID = P1 -------------------|->|-Digest of M1.5--|
+ | | digest element | | |
+ |-Signatures Block | -----------------|->|-Digest of M1.7--|
+ | | ID=P1.2 | | digest element | | |
+ | |-Signature ID=P1.3 | | ---------------|->|-Digest of C1.4--|
+ | |-Signature ID=M1.5---- | | | | |
+ | |-Signature ID=P1.4 | | Points to | -RecipientInfo* |
+ | |-Certificate ID=M1.6<---|-|---------------|------CertRef=M1.6 |
+ | | | | Certs to use | Sig.ValueRef=P1.4 |
+ | | | | | | |
+ | | | | | | |
+ |-Trading Block. ID=P1.5 | | | v |
+ | |-Comp. ID=M1.7---------- | -Value* ID=P1.4: |
+ | | | JtvwpMdmSfMbhK<--
+ | |-Comp. ID=P1.6 | r1Ln3vovbMQttbBI
+ | | | J8pxLjoSRfe1o6k
+ | |-Comp. ID=C1.4------------ OGG7nTFzTi+/0<-
+ | |-Comp. ID=C1.5
+ Digital signature of Manifest element
+ using certificate identified by CertRef
+
+ Elements that are digested can be in any IOTP Message
+ within the same IOTP Transaction
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 10 Signature Digests
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 79]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note: The classic example of one signature signing another in IOTP,
+ is when an Offer is first signed by a Merchant creating an "Offer
+ Response" signature, which is then later signed by a Payment Handler
+ together with a record of the payment creating a "Payment Receipt"
+ signature. In this way, the payment in an IOTP Transaction is bound
+ to the Merchant's offer.
+
+ Note that one Manifest may be associated with multiple signature
+ "Value" elements where each Value element contains a digital
+ signature over the same Manifest, perhaps using the same (or
+ different) signature algorithm but using a different certificate or
+ shared secret key. Specifically it will allow the Merchant to agree
+ on different shared secrets keys with their Payment Handler and
+ Delivery Handler.
+
+ The detailed definitions of a Signature component are contained in
+ section 7.19.
+
+ The remainder of this section contains:
+
+ o an example of how IOTP uses signatures
+
+ o how the OriginatorInfo and RecipientInfo elements within a
+ Signature Component are used to identify the Organisations
+ associated with the signature
+
+ o how IOTP uses signatures to prove actions complete successfully
+
+6.1.1 IOTP Signature Example
+
+ An example of how signatures are used is illustrated in the figure
+ below which shows how the various components and elements in a
+ Baseline Purchase relate to one another. Refer to this example in the
+ later description of how signatures are used to check a payment or
+ delivery can occur (see section 6.3).
+
+ Note: A Baseline Purchase transaction has been used for illustration
+ purposes. The usage of the elements and attributes is the same for
+ all types of IOTP Transactions.
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 80]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+TPO SELECTION BLOCK TPO BLOCK IOTPSIGNATURE BLOCK
+ | (Offer Response)
+ Brand Selection Organisation<--- |------Signature
+ Component Component | | Component
+ | | | -Manifest
+ |BrandList -Trading Role | |
+ | Ref Element | Originator |-Orig.
+ v (Merchant) ------------|--Info
+ Brand List Ref |
+ >Component |
+ | |-Protocol ------> Organisation Recipient |-Recipient
+ | | Amount Elem | Component <------------------|--Info
+ | | | | | Refs |
+ | |Pay|Protocol |Action -Trading Role |
+ | | | Ref |OrgRef Element |
+ | | v | (Payment Handler) |
+ | -PayProtocol-- |
+ | Elem ->Organisation Recipient |-Recipient
+ | | Component <--------------------Info
+ | | | Refs
+ | | -Trading Role
+ | | Element
+ | | (Delivery Handler
+ |
+ | OFFER RESPONSE BLOCK
+ | |
+ |BrandListRef |ActionOrgRef
+ | |
+ --Payment ---Delivery
+ Component Component
+
+The Manifest element in the Signature Component contains digests of:
+the Trans Ref Block (not shown); the Transaction ID Component (not
+shown); Organisation Components (Merchant, Payment Handler, Delivery
+Handler); the Brand List Component; the Order Component, the Payment
+Component the Delivery Component and the Brand Selection Component (if a
+Brand Dependent Purchase).
+
+*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 11 Example use of Signatures for Baseline Purchase
+
+
+
+
+
+
+
+
+Burdett Informational [Page 81]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.1.2 OriginatorInfo and RecipientInfo Elements
+
+ The OriginatorRef attribute of the OriginatorInfo element in the
+ Signature Component contains an Element Reference (see section 3.5)
+ that points to the Organisation Component of the Organisation which
+ generated the Signature. In this example its the Merchant.
+
+ Note that the value of the content of the Attribute element with a
+ Type attribute set to IOTP Signature Type must match the Trading Role
+ of the Organisation which signed it. If it does not, then it is an
+ error. Valid combinations are given in the table below.
+
+ IOTP Signature Type Valid Trading Role
+
+ OfferResponse Merchant
+
+ PaymentResponse PaymentHandler
+
+ DeliveryResponse DeliveryHandler
+
+ AuthenticationRequest any role
+
+ AuthenticationResponse any role
+
+ PingRequest any role
+
+ PingResponse any role
+
+ The RecipientRefs attribute of the RecipientInfo element in the
+ Signature Component contains Element References to the Organisation
+ Components of the Organisations that should use the signature to
+ verify that:
+
+ o they have a pre-existing relationship with the Organisation that
+ generated the signature,
+
+ o the data which is secured by the signature has not been changed,
+
+ o the data has been signed correctly, and
+
+ o the action they are required to undertake on behalf of the
+ Merchant is therefore authorised.
+
+ Note that if symmetric cryptography is being used then a separate
+ RecipientInfo and Value elements for each different set of shared
+ secret keys are likely within the Signature Component.
+
+
+
+
+
+Burdett Informational [Page 82]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Alternatively if asymmetric cryptography is being used then the
+ RecpientRefs attribute of one RecipientInfo element may refer to
+ multiple Organisation Components if they are all using the same
+ certificates.
+
+6.1.3 Using signatures to Prove Actions Complete Successfully
+
+ Proving an action completed successfully, is achieved by signing data
+ on Response messages. Specifically:
+
+ o on the Offer Response, when a Merchant is making an Offer to the
+ Consumer which can then be sent to either:
+
+ - a Payment Handler to prove that the Merchant authorises
+ Payment, or
+
+ - a Delivery Handler to prove that Merchant authorises Delivery,
+ provided other necessary authorisations are complete (see
+ below)
+
+ o on the Payment Response, when a Payment Handler is generating a
+ Payment Receipt which can be sent to either:
+
+ - a Delivery Handler, in a Delivery Request Block to authorise
+ Delivery together with the Offer Response signature, or
+
+ - another Payment Handler, in a second Payment Request, to
+ authorise the second payment in a Value Exchange IOTP
+ Transaction
+
+ o Delivery Response, when a Delivery Handler is generating a
+ Delivery Note. This can be used to prove after the event what the
+ Delivery Handler said they would do
+
+ o Authentication Response. One method of authenticating another
+ party to a trade is to send an Authentication Request specifying
+ that a Digital Signature should be used for authentication
+
+ o Transaction Status Inquiry. The Inquiry Response Block may be
+ digitally signed to attest to the authenticity of the response
+
+ o Ping. The Ping Response may be digitally signed so that checks can
+ be made that the signature can be understood.
+
+ This proof of an action may, in future versions of IOTP, also be used
+ to prove after the event that the IOTP transaction occurred. For
+ example to a Customer Care Provider.
+
+
+
+
+Burdett Informational [Page 83]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.2 Checking a Signature is Correctly Calculated
+
+ Checking a signature is correctly calculated is part of checking for
+ Message Level Errors (see section 4.3.2). It is included here so that
+ all signature and security related considerations are kept together.
+
+ Before a Trading Role can check a signature it must identify which of
+ the potentially multiple Signature elements should be checked. The
+ steps involved are as follows:
+
+ o check that a Signature Block is present and it contains one or
+ more Signature Components
+
+ o identify the Organisation Component which contains an OrgId
+ attribute for the Organisation which is carrying out the signature
+ check. If no or more than one Organisation Component is found then
+ it is an error
+
+ o use the ID attribute of the Organisation Component to find the
+ RecipientInfo element that contains a RecipientRefs attribute that
+ refers to that Organisation Component. Note there may be no
+ signatures to verify
+
+ o check the Signature Component that contains the identified
+ RecipientInfo element as follows:
+
+ - use the SignatureValueRef and the SignatureAlgorithmRef
+ attributes to identify, respectively: the Value element that
+ contains the signature to be checked and the Signature
+ Algorithm element that describes the signature algorithm to be
+ used to verify the Signature, then
+
+ - if the Signature Algorithm element indicates that asymmetric
+ cryptography is being used then use the SignatureCertRef to
+ identify the Certificate to be used by the signature algorithm
+
+ - if Signature Algorithm element indicates that symmetric
+ cryptography is being used then the content of the
+ RecipientInfo element is used to identify the correct shared
+ secret key to use
+
+ - use the specified signature algorithm to check that the Value
+ Element correctly signs the Manifest Element
+
+ - check that the Digest Elements in the Manifest Element are
+ correctly calculated where Components or Blocks referenced by
+ the Digest have been received by the Organisation checking the
+ signature.
+
+
+
+Burdett Informational [Page 84]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.3 Checking a Payment or Delivery can occur
+
+ This section describes the processes required for a Payment Handler
+ or Delivery Handler to check that a payment or delivery can occur.
+ This may include checking signatures if this is specified by the
+ Merchant.
+
+ In outline the steps are:
+
+ o check that the Payment Request or Delivery Request has been sent
+ to the correct Organisation
+
+ o check that correct IOTP components are present in the request, and
+
+ o check that the payment or delivery is authorised
+
+ For clarity and brevity the following terms or phrases are used in
+ this section:
+
+ o a "Request Block" is used to refer to either a Payment Request
+ Block (see section 8.7) or a Delivery Request Block (see section
+ 8.10) unless specified to the contrary
+
+ o a "Response Block" is used to refer to either a Payment Response
+ Block (see section 8.9) or a Delivery Response Block (see section
+ 8.11)
+
+ o an "Action" is used to refer to an action which occurs on receipt
+ of a Request Block. Actions can be either a Payment or a Delivery
+
+ o an "Action Organisation", is used to refer to the Payment Handler
+ or Delivery Handler that carries out an Action
+
+ o a "Signer of an Action", is used to refer to the Organisations
+ that sign data about an Action to authorise the Action, either in
+ whole or in part
+
+ o a "Verifier of an Action", is used to refer to the Organisations
+ that verify data to determine if they are authorised to carry out
+ the Action
+
+ o an ActionOrgRef attribute contains Element References which can be
+ used to identify the "Action Organisation" that should carry out
+ an Action
+
+
+
+
+
+
+
+Burdett Informational [Page 85]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.3.1 Check Request Block sent Correct Organisation
+
+ Checking the Request Block was sent to the correct Organisation
+ varies depending on whether the request refers to a Payment or a
+ Delivery.
+
+6.3.1.1 Payment
+
+ In outline a Payment Handler checks if it can accept or make a
+ payment by identifying the Payment Component in the Payment Request
+ Block it has received, then using the ID of the Payment Component to
+ track through the Brand List and Brand Selection Components to
+ identify the Organisation selected by the Consumer and then checking
+ that this Organisation is itself.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 86]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The way data is accessed to do this is illustrated in the figure
+ below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Start
+ |
+ v
+ Brand List<--------------------------+-----------Payment
+ Component BrandListRef | Component
+ | |
+ |-Brand<-------------------------- |
+ | Element BrandRef | |
+ | | Brand Selection
+ | |Protocol Component
+ | | AmountRefs | |
+ | v Protocol | |
+ |-Protocol Amount<---------------- |
+ | Element---------- AmountRef |
+ | | | |
+ | |Currency |Pay |
+ | | AmountRefs |Protocol |
+ | v |Ref |
+ |-Currency Amount | |
+ | Element<---------|----------------
+ | |
+ -PayProtocol<-----
+ Element---------------------->Organisation
+ Action Component
+ OrgRef |
+ -Trading Role
+ Element
+ (Payment Handler)
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 12 Checking a Payment Handler can carry out a Payment
+
+ The following describes the steps involved and the checks which need
+ to be made:
+
+ o Identify the Payment Component (see section 7.9) in the Payment
+ Request Block that was received.
+
+ o Identify the Brand List and Brand Selection Components for the
+ Payment Component. This involves:
+
+
+
+
+
+
+Burdett Informational [Page 87]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - identifying the Brand List Component (see section 7.7) where
+ the value of its ID attribute matches the BrandListRef
+ attribute of the Payment Component. If no or more than one
+ Brand List Component is found there is an error.
+
+ - identifying the Brand Selection Component (see section 7.8)
+ where the value of its BrandListRef attribute matches the
+ BrandListRef of the Payment Component. If no or more than one
+ matching Brand Selection Component is found there is an error.
+
+ o Identify the Brand, Protocol Amount, Pay Protocol and Currency
+ Amount elements within the Brand List that have been selected by
+ the Consumer as follows:
+
+ - the Brand Element (see section 7.7.1) selected is the element
+ where the value of its Id attribute matches the value of the
+ BrandRef attribute in the Brand Selection. If no or more than
+ one matching Brand Element is found then there is an error.
+
+ - the Protocol Amount Element (see section 7.7.3) selected is the
+ element where the value of its Id attribute matches the value
+ of the ProtocolAmountRef attribute in the Brand Selection
+ Component. If no or more than one matching Protocol Amount
+ Element is found there is an error
+
+ - the Pay Protocol Element (see section 7.7.5) selected is the
+ element where the value of its Id attribute matches the value
+ of the PayProtocolRef attribute in the identified Protocol
+ Amount Element. If no or more than one matching Pay Protocol
+ Element is found there is an error
+
+ - the Currency Amount Element (see section 7.7.4) selected is the
+ element where the value of its Id attribute matches the value
+ of the CurrencyAmountRef attribute in the Brand Selection
+ Component. If no or more than one matching Currency Amount
+ element is found there is an error
+
+ o Check the consistency of the references in the Brand List and
+ Brand Selection Components:
+
+ - check that an Element Reference exists in the
+ ProtocolAmountRefs attribute of the identified Brand Element
+ that matches the Id attribute of the identified Protocol Amount
+ Element. If no or more than one matching Element Reference can
+ be found there is an error
+
+
+
+
+
+
+Burdett Informational [Page 88]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - check that the CurrencyAmountRefs attribute of the identified
+ Protocol Amount element contains an element reference that
+ matches the Id attribute of the identified Currency Amount
+ element. If no or more than one matching Element Reference is
+ found there is an error.
+
+ - check the consistency of the elements in the Brand List.
+ Specifically, the selected Brand, Protocol Amount, Pay Protocol
+ and Currency Amount Elements are all child elements of the
+ identified Brand List Component. If they are not there is an
+ error.
+
+ o Check that the Payment Handler that received the Payment Request
+ Block is the Payment Handler selected by the Consumer. This
+ involves:
+
+ - identifying the Organisation Component for the Payment Handler.
+ This is the Organisation Component where its ID attribute
+ matches the ActionOrgRef attribute in the identified Pay
+ Protocol Element. If no or more than one matching Organisation
+ Component is found there is an error
+
+ - checking the Organisation Component has a Trading Role Element
+ with a Role attribute of PaymentHandler. If not there is an
+ error
+
+ - finally, if the identified Organisation Component is not the
+ same as the Organisation that received the Payment Request
+ Block, then there is an error.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 89]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.3.1.2 Delivery
+
+ The way data is accessed by a Delivery Handler in order to check that
+ it may carry out a delivery is illustrated in the figure below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Start
+ |
+ v
+ Delivery
+ Component
+ |
+ |ActionOrgRef
+ |
+ v
+ Organisation
+ Component
+ |
+ -Trading Role
+ Element
+ (Delivery Handler)
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 13 Checking a Delivery Handler can carry out a Delivery
+
+ The steps involved are as follows:
+
+ o Identify the Delivery Component in the Delivery Request Block. If
+ there is no or more than one matching Delivery Component there is
+ an error
+
+ o Use the ActionOrgRef attribute of the Delivery Component to
+ identify the Organisation Component of the Delivery Handler. If
+ there is no or more than one matching Organisation Component there
+ is an error
+
+ o If the Organisation Component for the Delivery Handler does not
+ have a Trading Role Element with a Role attribute of
+ DeliveryHandler there is an error
+
+ o Finally, if the Organisation that received the Delivery Request
+ Block does not identify the Organisation Component for the
+ Delivery Handler as itself, then there is an error.
+
+
+
+
+
+
+
+Burdett Informational [Page 90]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+6.3.2 Check Correct Components present in Request Block
+
+ Check that the correct components are present in the Payment Request
+ Block (see section 8.7) or in the Delivery Request Block (see section
+ 8.10).
+
+ If components are missing, there is an error.
+
+6.3.3 Check an Action is Authorised
+
+ The previous steps identified the Action Organisation and that all
+ the necessary components are present. This step checks that the
+ Action Organisation is authorised to carry out the Action.
+
+ In outline the Action Organisation will identifies the Merchant,
+ checks that it has a pre-existing agreement with the Merchant that
+ allows it carry out the Action and that any constraints implied by
+ that agreement are being followed, then, if signatures are required,
+ it checks that they sign the correct data.
+
+ The steps involved are as follows:
+
+ o Identify the Merchant. This is the Organisation Component with a
+ Trading Role Element which has a Role attribute with a value of
+ Merchant. If no or more than one Trading Role Element is found,
+ there is an error
+
+ o Check the Action Organisation's agreements with the Merchant
+ allows the Action to be carried out. To do this the Action
+ Organisation must check that:
+
+ - the Merchant is known and a pre-existing agreement exists for
+ the Action Organisation to be their agent for the payment or
+ delivery
+
+ - they are allowed to take part in the type of IOTP transaction
+ that is occurring. For example a Payment Handler may have
+ agreed to accept payments as part of a Baseline Purchase, but
+ not make payments as part of a Baseline Refund
+
+ - any constraints in their agreement with the Merchant are being
+ followed, for example, whether or not an Offer Response
+ signature is required
+
+ o Check the signatures are correct. If signatures are required then
+ they need to be checked. This involves:
+
+
+
+
+
+Burdett Informational [Page 91]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - Identifying the correct signatures to check. This involves the
+ Action Organisation identifying the Signature Components that
+ contain references to the Action Organisation (see 6.3.1).
+ Depending on the IOTP Transaction being carried out (see
+ section 9) either one or two signatures may be identified
+
+ - checking that the Signature Components are correct. This
+ involves checking that Digest elements exist within the
+ Manifest Element that refer to the necessary Trading Components
+ (see section 6.3.3.1).
+
+6.3.3.1 Check the Signatures Digests are correct
+
+ All Signature Components contained within IOTP Messages must include
+ Digest elements that refer to:
+
+ o the Transaction Id Component (see section 3.3.1) of the IOTP
+ message that contains the Signature Component. This binds the
+ globally unique IotpTransId to other components which make up the
+ IOTP Transaction
+
+ o the Transaction Reference Block (see section 3.3) of the first
+ IOTP Message that contained the signature. This binds the
+ IotpTransId with information about the IOTP Message contained
+ inside the Message Id Component (see section 3.3.2).
+
+ Check that each Signature Component contains Digest elements that
+ refer to the correct data required.
+
+ The Digest elements that need to be present depend on the Trading
+ Role of the Organisation which generated (signed) the signature:
+
+ o if the signer of the signature is a Merchant then:
+
+ - Digest elements must be present for all the components in the
+ Request Block apart from the Brand Selection Component which is
+ optional
+
+ o if the signer of the signature is a Payment Handler then Digest
+ elements must be present for:
+
+ - the Signature Component signed by the Merchant, and optionally
+
+ - one or more Signature Components signed by the previous Payment
+ Handler(s) in the Transaction.
+
+
+
+
+
+
+Burdett Informational [Page 92]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7. Trading Components
+
+ This section describes the Trading Components used within IOTP.
+ Trading Components are the child XML elements which occur immediately
+ below a Trading Block as illustrated in the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 93]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ IOTP MESSAGE <----------- IOTP Message - an XML Document
+ | which is transported between the
+ | Trading Roles
+ |-Trans Ref Block <----- Trans Ref Block - contains
+ | | information which describes the
+ | | IOTP Transaction and the IOTP
+ Message.
+ --------> | |-Trans Id Comp. <--- Transaction Id Component -
+ | | | uniquely identifies the IOTP
+ | | | Transaction. The Trans Id
+ | | | Components are the same across
+ | | | all IOTP messages that comprise
+ | | | a single IOTP transaction.
+ | | |-Msg Id Comp. <----- Message Id Component -
+ | | identifies and describes an IOTP
+ | | Message within an IOTP
+ | | Transaction
+ | |-Signature Block <----- Signature Block (optional) -
+ | | | contains one or more Signature
+ | | | Components and their associated
+ | | | Certificates
+ | ---> | |-Signature Comp. <-- Signature Component - contains
+ | | | | digital signatures. Signatures
+ | | | | may sign digests of the Trans Ref
+ | | | | Block and any Trading Component
+ | | | | in any IOTP Message in the same
+ | | | | IOTP Transaction.
+ | | | |-Certificate Comp. <- Certificate Component. Used to
+ | | | check the signature.
+ Trading |-Trading Block <-------- Trading Block - an XML Element
+ Components | |-Trading Comp. within an IOTP Message that
+ | | | |-Trading Comp. contains a predefined set of
+ | ---> | |-Trading Comp. Trading Components
+ | | |-Trading Comp.
+ | | |-Trading Comp. <----- Trading Components - XML
+ | | Elements within a Trading Block
+ | |-Trading Block that contain a predefined set of
+ --------> | |-Trading Comp. XML elements and attributes
+ | |-Trading Comp. containing information required
+ | |-Trading Comp. to support a Trading Exchange
+ | |-Trading Comp.
+ | |-Trading Comp.
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 14 Trading Components
+
+
+
+
+Burdett Informational [Page 94]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The Trading Components described in this section are listed below in
+ approximately the sequence they are likely to be used:
+
+ o Protocol Options Component
+
+ o Authentication Request Component
+
+ o Authentication Response Component
+
+ o Trading Role Information Request Component
+
+ o Order Component
+
+ o Organisation Component
+
+ o Brand List Component
+
+ o Brand Selection Component
+
+ o Payment Component
+
+ o Payment Scheme Component
+
+ o Payment Receipt Component
+
+ o Delivery Component
+
+ o Delivery Data Component
+
+ o Delivery Note Component
+
+ o Signature Component
+
+ o Certificate Component
+
+ o Error Component
+
+ Note that the following components are listed in other sections of
+ this specification:
+
+ o Transaction Id Component (see section 3.3.1)
+
+ o Message Id Component (see section 3.3.2)
+
+
+
+
+
+
+
+
+Burdett Informational [Page 95]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.1 Protocol Options Component
+
+ Protocol options are options which apply to the IOTP Transaction as a
+ whole. Essentially it provides a short description of the entire
+ transaction and the net location which the Consumer role should
+ branch to if the IOTP Transaction is successful.
+
+ The definition of a Protocol Options Component is as follows.
+
+ <!ELEMENT ProtocolOptions EMPTY >
+ <!ATTLIST ProtocolOptions
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ SenderNetLocn CDATA #IMPLIED
+ SecureSenderNetLocn CDATA #IMPLIED
+ SuccessNetLocn CDATA #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Protocol Options Component within the IOTP
+ Transaction.
+
+ Xml:lang Defines the language used by attributes or child
+ elements within this component, unless
+ overridden by an xml:lang attribute on a child
+ element. See section 3.8 Identifying Languages.
+
+ ShortDesc This contains a short description of the IOTP
+ Transaction in the language defined by xml:lang.
+ Its purpose is to provide an explanation of what
+ type of IOTP Transaction is being conducted by
+ the parties involved.
+
+ It is used to facilitate selecting an individual
+ transaction from a list of similar transactions,
+ for example from a database of IOTP transactions
+ which has been stored by a Consumer, Merchant,
+ etc.
+
+ SenderNetLocn This contains the non secured net location of
+ the sender of the TPO Block in which the
+ Protocol Options Component is contained.
+
+ It is the net location to which the recipient of
+ the TPO block should send a TPO Selection Block
+ if required.
+
+
+
+Burdett Informational [Page 96]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The content of this attribute is dependent on
+ the Transport Mechanism see the Transport
+ Mechanism Supplement.
+
+ SecureSenderNetLocn This contains the secured net location of the
+ sender of the TPO Block in which the Protocol
+ Options Component is contained.
+
+ The content of this attribute is dependent on
+ the Transport Mechanism see the Transport
+ Mechanism Supplement.
+
+ SuccessNetLocn This contains the net location that should be
+ displayed after the IOTP Transaction has
+ successfully completed.
+
+ The content of this attribute is dependent on
+ the Transport Mechanism see the Transport
+ Mechanism Supplement.
+
+ Either SenderNetLocn, SecureSenderNetLocn or both must be present.
+
+7.2 Authentication Request Component
+
+ This Trading Component contains parameter data that is used in an
+ Authentication of one Trading Role by another. Its definition is as
+ follows.
+
+ <!ELEMENT AuthReq (Algorithm, PackagedContent*)>
+ <!ATTLIST AuthReq
+ ID ID #REQUIRED
+ AuthenticationId CDATA #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ If required the Algorithm may use the challenge data, contained in
+ the Packaged Content elements within the Authentication Request
+ Component in its calculation. The format of the Packaged Contents are
+ Algorithm dependent.
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Authentication Request Component within the IOTP
+ Transaction.
+
+ AuthenticationId An identifier specified by the Authenticator
+ which, if returned by the Organisation that
+ receives the Authentication Request, will enable
+
+
+
+Burdett Informational [Page 97]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the Authenticator to identify which Authentication
+ is being referred to.
+
+ ContentSoftwareId See section 14.Glossary
+
+ Content:
+
+ PackagedContent This contains the challenge data as one or more
+ Packaged Content (see section 3.7) that is to be
+ responded to using the Algorithm defined by the
+ Algorithm element.
+
+ Algorithm This contains information which describes the
+ Algorithm (see 7.19 Signature Components) that
+ must be used to generate the Authentication
+ Response.
+
+ The Algorithms that may be used are identified by
+ the Name attribute of the Algorithm element. For
+ valid values see section 12. IANA Considerations.
+
+7.3 Authentication Response Component
+
+ The Authentication Response Component contains the results of an
+ authentication request. It uses the Algorithm contained in the
+ Authentication Request Component (see section 7.2) selected from the
+ Authentication Request Block (see section 8.4).
+
+ Depending on the Algorithm selected, the results of applying the
+ algorithm will either be contained in a Signature Component that
+ signs both the Authentication Response and potentially other data, or
+ in the Packaged Content elements within the Authentication Response
+ Component. Its definition is as follows.
+
+ <!ELEMENT AuthResp (PackagedContent*) >
+ <!ATTLIST AuthResp
+ ID ID #REQUIRED
+ AuthenticationId CDATA #REQUIRED
+ SelectedAlgorithmRef NMTOKEN #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Authentication Response Component within the
+ IOTP Transaction.
+
+
+
+
+
+Burdett Informational [Page 98]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ AuthenticationId The Authentication identifier specified by the
+ Authenticator that was included in the
+ Authentication Request Component(see section
+ 7.2). This will enable the Authenticator to
+ identify the Authentication that is being
+ referred to.
+
+ SelectedAlgorithmRef An Element Reference that identifies the
+ Algorithm element used to generate the
+ Authentication Response.
+
+ ContentSoftwareId See section 14.Glossary.
+
+ Content:
+
+ PackagedContent This may contain the response generated as a
+ result of applying the Algorithm selected from the
+ Authentication Request Component see section 7.2.
+
+ For example, for a payment specific scheme, it may
+ contain scheme-specific data. Refer to the scheme-
+ specific supplemental documentation for
+ definitions of its content.
+
+7.4 Trading Role Information Request Component
+
+ This Trading Component contains a list of Trading Roles (see section
+ 2.1) about which information is being requested. The result of a
+ Trading Role Request is a set of Organisation Components (see section
+ 7.6) that describe each of the Trading Roles requested.
+
+ Example usage includes:
+
+ o a Merchant requesting that a Consumer provides Organisation
+ Components for the Consumer and DelivTo Trading Roles
+
+ o a Consumer requesting from a Merchant, information about the
+ Payment Handlers and Delivery Handlers that the Merchant uses.
+
+ Its definition is as follows.
+
+ <!ELEMENT TradingRoleInfoReq EMPTY>
+ <!ATTLIST TradingRoleInfoReq
+ ID ID #REQUIRED
+ TradingRoleList NMTOKENS #REQUIRED >
+
+
+
+
+
+
+Burdett Informational [Page 99]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Trading Role Information Request Component within
+ the IOTP Transaction.
+
+ TradingRoleList Contains a list of one or more Trading Roles (see
+ the TradingRole attribute of the Trading Role
+ Element - section 7.6.2) for which information is
+ being requested.
+
+7.5 Order Component
+
+ An Order Component contains information about an order. Its
+ definition is as follows.
+
+ <!ELEMENT Order (PackagedContent*) >
+ <!ATTLIST Order
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ OrderIdentifier CDATA #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ ApplicableLaw CDATA #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Order
+ Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ OrderIdentifier This is a code, reference number or other
+ identifier which the creator of the Order may use
+ to identify the order. It must be unique within an
+ IOTP Transaction. If it is used in this way, then
+ it may remove the need to specify any content for
+ the Order element as the reference can be used to
+ look up the necessary information in a database.
+
+ ShortDesc A short description of the order in the language
+ defined by xml:lang. It is used to facilitate
+ selecting an individual order from a list of
+
+
+
+Burdett Informational [Page 100]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ orders, for example from a database of orders
+ which has been stored by a Consumer, Merchant,
+ etc.
+
+ OkFrom The date and time in [UTC] format after which the
+ offer made by the Merchant lapses.
+
+ OkTo The date and time in [UTC] format before which a
+ Value Acquirer may accept the offer made by the
+ Merchant is not valid.
+
+ ApplicableLaw A phrase in the language defined by xml:lang which
+ describes the state or country of jurisdiction
+ which will apply in resolving problems or
+ disputes.
+
+ ContentSoftwareId See section 14.Glossary.
+
+ Content:
+
+ PackagedContent An optional description of the order information
+ as one or more Packaged Contents (see section
+ 3.7).
+
+7.5.1 Order Description Content
+
+ The Packaged Content element will normally be required, however it
+ may be omitted where sufficient information about the purchase can be
+ provided in the ShortDesc attribute. If the full Order Description
+ requires it several Packaged Content elements may be used.
+
+ Although the amount and currency are likely to appear in the Packaged
+ Content of the Order Description it is the amount and currency
+ contained in the payment related trading components (Brand List,
+ Brand Selection and Payment) that is authoritative. This means it is
+ important that the amount actually being paid (as contained in the
+ payment related trading components) is prominently displayed to the
+ Consumer.
+
+ For interoperability, implementations must support Plain Text, HTML
+ and XML as a minimum so that it can be easily displayed.
+
+7.5.2 OkFrom and OkTo Timestamps
+
+ Note that:
+
+ o the OkFrom date may be later than the OkFrom date on the Payment
+ Component (see section 7.9) associated with this order, and
+
+
+
+Burdett Informational [Page 101]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o similarly, the OkTo date may be earlier that the OkTo date on the
+ Payment Component (see section 7.9).
+
+ Note: Disclaimer. The following information provided in this note
+ does not represent formal advice of any of the authors of this
+ specification. Readers of this specification must form their own
+ views and seek their own legal counsel on the usefulness and
+ applicability of this information.
+
+ The merchant in the context of Internet commerce with anonymous
+ consumers initially frames the terms of the offer on the web page,
+ and in order to obtain the goods or services, the consumer must
+ accept them.
+
+ If there is to be a time-limited offer, it is recommended that
+ merchants communicate this to the consumer and state in the order
+ description in a manner which is clear to the consumer that:
+
+ o the offer is time limited
+
+ o the OkFrom and OkTo timestamps specify the validity of the offer
+
+ o the clock, e.g., the merchant's clock, that will be used to
+ determine the validity of the offer
+
+ Also note that although the OkFrom and OkTo dates are likely to
+ appear in the Packaged Content of the Order Description it is the
+ dates contained in the Order Component that is authoritative. This
+ means it is important that the OkFrom and OkTo dates actually being
+ used is prominently displayed to the Consumer.
+
+7.6 Organisation Component
+
+ The Organisation Component provides information about an individual
+ or an Organisation. This can be used for a variety of purposes. For
+ example:
+
+ o to describe the merchant who is selling the goods,
+
+ o to identify who made a purchase,
+
+ o to identify who will take delivery of goods,
+
+ o to provide a customer care contact,
+
+ o to describe who will be the Payment Handler.
+
+
+
+
+
+Burdett Informational [Page 102]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note that the Organisation Components which must be present in an
+ IOTP Message are dependent on the particular transaction being
+ carried out. Refer to section 9. Internet Open Trading Protocol
+ Transactions, for more details.
+
+ Its definition is as follows.
+
+ <!ELEMENT Org (TradingRole+, ContactInfo?,
+ PersonName?, PostalAddress?)>
+ <!ATTLIST Org
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ OrgId CDATA #REQUIRED
+ LegalName CDATA #IMPLIED
+ ShortDesc CDATA #IMPLIED
+ LogoNetLocn CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Organisation Component within the IOTP
+ Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ OrgId A code which identifies the Organisation described
+ by the Organisation Component. See 7.6.1
+ Organisation IDs, below.
+
+ LegalName For Organisations which are companies this is
+ their legal name in the language defined by
+ xml:lang. It is required for Organisations who
+ have a Trading Role other than Consumer or
+ DelivTo.
+
+ ShortDesc A short description of the Organisation in the
+ language defined by xml:lang. It is typically the
+ name by which the Organisation is commonly known.
+ For example, if the legal name was "Blue Meadows
+ Financial Services Inc.". Then its short name
+ would likely be "Blue Meadows".
+
+ It is used to facilitate selecting an individual
+ Organisation from a list of Organisations, for
+ example from a database of Organisations involved
+
+
+
+Burdett Informational [Page 103]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ in IOTP Transactions which has been stored by a
+ consumer.
+
+ LogoNetLocn The net location which can be used to download the
+ logo for the Organisation.
+
+ See section 10 Retrieving Logos.
+
+ The content of this attribute must conform to
+ [RFC1738].
+
+ Content:
+
+ TradingRole See 7.6.2 Trading Role Element below.
+
+ ContactInfo See 7.6.3 Contact Information Element below.
+
+ PersonName See 7.6.4 Person Name below.
+
+ PostalAddress See 7.6.5 Postal Address below.
+
+7.6.1 Organisation IDs
+
+ Organisation IDs are used by one IOTP Trading Role to identify
+ another. In order to avoid confusion, this means that these IDs must
+ be globally unique.
+
+ In principle this is achieved in the following way:
+
+ o the Organisation Id for all trading roles, apart from the Consumer
+ Trading Role, uses a domain name as their globally unique
+ identifier,
+
+ o the Organisation Id for a Consumer Trading Role is allocated by
+ one of the other Trading Roles in an IOTP Transaction and is made
+ unique by concatenating it with that other roles' Organisation Id,
+
+ o once a Consumer is allocated an Organisation Id within an IOTP
+ Transaction the same Organisation Id is used by all the other
+ trading roles in that IOTP transaction to identify that Consumer.
+
+ Specifically, the content of the Organisation ID is defined as
+ follows:
+
+ OrgId ::= NonConsumerOrgId | ConsumerOrgId
+ NonConsumerOrgId ::= DomainName
+ ConsumerOrgId ::= ConsumerOrgIdPrefix (namechar)+ "/" NonConsumerOrgId
+ ConsumerOrgIdPrefix ::= "Consumer:"
+
+
+
+Burdett Informational [Page 104]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ConsumerOrgId The Organisation ID for a Consumer consists of:
+ o a standard prefix to identify that the
+ Organisation Id is for a consumer, followed by
+
+ o one or more characters which conform to the
+ definition of an XML "namechar". See [XML]
+ specifications, followed by
+ o the NonConsumerOrgId for the Organisation
+ which allocated the ConsumerOrgId. It is
+ normally the Merchant role.
+
+ Use of upper and lower case is not significant.
+
+ NonConsumerOrgId If the Role is not Consumer then this contains the
+ Canonical Name for the non-consumer Organisation
+ being described by the Organisation Component. See
+ [DNS] optionally followed by additional
+ characters, if required, to make the
+ NonConsumerOrgId unique.
+
+ Note that a NonConsumerOrgId may not start with
+ the ConsumerOrgIdPrefix.
+
+ Use of upper and lower case is not significant.
+
+ Examples of Organisation Ids follow:
+
+ o newjerseybooks.com - a merchant Organisation id
+
+ o westernbank.co.uk - a Payment Handler Organisation id
+
+ o consumer:1000247ABH/newjerseybooks.com - a consumer Organisation
+ id allocated by a merchant
+
+7.6.2 Trading Role Element
+
+ This identifies the Trading Role of an individual or Organisation in
+ the IOTP Transaction. Note, an Organisation may have more than one
+ Trading Role and several roles may be present in one Organisation
+ element. Its definition is as follows:
+
+ <!ELEMENT TradingRole EMPTY >
+ <!ATTLIST TradingRole
+ ID ID #REQUIRED
+ TradingRole NMTOKEN #REQUIRED
+ IotpMsgIdPrefix NMTOKEN #REQUIRED
+ CancelNetLocn CDATA #IMPLIED
+ ErrorNetLocn CDATA #IMPLIED
+
+
+
+Burdett Informational [Page 105]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ErrorLogNetLocn CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Trading Role Element within the IOTP Transaction.
+
+ TradingRole The trading role of the Organisation. Valid values
+ are:
+ o Consumer. The person or Organisation that is
+ acting in the role of a consumer in the IOTP
+ Transaction.
+ o Merchant. The person or Organisation that is
+ acting in the role of merchant in the IOTP
+ Transaction.
+ o PaymentHandler. The financial institution or
+ other Organisation which is a Payment Handler
+ for the IOTP Transaction
+ o DeliveryHandler. The person or Organisation
+ that is the delivering the goods or services
+ for the IOTP Transaction
+ o DelivTo. The person or Organisation that is
+ receiving the delivery of goods or services in
+ the IOTP Transaction
+ o CustCare. The Organisation and/or individual
+ who will provide customer care for an IOTP
+ Transaction.
+
+ Values of TradingRole are controlled under the
+ procedures defined in section 12 IANA
+ Considerations which also allows user defined
+ values to be defined.
+
+ IotpMsgIdPrefix Contains the prefix which must be used for all
+ IOTP Messages sent by the Trading Role in this
+ IOTP Transaction. The values to be used are
+ defined in 3.4.1 IOTP Message ID Attribute
+ Definition.
+
+ CancelNetLocn This contains the net location of where the
+ Consumer should go to if the Consumer cancels the
+ transaction for some reason. It can be used by the
+ Trading Role to provide a response which is more
+ tailored to the circumstances of a particular
+ transaction.
+
+
+
+
+
+
+Burdett Informational [Page 106]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ This attribute:
+ o must not be present when TradingRole is set to
+ Consumer role or DelivTo,
+
+ o must be present when TradingRole is set to
+ Merchant, PaymentHandler or DeliveryHandler.
+
+ The content of this attribute is dependent on the
+ Transport Mechanism see the Transport Mechanism
+ Supplement.
+
+ ErrorNetLocn This contains the net location that should be
+ displayed by the Consumer after the Consumer has
+ either received or generated an Error Block
+ containing an Error Component with the Severity
+ attribute set to either:
+ o HardError,
+ o Warning but the Consumer decides to not
+ continue with the transaction
+ o TransientError and the transaction has
+ subsequently timed out.
+
+ See section 7.21.1 Error Processing Guidelines for
+ more details.
+
+ This attribute:
+ o must not be present when TradingRole is set to
+ Consumer or DelivTo,
+ o must be present when TradingRole is set to
+ Merchant, PaymentHandler or DeliveryHandler.
+
+ The content of this attribute is dependent on the
+ Transport Mechanism see the Transport Mechanism
+ Supplement.
+
+ ErrorLogNetLocn Optional. This contains the net location that
+ Consumers should send IOTP Messages that contain
+ Error Blocks with an Error Component with the
+ Severity attribute set to either:
+ o HardError,
+ o Warning but the Consumer decides to not
+ continue with the transaction
+ o TransientError and the transaction has
+ subsequently timed out.
+
+ This attribute:
+ o must not be present when TradingRole is set to
+ Consumer role,
+
+
+
+Burdett Informational [Page 107]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o must be present when TradingRole is set to
+ Merchant, PaymentHandler or DeliveryHandler.
+
+ The content of this attribute is dependent on the
+ Transport Mechanism see the Transport Mechanism
+ Supplement.
+
+ The ErrorLogNetLocn can be used to send error
+ messages to the software company or some other
+ Organisation responsible for fixing problems in
+ the software which sent the incoming message. See
+ section 7.21.1 Error Processing Guidelines for
+ more details.
+
+7.6.3 Contact Information Element
+
+ This contains information which can be used to contact an
+ Organisation or an individual. All attributes are optional however at
+ least one item of contact information should be present. Its
+ definition is as follows.
+
+ <!ELEMENT ContactInfo EMPTY >
+ <!ATTLIST ContactInfo
+ xml:lang NMTOKEN #IMPLIED
+ Tel CDATA #IMPLIED
+ Fax CDATA #IMPLIED
+ Email CDATA #IMPLIED
+ NetLocn CDATA #IMPLIED >
+
+ Attributes:
+
+ xml:lang Defines the language used by attributes within
+ this element. See section 3.8 Identifying
+ Languages.
+
+ Tel A telephone number by which the Organisation may
+ be contacted. Note that this is a text field and
+ no validation is carried out on it.
+
+ Fax A fax number by which the Organisation may be
+ contacted. Note that this is a text field and no
+ validation is carried out on it.
+
+ Email An email address by which the Organisation may be
+ contacted. Note that this field should conform to
+ the conventions for address specifications
+ contained in [RFC822].
+
+
+
+
+Burdett Informational [Page 108]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ NetLocn A location on the Internet by which information
+ about the Organisation may be obtained that can be
+ displayed using a web browser.
+
+ The content of this attribute must conform to
+ [RFC1738].
+
+7.6.4 Person Name Element
+
+ This contains the name of an individual person. All fields are
+ optional however as a minimum either the GivenName or the FamilyName
+ should be present. Its definition is as follows.
+
+ <!ELEMENT PersonName EMPTY >
+ <!ATTLIST PersonName
+ xml:lang NMTOKEN #IMPLIED
+ Title CDATA #IMPLIED
+ GivenName CDATA #IMPLIED
+ Initials CDATA #IMPLIED
+ FamilyName CDATA #IMPLIED >
+
+ Attributes:
+
+ xml:lang Defines the language used by attributes within
+ this element. See section 3.8 Identifying
+ Languages.
+
+ Title A distinctive name; personal appellation,
+ hereditary or not, denoting or implying office
+ (e.g., judge, mayor) or nobility (e.g., duke,
+ duchess, earl), or used in addressing or referring
+ to a person (e.g., Mr, Mrs, Miss)
+
+ GivenName The primary or main name by which a person is
+ known amongst and identified by their family,
+ friends and acquaintances. Otherwise known as
+ first name or Christian Name.
+
+ Initials The first letter of the secondary names (other
+ than the Given Name) by which a person is known
+ amongst or identified by their family, friends and
+ acquaintances.
+
+ FamilyName The name by which family of related individuals
+ are known. It is typically the part of an
+ individual's name which is passed on by parents to
+ their children.
+
+
+
+
+Burdett Informational [Page 109]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.6.5 Postal Address Element
+
+ This contains an address which can be used, for example, for the
+ physical delivery of goods, services or letters. Its definition is as
+ follows.
+
+ <!ELEMENT PostalAddress EMPTY >
+ <!ATTLIST PostalAddress
+ xml:lang NMTOKEN #IMPLIED
+ AddressLine1 CDATA #IMPLIED
+ AddressLine2 CDATA #IMPLIED
+ CityOrTown CDATA #IMPLIED
+ StateOrRegion CDATA #IMPLIED
+ PostalCode CDATA #IMPLIED
+ Country CDATA #IMPLIED
+ LegalLocation (True | False) 'False' >
+
+ Attributes:
+
+ xml:lang Defines the language used by attributes within
+ this element. See section 3.8 Identifying
+ Languages.
+
+ AddressLine1 The first line of a postal address. e.g., "The
+ Meadows"
+
+ AddressLine2 The second line of a postal address. e.g., "Sandy
+ Lane"
+
+ CityOrTown The city of town of the address. e.g., "Carpham"
+
+ StateOrRegion The state or region within a country where the
+ city or town is placed. e.g., "Surrey"
+
+ PostalCode The code known as, for example a post code or zip
+ code, that is typically used by Postal
+ Organisations to organise postal deliveries into
+ efficient sequences. e.g., "KT22 1AA"
+
+ Country The country for the address. e.g., "UK"
+
+ LegalLocation This identifies whether the address is the
+ Registered Address for the Organisation. At least
+ one address for the Organisation must have a value
+ set to True unless the Trading Role is either
+ Consumer or DeliverTo.
+
+
+
+
+
+Burdett Informational [Page 110]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.7 Brand List Component
+
+ Brand List Components are contained within the Trading Protocol
+ Options Block (see section 8.1) of the IOTP Transaction. They
+ contains lists of:
+
+ o payment Brands (see also section 11.1 Brand Definitions and Brand
+ Selection),
+
+ o amounts to be paid in the currencies that are accepted or offered
+ by the Merchant,
+
+ o the payment protocols which can be used to make payments with a
+ Brand, and
+
+ o the net locations of the Payment Handlers which accept payment for
+ a payment protocol
+
+ The definition of a Brand List Component is as follows.
+
+ <!ELEMENT BrandList (Brand+, ProtocolAmount+,
+ CurrencyAmount+, PayProtocol+) >
+ <!ATTLIST BrandList
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ PayDirection (Debit | Credit) #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Brand
+ List Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ ShortDesc A text description in the language defined by
+ xml:Lang giving details of the purpose of the
+ Brand List. This information must be displayed to
+ the receiver of the Brand List in order to assist
+ with making the selection. It is of particular
+ benefit in allowing a Consumer to distinguish the
+ purpose of a Brand List when an IOTP Transaction
+ involves more than one payment.
+
+
+
+
+
+Burdett Informational [Page 111]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ PayDirection Indicates the direction in which the payment for
+ which a Brand is being selected is to be made. Its
+ values may be:
+ o Debit The sender of the Payment Request Block
+ (e.g., the Consumer) to which this Brand List
+ relates will make the payment to the Payment
+ Handler, or
+ o Credit The sender of the Payment Request Block
+ to which this Brand List relates will receive a
+ payment from the Payment Handler.
+
+ Content:
+
+ Brand This describes a Brand. The sequence of the Brand
+ elements (see section 7.7.1) within the Brand List
+ does not indicate any preference. It is
+ recommended that software which processes this
+ Brand List presents Brands in a sequence which the
+ receiver of the Brand List prefers.
+
+ ProtocolAmount This links a particular Brand to:
+ o the currencies and amounts in CurrencyAmount
+ elements that can be used with the Brand, and
+ o the Payment Protocols and Payment Handlers,
+ which can be used with those currencies and
+ amounts, and a particular Brand
+
+ CurrencyAmount This contains a currency code and an amount.
+
+ PayProtocol This contains information about a Payment Protocol
+ and the Payment Handler which may be used with a
+ particular Brand.
+
+ The relationships between the elements which make up the content of
+ the Brand List is illustrated in the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 112]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ Brand List Component
+
+ | ProtocolAmountRefs
+ |-Brand Element-----------------------------
+ | | |
+ | - Protocol Brand Element-------- |
+ | | |
+ | ProtocolId| |
+ | | |
+ |-Protocol Amount Element<----------+-------
+ | | | |
+ | | | |
+ | |CurrencyAmountRefs |Pay |
+ | | |Protocol |
+ | v |Ref |
+ |-Currency Amount Element | |
+ | Element | |
+ | | |
+ -PayProtocolElement<------<--------
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 15 Brand List Element Relationships
+
+ Examples of complete Brand Lists are contained in section 11.2 Brand
+ List Examples.
+
+7.7.1 Brand Element
+
+ A Brand Element describes a brand that can be used for making a
+ payment. One or more of these elements is carried in each Brand List
+ Component that has the PayDirection attribute set to Debit. Exactly
+ one Brand Element may be carried in a Brand List Component that has
+ the PayDirection attribute set to Credit.
+
+ <!ELEMENT Brand (ProtocolBrand*, PackagedContent*) >
+ <!ATTLIST Brand
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #IMPLIED
+ BrandId CDATA #REQUIRED
+ BrandName CDATA #REQUIRED
+ BrandLogoNetLocn CDATA #REQUIRED
+ BrandNarrative CDATA #IMPLIED
+ ProtocolAmountRefs IDREFS #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+
+
+Burdett Informational [Page 113]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Attributes:
+
+ ID Element identifier, potentially referenced in a
+ Brand Selection Component contained in a later
+ Payment Request message and uniquely identifies
+ the Brand element within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes and
+ content of this element. See section 3.8
+ Identifying Languages.
+
+ BrandId This contains a unique identifier for the brand
+ (or promotional brand). It is used to match
+ against a list of Payment Instruments which the
+ Consumer holds to determine whether or not the
+ Consumer can pay using the Brand.
+
+ Values of BrandId are managed under the procedure
+ described in section 12 IANA Considerations.
+
+ As values of BrandId are controlled under the
+ procedures defined in section 12 IANA
+ Considerations user defined values may be
+ defined.
+
+ BrandName This contains the name of the brand, for example
+ MasterCard Credit. This is the description of the
+ Brand which is displayed to the consumer in the
+ Consumers language defined by xml:lang. For
+ example it might be "American Airlines Advantage
+ Visa". Note that this attribute is not used for
+ matching against the payment instruments held by
+ the Consumer.
+
+ BrandLogoNetLocn The net location which can be used to download
+ the logo for the Organisation. See section
+ Retrieving Logos (see section 10).
+
+ The content of this attribute must conform to
+ [RFC1738].
+
+ BrandNarrative This optional attribute is designed to be used by
+ the Merchant to indicate some special conditions
+ or benefit which would apply if the Consumer
+ selected that brand. For example "5% discount",
+ "free shipping and handling", "free breakage
+ insurance for 1 year", "double air miles apply",
+ etc.
+
+
+
+Burdett Informational [Page 114]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ProtocolAmountRefs Identifies the protocols and related currencies
+ and amounts which can be used with this Brand.
+ Specified as a list of ID's of Protocol Amount
+ Elements (see section 7.7.3) contained within the
+ Brand List.
+
+ ContentSoftwareId See section 14.Glossary.
+
+ Content:
+
+ ProtocolBrand Protocol Brand elements contain brand information
+ to be used with a specific payment protocol (see
+ section 7.7.2)
+
+
+ PackagedContent Optional Packaged Content (see section 3.7)
+ elements containing information about the brand
+ which may be used by the payment protocol. The
+ content of this information is defined in the
+ supplement for a payment protocol which describes
+ how the payment protocol works with IOTP.
+
+ Example Brand Elements are contained in section 11.2 Brand List
+ Examples.
+
+7.7.2 Protocol Brand Element
+
+ The Protocol Brand Element contains information that is specific to
+ the use of a particular Protocol with a Brand. Its definition is as
+ follows.
+
+ <!ELEMENT ProtocolBrand (PackagedContent*) >
+ <!ATTLIST ProtocolBrand
+ ProtocolId CDATA #REQUIRED
+ ProtocolBrandId CDATA #REQUIRED >
+
+
+ Attributes:
+
+ ProtocolId This must match the value of a ProtocolId
+ attribute in a Pay Protocol Element (see section
+ 7.7.5).
+
+ The values of ProtocolId should be unique within a
+ Brand Element otherwise there is an error.
+
+
+
+
+
+
+Burdett Informational [Page 115]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ProtocolBrandId This is the Payment Brand Id to be used with a
+ particular payment protocol. For example, SET and
+ EMV have their own well defined, yet different,
+ values for the Brand Id to be used with each
+ protocol.
+
+ The valid values of this attribute are defined in
+ the supplement for the payment protocol identified
+ by ProtocolId that describes how the payment
+ protocol works with IOTP.
+
+ Content:
+
+ PackagedContent Optional Packaged Content (see section 3.7)
+ elements containing information about the
+ protocol/brand which may be used by the payment
+ protocol. The content of this information is
+ defined in the supplement for a payment protocol
+ which describes how the payment protocol works
+ with IOTP.
+
+7.7.3 Protocol Amount Element
+
+ The Protocol Amount element links a Brand to:
+
+ o the currencies and amounts in Currency Amount Elements (see
+ section 7.7.4) that can be used with the Brand, and
+
+ o the Payment Protocols and Payment Handlers defined in a Pay
+ Protocol Element (see section 7.7.5), which can be used with those
+ currencies and amounts.
+
+ Its definition is as follows:
+
+ <!ELEMENT ProtocolAmount (PackagedContent*) >
+ <!ATTLIST ProtocolAmount
+ ID ID #REQUIRED
+ PayProtocolRef IDREF #REQUIRED
+ CurrencyAmountRefs IDREFS #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID Element identifier, potentially referenced in a
+ Brand element; or in a Brand Selection Component
+ contained in a later Payment Request message
+ which uniquely identifies the Protocol Amount
+ element within the IOTP Transaction.
+
+
+
+Burdett Informational [Page 116]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ PayProtocolRef Contains an Element Reference (see section 3.5)
+ that refers to the Pay Protocol Element (see
+ section 7.7.5) that contains the Payment Protocol
+ and Payment Handlers that can be used with the
+ Brand.
+
+ CurrencyAmountRefs Contains a list of Element References (see
+ section 3.5) that refer to the Currency Amount
+ Element (see section 7.7.4) that describes the
+ currencies and amounts that can be used with the
+ Brand.
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Optional Packaged Content (see section 3.7)
+ elements containing information about the protocol
+ amount which may be used by the payment protocol.
+ The content of this information is defined in the
+ supplement for a payment protocol which describes
+ how the payment protocol works with IOTP.
+
+ Examples of Protocol Amount Elements are contained in section 11.2
+ Brand List Examples.
+
+7.7.4 Currency Amount Element
+
+ A Currency Amount element contains:
+
+ o a currency code (and its type), and
+
+ o an amount.
+
+ One or more of these elements is carried in each Brand List
+ Component. Its definition is as follows:
+
+ <!ELEMENT CurrencyAmount EMPTY >
+ <!ATTLIST CurrencyAmount
+ ID ID #REQUIRED
+ Amount CDATA #REQUIRED
+ CurrCodeType NMTOKEN 'ISO4217-A'
+ CurrCode CDATA #REQUIRED >
+
+ Attributes:
+
+ ID Element identifier, potentially referenced in a
+ Brand element; or in a Brand Selection Component
+
+
+
+Burdett Informational [Page 117]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ contained in a later Payment Request message which
+ uniquely identifies the Currency Amount Element
+ within the IOTP Transaction.
+
+ Amount Indicates the amount to be paid in whole and
+ fractional units of the currency. For example
+ $245.35 would be expressed "245.35". Note that
+ values smaller than the smallest denomination are
+ allowed. For example one tenth of a cent would be
+ "0.001".
+
+ CurrCodeType Indicates the domain of the CurrCode. This
+ attribute is included so that the currency code
+ may support non-standard "currencies" such as
+ frequent flyer points, trading stamps, etc. Its
+ values may be:
+ o ISO4217-A (the default) indicates the currency
+ code is a three character alphabetic currency
+ code that conforms to [ISO 4217]
+ o IOTP indicates that values of CurrCode are
+ managed under the procedure described in
+ section 12 IANA Considerations
+
+ CurrCode A code which identifies the currency to be used in
+ the payment. The domain of valid currency codes is
+ defined by CurrCodeType
+
+ As values of CurrCodeType are managed under the
+ procedure described in section 12 IANA
+ Considerations user defined values of CurrCodeType
+ may be defined.
+
+ Examples of Currency Amount Elements are contained in section 11.2
+ Brand List Examples.
+
+7.7.5 Pay Protocol Element
+
+ A Pay Protocol element specifies details of a Payment Protocol and
+ the Payment Handler that can be used with a Brand. One or more of
+ these elements is carried in each Brand List.
+
+ <!ELEMENT PayProtocol (PackagedContent*) >
+ <!ATTLIST PayProtocol
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #IMPLIED
+ ProtocolId NMTOKEN #REQUIRED
+ ProtocolName CDATA #REQUIRED
+ ActionOrgRef NMTOKEN #REQUIRED
+
+
+
+Burdett Informational [Page 118]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ PayReqNetLocn CDATA #IMPLIED
+ SecPayReqNetLocn CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID Element identifier, potentially referenced in a
+ Brand element; or in a Brand Selection Component
+ contained in a later Payment Request message which
+ uniquely identifies the Pay Protocol element
+ within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes and
+ content of this element. See section 3.8
+ Identifying Languages.
+
+ ProtocolId Consists of a protocol name and version. For
+ example "SETv1.0".
+
+ The values of ProtocolId are defined by the
+ payment scheme/method owners in the document that
+ describes how to encapsulate a payment protocol
+ within IOTP.
+
+ ProtocolName A narrative description of the payment protocol
+ and its version in the language identified by
+ xml:lang. For example "Secure Electronic
+ Transaction Version 1.0". Its purpose is to help
+ provide information on the payment protocol being
+ used if problems arise.
+
+ ActionOrgRef An Element Reference (see section 3.5) to the
+ Organisation Component for the Payment Handler for
+ the Payment Protocol.
+
+ PayReqNetLocn The Net Location indicating where an unsecured
+ Payment Request message should be sent if this
+ protocol choice is used.
+
+ The content of this attribute is dependent on the
+ Transport Mechanism (such must conform to
+ [RFC1738].
+
+ SecPayReqNetLocn The Net Location indicating where a secured
+ Payment Request message should be sent if this
+ protocol choice is used.
+
+
+
+
+
+Burdett Informational [Page 119]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ A secured payment involves the use of a secure
+ channel such as [SSL/TLS] in order to communicate
+ with the Payment Handler.
+
+ The content of this attribute must conform to
+ [RFC1738]. See also See section 3.9 Secure and
+ Insecure Net Locations.
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Optional Packaged Content elements (see section
+ 3.7) containing information about the protocol
+ which is used by the payment protocol. The content
+ of this information is defined in the supplement
+ for a payment protocol which describes how the
+ payment protocol works with IOTP. An example of
+ its use could be to include a payment protocol
+ message.
+
+ Examples of Pay Protocol Elements are contained in section 11.2 Brand
+ List Examples.
+
+7.8 Brand Selection Component
+
+ A Brand Selection Component identifies the choice of payment brand,
+ payment protocol and the Payment Handler. This element is used:
+
+ o in Payment Request messages within Baseline Purchase and Baseline
+ Value Exchange IOTP Transactions to identify the brand, protocol
+ and payment handler for a payment, or
+
+ o to, optionally, inform a merchant in a purchase of the payment
+ brand being used so that the offer and order details can be
+ amended accordingly.
+
+ In Baseline IOTP, the integrity of Brand Selection Components is not
+ guaranteed. However, modification of Brand Selection Components can
+ only cause denial of service if the payment protocol itself is secure
+ against message modification, duplication, and swapping attacks.
+
+ The definition of a Brand Selection Component is as follows.
+
+ <!ELEMENT BrandSelection (BrandSelBrandInfo?,
+ BrandSelProtocolAmountInfo?,
+ BrandSelCurrencyAmountInfo?) >
+ <!ATTLIST BrandSelection
+
+
+
+Burdett Informational [Page 120]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ID ID #REQUIRED
+ BrandListRef NMTOKEN #REQUIRED
+ BrandRef NMTOKEN #REQUIRED
+ ProtocolAmountRef NMTOKEN #REQUIRED
+ CurrencyAmountRef NMTOKEN #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Brand
+ Selection Component within the IOTP Transaction.
+
+ BrandListRef The Element Reference (see section 3.5) of the
+ Brand List Component from which a Brand is being
+ selected
+
+ BrandRef The Element Reference of a Brand element within
+ the Brand List Component that is being selected
+ that is to be used in the payment.
+
+ ProtocolAmountRef The Element Reference of a Protocol Amount element
+ within the Brand List Component which is to be
+ used when making the payment.
+
+ CurrencyAmountRef The Element Reference of a Currency Amount element
+ within the Brand List Component which is to be
+ used when making the payment.
+
+ Content:
+
+ BrandSelBrandInfo, This contains any additional data that
+ BrandSelProtocolAmountInfo, may be required by a particular payment
+ BrandSelCurrencyAmountInfo brand or protocol. See sections 7.8.1,
+ 7.8.2, and 7.8.3.
+
+ The following rules apply:
+
+ o the BrandListRef must contain the ID of a Brand List Component in
+ the same IOTP Transaction
+
+ o every Brand List Component in the Trading Protocol Options Block
+ (see section 8.1) must be referenced by one and only one Brand
+ Selection Component
+
+ o the BrandRef must refer to the ID of a Brand contained within the
+ Brand List Component referred to by BrandListRef
+
+
+
+
+
+
+Burdett Informational [Page 121]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the ProtocolAmountRef must refer to one of the Element IDs listed
+ in the ProtocolAmountRefs attribute of the Brand element
+ identified by BrandRef
+
+ o the CurrencyAmountRef must refer to one of the Element IDs listed
+ in the CurrencyAmountRefs attribute of the Protocol Amount Element
+ identified by ProtocolAmountRef.
+
+ An example of a Brand Selection Component is included in 11.2 Brand
+ List Examples.
+
+7.8.1 Brand Selection Brand Info Element
+
+ The Brand Selection Brand Info Element contains any additional data
+ that may be required by a particular payment brand. See the IOTP
+ payment method supplement for a description of how and when it used.
+
+ <!ELEMENT BrandSelBrandInfo (PackagedContent+) >
+ <!ATTLIST BrandSelBrandInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Packaged Content elements (see section 3.7) that
+ contain additional data that may be required by a
+ particular payment brand. See the payment method
+ supplement for IOTP for rules on how this is used.
+
+7.8.2 Brand Selection Protocol Amount Info Element
+
+ The Brand Selection Protocol Amount Info Element contains any
+ additional data that is payment protocol specific that may be
+ required by a particular payment brand or payment protocol. See the
+ IOTP payment method supplement for a description of how and when it
+ used.
+
+ <!ELEMENT BrandSelProtocolAmountInfo (PackagedContent+) >
+ <!ATTLIST BrandSelProtocolAmountInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+
+
+
+
+Burdett Informational [Page 122]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Attributes:
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Packaged Content elements (see section 3.7) that
+ may contain additional data that may be required
+ by a particular payment brand. See the payment
+ method supplement for IOTP for rules on how this
+ is used.
+
+7.8.3 Brand Selection Currency Amount Info Element
+
+ The Brand Selection Currency Amount Info Element contains any
+ additional data that is payment brand and currency specific that may
+ be required by a particular payment brand. See the IOTP payment
+ method supplement for a description of how and when it used.
+
+ <!ELEMENT BrandSelCurrencyAmountInfo (PackagedContent+) >
+ <!ATTLIST BrandSelCurrencyAmountInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Packaged Content elements (see section 3.7) that
+ contain additional data relating to the payment
+ brand and currency. See the payment method
+ supplement for IOTP for rules on how this is used.
+
+7.9 Payment Component
+
+ A Payment Component contains information used to control how a
+ payment is carried out. Its provides information on:
+
+ o the times within which a Payment with a Payment Handler may be
+ started
+
+ o a reference to the Brand List (see section 7.7) which identifies
+ the Brands, protocols, currencies and amounts which can be used to
+ make a payment
+
+ o whether or not a payment receipt will be provided
+
+
+
+Burdett Informational [Page 123]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o whether another payment precedes this payment.
+
+ Its definition is as follows.
+
+ <!ELEMENT Payment EMPTY >
+ <!ATTLIST Payment
+ ID ID #REQUIRED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ BrandListRef NMTOKEN #REQUIRED
+ SignedPayReceipt (True | False) #REQUIRED
+ StartAfterRefs NMTOKENS #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Component within the IOTP Transaction.
+
+ OkFrom The date and time in [UTC] format after which a
+ Payment Handler may accept for processing a
+ Payment Request Block (see section 8.7) containing
+ the Payment Component.
+
+ OkTo The date and time in [UTC] format before which a
+ Payment Handler may accept for processing a
+ Payment Request Block containing the Payment
+ Component.
+
+ BrandListRef An Element Reference (see section 3.5) of a Brand
+ List Component (see section 7.7) within the TPO
+ Trading Block for the IOTP Transaction. The Brand
+ List identifies the alternative ways in which the
+ payment can be made.
+
+ SignedPayReceipt Indicates whether or not the Payment Response
+ Block (see section 8.9) generated by the Payment
+ Handler for the payment must be digitally signed.
+
+ StartAfter Contains Element References (see section 3.5) of
+ other Payment Components which describe payments
+ which must be complete before this payment can
+ start. If no StartAfter attribute is present then
+ there are no dependencies and the payment can
+ start immediately
+
+
+
+
+
+
+
+Burdett Informational [Page 124]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.10 Payment Scheme Component
+
+ A Payment Scheme Component contains payment protocol information for
+ a specific payment scheme which is transferred between the parties
+ involved in a payment for example a [SET] message. Its definition is
+ as follows.
+
+ <!ELEMENT PaySchemeData (PackagedContent+) >
+ <!ATTLIST PaySchemeData
+ ID ID #REQUIRED
+ PaymentRef NMTOKEN #IMPLIED
+ ConsumerPaymentId CDATA #IMPLIED
+ PaymentHandlerPayId CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Scheme Component within the IOTP
+ Transaction.
+
+ PaymentRef An Element Reference (see section 3.5) to the
+ Payment Component (see section 7.9) to which
+ this Payment Scheme Component relates. It is
+ required unless the Payment Scheme Component is
+ part of an Transaction Inquiry Status
+ Transaction (see section 9.2.1).
+
+ ConsumerPaymentId An identifier specified by the Consumer which,
+ if returned by the Payment Handler in another
+ Payment Scheme Component or by other means, will
+ enable the Consumer to identify which payment is
+ being referred to.
+
+ PaymentHandlerPayId An identifier specified by the Payment Handler
+ which, if returned by the Consumer in another
+ Payment Scheme Component, or by other means,
+ will enable the Payment Handler to identify
+ which payment is being referred to. It is
+ required on every Payment Scheme Component apart
+ from the one contained in a Payment Request
+ Block.
+
+ ContentSoftwareId See section 14. Glossary.
+
+
+
+
+
+
+
+Burdett Informational [Page 125]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Content:
+
+ PackagedContent Contains payment scheme protocol information as
+ Packaged Content elements (see section 3.7). See
+ the payment scheme supplement for the definition
+ of its content.
+
+ Note that:
+ o the values of the Name attribute of each
+ packaged content element are defined by the
+ Payment Protocol Supplement
+ o the value of each Name must be unique within a
+ Payment where a Payment is defined as all
+ Payment Scheme or Payment Receipt Components
+ with the same value of the PaymentRef attribute
+
+7.11 Payment Receipt Component
+
+ A Payment Receipt is a record of a payment which demonstrates how
+ much money has been paid or received. It is distinct from a purchase
+ receipt in that it contains no record of what was being purchased.
+
+ Typically the content of a Payment Receipt Component will contain
+ data which describes:
+
+ o the amount paid and its currency
+
+ o the date and time of the payment
+
+ o internal reference numbers which identify the payment to the
+ payment system
+
+ o potentially digital signatures generated by the payment method
+ which can be used to prove after the event that the payment
+ occurred.
+
+ If the Payment Method being used provides the facility then the
+ Payment Receipt Component should contain payment protocol messages,
+ or references to messages, which prove the payment occurred.
+
+ The precise definition of the content is Payment Method dependent.
+ Refer to the supplement for the payment method being used to
+ determine the rules that apply.
+
+ Information contained in the Payment Receipt Component should be
+ displayed or otherwise made available to the Consumer.
+
+
+
+
+
+Burdett Informational [Page 126]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note: If the Payment Receipt Component contains Payment Protocol
+ Messages, then the Messages will need to be processed by Payment
+ Method software to convert it into a format which can be understood
+ by the Consumer
+
+ The definition of a Payment Receipt Component is as follows.
+
+ <!ELEMENT PayReceipt (PackagedContent*) >
+ <!ATTLIST PayReceipt
+ ID ID #REQUIRED
+ PaymentRef NMTOKEN #REQUIRED
+ PayReceiptNameRefs NMTOKENS #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Receipt Component within the IOTP
+ Transaction.
+
+ PaymentRef Contains an Element Reference (see section 3.5)
+ to the Payment Component (see section 7.9) to
+ which this payment receipt applies
+
+ PayReceiptNameRefs Optionally contains a list of the values of the
+ Name attributes of Packaged Content elements that
+ together make up the receipt. The Packaged
+ Content elements are contained either within:
+ o Payment Scheme Data components exchanged
+ between the Payment Handler and the Consumer
+ roles during the Payment, and/or
+ o the Payment Receipt component itself.
+ Note that:
+ o each payment scheme defines in its supplement
+ the Names of the Packaged Content elements
+ that must be listed in this attribute (if
+ any).
+ o if a Payment Scheme Component contains
+ Packaged Content elements with a name that
+ matches a name within PayReceiptNameRefs, then
+ those Payment Scheme Components must be
+ referenced by Digests in the Payment Response
+ signature component (if such a signature is
+ being used)
+
+ The client software should save all the
+ components referenced so that the payment receipt
+ can be reconstructed when required.
+
+
+
+Burdett Informational [Page 127]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Optionally contains payment scheme payment receipt
+ information as Packaged Content elements (see
+ section 3.7). See the payment scheme supplement
+ for the definition of its content.
+
+ Note that:
+ o the values of the Name attribute of each
+ packaged content element are defined by the
+ Payment Protocol Supplement
+ o the value of each Name must be unique within a
+ Payment where a Payment is defined as all
+ Payment Scheme or Payment Receipt Components,
+ with the same value of the PaymentRef attribute
+
+ Note that either the PayReceiptNameRefs attribute, the
+ PackagedContent element, or both must be present.
+
+7.12 Payment Note Component
+
+ The Payment Note Component contains additional, non payment related,
+ information which the Payment Handler wants to provide to the
+ Consumer. For example, if a withdrawal or deposit were being made
+ then it could contain information on the remaining balance on the
+ account after the transfer was complete. The information should
+ duplicate information contained within the Payment Receipt Component.
+
+ Information contained in the Payment Note Component should be
+ displayed or otherwise made available to the Consumer. For
+ interoperability, the Payment Note Component should support, as a
+ minimum, the content types of "Plain Text", HTML and XML. Its
+ definition is as follows.
+
+ <!ELEMENT PaymentNote (PackagedContent+) >
+ <!ATTLIST PaymentNote
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Receipt Component within the IOTP
+ Transaction.
+
+ ContentSoftwareId See section 14. Glossary.
+
+
+
+Burdett Informational [Page 128]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Content:
+
+ PackagedContent Contains additional, non payment related,
+ information which the Payment Handler wants to
+ provide to the Consumer as one or more Packaged
+ Content elements (see section 3.7).
+
+7.13 Delivery Component
+
+ The Delivery Element contains information required to deliver goods
+ or services. Its definition is as follows.
+
+ <!ELEMENT Delivery (DeliveryData?, PackagedContent*) >
+ <!ATTLIST Delivery
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ DelivExch (True | False) #REQUIRED
+ DelivAndPayResp (True | False) #REQUIRED
+ ActionOrgRef NMTOKEN #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Delivery Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ DelivExch Indicates if this IOTP Transaction includes the
+ messages associated with a Delivery Exchange.
+ Valid values are:
+ o True indicates it does include a Delivery
+ Exchange
+ o False indicates it does not include a
+ Delivery Exchange
+
+ If set to true then a DeliveryData element must
+ be present. If set to false it may be absent.
+
+ DelivAndPayResp Indicates if the Delivery Response Block (see
+ section 8.11) and the Payment Response Block (see
+ section 8.9 ) are combined into one IOTP Message.
+ Valid values are:
+ o True indicates both blocks will be in the
+ same IOTP Message, and
+
+
+
+
+Burdett Informational [Page 129]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o False indicates each block will be in a
+ different IOTP Message
+
+ DelivAndPayResp should not be true if DelivExch
+ is False.
+
+ In practice combining the Delivery Response Block
+ and Payment Response Block is only likely to be
+ practical if the Merchant, the Payment Handler
+ and the Delivery Handler are the same
+ Organisation since:
+ o the Payment Handler must have access to Order
+ Component information so that they know what
+ to deliver, and
+ o the Payment Handler must be able to carry out
+ the delivery
+
+ ActionOrgRef An Element Reference to the Organisation
+ Component of the Delivery Handler for this
+ delivery.
+
+ Content:
+
+ DeliveryData Contains details about how the delivery will be
+ carried out. See 7.13.1 Delivery Data Element
+ below.
+
+ PackagedContent Contains "user" data defined for the Merchant
+ which is required by the Delivery Handler as one
+ or more Packaged Content Elements see section 3.7.
+
+7.13.1 Delivery Data Element
+
+ The DeliveryData element contains information about where and how
+ goods are to be delivered. Its definition is as follows.
+
+ <!ELEMENT DeliveryData (PackagedContent*) >
+ <!ATTLIST DeliveryData
+ xml:lang NMTOKEN #IMPLIED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ DelivMethod NMTOKEN #REQUIRED
+ DelivToRef NMTOKEN #REQUIRED
+ DelivReqNetLocn CDATA #REQUIRED
+ SecDelivReqNetLocn CDATA #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+
+
+
+Burdett Informational [Page 130]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Attributes:
+
+ xml:lang Defines the language used by attributes within
+ this component. See section 3.8 Identifying
+ Languages.
+
+ OkFrom The date and time in [UTC] format after which the
+ Delivery Handler may accept for processing a
+ Delivery Request Block (see section 8.10).
+
+ OkTo The date and time in [UTC] format before which
+ the Delivery Handler may accept for processing a
+ Delivery Request Block.
+
+ DelivMethod Indicates the method by which goods or services
+ may be delivered. Valid values are:
+ o Post the goods will be delivered by post or
+ courier
+ o Web the goods will be delivered
+ electronically in the Delivery Note Component
+ o Email the goods will be delivered
+ electronically by e-mail
+
+ Values of DelivMethod are managed under the
+ procedure described in section 12 IANA
+ Considerations which allows user defined codes to
+ be defined.
+
+ DelivToRef The Element Reference (see section 3.4) of an
+ Organisation Component within the IOTP
+ Transaction which has a role of DelivTo. The
+ information in this block is used to determine
+ where delivery is to be made. It must be
+ compatible with DelivMethod. Specifically if the
+ DelivMethod is:
+ o Post, then the there must be a Postal Address
+ Element containing sufficient information for
+ a postal delivery,
+ o Web, then there are no specific requirements.
+ The information will be sent in a web page
+ back to the Consumer
+ o Email, then there must be Contact Information
+ Element with a valid e-mail address
+
+ DelivReqNetLocn This contains the Net Location to which an
+ unsecured Delivery Request Block (see section
+ 8.10) which contains the Delivery Component
+ should be sent.
+
+
+
+Burdett Informational [Page 131]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The content of this attribute is dependent on the
+ Transport Mechanism and must conform to
+ [RFC1738].
+
+ SecDelivReqNetLocn This contains the Net Location to which a secured
+ Delivery Request Block (see section 8.10) which
+ contains the Delivery Component should be sent.
+
+ A secured delivery request involves the use of a
+ secure channel such as [SSL/TLS] in order to
+ communicate with the Payment Handler.
+
+ The content of this attribute is dependent on the
+ Transport Mechanism must conform to [RFC1738].
+
+ See also Section 3.9 Secure and Insecure Net
+ Locations.
+
+ ContentSoftwareId See section 14. Glossary.
+
+ Content:
+
+ PackagedContent Additional information about the delivery as one
+ or more Packaged Content elements (see section
+ 3.7) provided to the Delivery Handler by the
+ merchant.
+
+7.14 Consumer Delivery Data Component
+
+ A Consumer Delivery Data Component is used by a Consumer to specify
+ an identifier that can be used by the Consumer to identify the
+ Delivery.
+
+ Its definition is as follows:
+
+ <!ELEMENT ConsumerDeliveryData EMPTY >
+ <!ATTLIST ConsumerDeliveryData
+ ID ID #REQUIRED
+ ConsumerDeliveryId CDATA #REQUIRED>
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Consumer Delivery Data Component within the IOTP
+ Transaction.
+
+
+
+
+
+
+Burdett Informational [Page 132]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ConsumerDeliveryId An identifier specified by the Consumer which, if
+ returned by the Delivery Handler will enable the
+ Consumer to identify which Delivery is being
+ referred to.
+
+7.15 Delivery Note Component
+
+ A Delivery Note contains delivery instructions about the delivery of
+ goods or services or potentially the actual Delivery Information
+ itself. It is information which the person or Organisation receiving
+ the Delivery Note can use when delivery occurs.
+
+ For interoperability, the Delivery Note Component Packaged Content
+ should support both Plain Text, HTML and XML.
+
+ It's definition is as follows.
+
+ <!ELEMENT DeliveryNote (PackagedContent+) >
+ <!ATTLIST DeliveryNote
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ DelivHandlerDelivId CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Delivery Note Component within the IOTP
+ Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless
+ overridden by an xml:lang attribute on a child
+ element. See section 3.8 Identifying Languages.
+
+ DelivHandlerDelivId An optional identifier specified by the Delivery
+ Handler which, if returned by the Consumer in
+ another Delivery Component, or by other means,
+ will enable the Delivery Handler to identify
+ which Delivery is being referred to. It is
+ required on every Delivery Component apart from
+ the one contained in a Delivery Request Block.
+
+ An example use of this attribute is to contain a
+ delivery tracking number.
+
+ ContentSoftwareId See section 14. Glossary.
+
+
+
+
+Burdett Informational [Page 133]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Content:
+
+ PackagedContent Contains actual delivery note information as one
+ or more Packaged Content elements (see section
+ 3.7).
+
+ Note: If the content of the Delivery Message is a Mime message then
+ the Delivery Note may trigger an application which causes the actual
+ delivery to occur.
+
+7.16 Status Component
+
+ A Status Component contains status information about the business
+ success or failure (see section 4.2) of a process.
+
+ Its definition is as follows.
+
+ <!ELEMENT Status EMPTY >
+ <!ATTLIST Status
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ StatusType NMTOKEN #REQUIRED
+ ElRef NMTOKEN #IMPLIED
+ ProcessState (NotYetStarted | InProgress |
+ CompletedOk | Failed | ProcessError) #REQUIRED
+ CompletionCode NMTOKEN #IMPLIED
+ ProcessReference CDATA #IMPLIED
+ StatusDesc CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Status
+ Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes within
+ this component. See section 3.8 Identifying
+ Languages.
+
+ StatusType Indicates the type of Document Exchange which the
+ Status is reporting on. It may be set to either
+ Offer, Payment, Delivery, Authentication or
+ Undefined.
+
+ Undefined means that the type of document exchange
+ could not be identified. This is caused by an
+ error in the initial input message of the
+ exchange.
+
+
+
+
+Burdett Informational [Page 134]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Values of StatusType are managed under the
+ procedure described in section 12 IANA
+ Considerations which also allows user defined
+ values of StatusType to be defined.
+
+ ElRef If the StatusType is not set to Undefined then
+ ElRef contains an Element Reference (see section
+ 3.5) to the Component for which the Status is
+ being described. It must refer to either:
+ o an Order Component (see section 7.5), if the
+ StatusType is Offer,
+ o a Payment Component (see section 7.9), if the
+ StatusType is Payment, or
+ o a Delivery Component (see section 7.13), if
+ the StatusType is Delivery
+ o an Authentication Request Component (see
+ section 7.2) if the StatusType is
+ Authentication.
+
+ ProcessState Contains a State Code which indicates the current
+ state of the process being carried out. Valid
+ values for ProcessState are:
+ o NotYetStarted. A Request Block has been
+ received but the process has not yet started
+ o InProgress. Processing of the Request Block
+ has started but it is not yet complete
+ o CompletedOk. The processing of the Request
+ Block has completed successfully without any
+ errors
+ o Failed. The processing of the Request Block
+ has failed because of a Business Error (see
+ section 4.2)
+ o ProcessError. This value is only used when the
+ Status Component is being used in connection
+ with an Inquiry Request Trading Block (see
+ section 8.12). It indicates there was a
+ Technical Error (see section 4.1) in the
+ Request Block which is being processed or some
+ internal processing error.
+
+ Note that this code reports on the processing of a
+ Request Block. Further, asynchronous processing
+ may occur after the Response Block associated with
+ the Process has been sent.
+
+
+
+
+
+
+
+Burdett Informational [Page 135]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ CompletionCode Indicates how the process completed. Valid values
+ for the CompletionCode are given below together
+ with the conditions when it must be present and
+ indications on when recovery from failures are
+ possible.
+
+ A CompletionCode is a maximum of 14 characters
+ long.
+
+ ProcessReference This optional attribute holds a reference for the
+ process whose status is being reported. It may
+ hold the following values:
+ o when StatusType is set to Offer, it should
+ contain the OrderIdentifier from the Order
+ Component
+ o when StatusType is set to Payment, it should
+ contain the PaymentHandlerPayId from the
+ Payment Scheme Data Component
+ o when StatusType is set to Delivery, it should
+ contain the DelivHandlerDelivId from the
+ Delivery Note Component
+ o when StatusType is set to Authentication, it
+ should contain the AuthenticationId from the
+ Authentication Request Component
+
+ This attribute should be absent in the Inquiry
+ Request message when the Consumer has not been
+ given such a reference number by the IOTP Service
+ Provider.
+
+ This attribute can be used inside an Inquiry
+ Response Block (see section 8.13) to give the
+ reference number for a transaction which has
+ previously been unavailable.
+
+ For example, the package tracking number might not
+ be assigned at the time a delivery response was
+ received. However, if the Consumer issues a
+ Baseline Transaction Status Inquiry later, the
+ Delivery Handler can put the package tracking
+ number into this attribute in the Inquiry Response
+ message and send it back to the Consumer.
+
+ StatusDesc An optional textual description of the current
+ status of the process in the language identified
+ by xml:lang.
+
+
+
+
+
+Burdett Informational [Page 136]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.16.1 Offer Completion Codes
+
+ The Completion Code is only required if the ProcessState attribute is
+ set to Failed. The following table contains the valid values for the
+ CompletionCode that may be used and indicates whether or not recovery
+ might be possible. It is recommended that the StatusDesc attribute is
+ used to provide further explanation where appropriate.
+
+ Value Description
+
+ AuthError Authentication Error. The check of the
+ Authentication Response which was carried out has
+ failed.
+
+ Recovery may be possible by the Consumer re-
+ submitting a new Authentication Response Block with
+ corrected information.
+
+ ConsCancelled Consumer Cancelled. The Consumer decides to cancel
+ the transaction for some reason. This code is only
+ valid in a Status Component contained in a Cancel
+ Block or an Inquiry Response Block.
+
+ No recovery possible.
+
+ MerchCancelled Offer Cancelled. The Merchant declines to generate
+ an offer for some reason and cancels the
+ transaction. This code is only valid in a Status
+ Component contained in a Cancel Block or an Inquiry
+ Response Block.
+
+ No recovery possible.
+
+ Unspecified Unspecified error. There is some unknown problem or
+ error which does not fall into one of the other
+ CompletionCodes.
+
+ No recovery possible.
+
+ TimedOutRcvr Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ Recovery is possible if the last message from the
+ other Trading Role is received again.
+
+
+
+
+
+Burdett Informational [Page 137]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TimedOutNoRcvr Non Recoverable Time Out. Messages were resent but
+ no response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ No recovery possible.
+
+7.16.2 Payment Completion Codes
+
+ The CompletionCode is only required if the ProcessState attribute is
+ set to Failed. The following table contains the valid values for the
+ CompletionCode that may be used and indicates where recovery may be
+ possible. It is recommended that the StatusDesc attribute is used by
+ individual payment schemes to provide further explanation where
+ appropriate.
+
+ Value Description
+
+ BrandNotSupp Brand not supported. The payment brand is not
+ supported by the Payment Handler.
+
+ See below for recovery options.
+
+ CurrNotSupp Currency not supported. The currency in which the
+ payment is to be made is not supported by either
+ the Payment Instrument or the Payment Handler.
+
+ If the payment is Brand Independent, then the
+ Consumer may recover by selecting a different
+ currency, if available, or a different brand. Note
+ that this may involve a different Payment Handler.
+
+ ConsCancelled Consumer Cancelled. The Consumer decides to cancel
+ the payment for some reason. This code is only
+ valid in a Status Component contained in a Cancel
+ Block or an Inquiry Response Block.
+
+ Recovery is not possible.
+
+ PaymtCancelled Payment Cancelled. The Payment Handler declines to
+ complete the payment for some reason and cancels
+ the transaction. This code is only valid in a
+ Status Component contained in a Cancel Block or an
+ Inquiry Response Block.
+
+ See below for recovery options.
+
+
+
+
+
+Burdett Informational [Page 138]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ AuthError Authentication Error. The Payment Scheme specific
+ authentication check which was carried out has
+ failed.
+
+ Recovery may be possible. See the payment scheme
+ supplement to determine what is allowed.
+
+ InsuffFunds Insufficient funds. There are insufficient funds
+ available for the payment to be made.
+
+ See below for recovery options.
+
+ InstBrandInvalid Payment Instrument not valid for Brand. A Payment
+ Instrument is being used which does not correspond
+ with the Brand selected. For example a Visa credit
+ card is being used when MasterCard was selected as
+ the Brand.
+
+ See below for recovery options.
+
+ InstNotValid Payment instrument not valid for trade. The
+ Payment Instrument cannot be used for the proposed
+ type of trade, for some reason.
+
+ See below for recovery options.
+
+ BadInstrument Bad instrument. There is a problem with the
+ Payment Instrument being used which means that it
+ is unable to be used for the payment.
+
+ See below for recovery options.
+
+ Unspecified Unspecified error. There is some unknown problem
+ or error which does not fall into one of the other
+ CompletionCodes. The StatusDesc attribute should
+ provide the explanation of the cause.
+
+ See below for recovery options.
+
+ TimedOutRcvr Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on
+ a Transaction Inquiry.
+
+ Recovery is possible if the last message from the
+ other Trading Role is received again.
+
+
+
+
+
+Burdett Informational [Page 139]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TimedOutNoRcvr Non Recoverable Time Out. Messages were resent but
+ no response received. The document exchange has
+ therefore "Timed Out". This code is only valid on
+ a Transaction Inquiry.
+
+ No recovery possible.
+
+ If the Payment is Brand Independent, then recovery may be possible
+ for some values of the Completion Code, by the Consumer selecting
+ either a different payment brand or a different payment instrument
+ for the same brand. Note that this might involve a different Payment
+ Handler. The codes to which this applies are: BrandNotSupp,
+ PaymtCancelled, InsuffFunds, InstBrandInvalid, InstNotValid,
+ BadInstrument and Unspecified.
+
+ Recovery from Payments associated with Brand Dependent purchases is
+ only possible, if the Brand Selection component sent by the Merchant
+ to the Consumer does not change. In practice this means that the same
+ Brand, Protocol Amount and PayProtocol elements must be used. All
+ that can change is the Payment Instrument. Any other change will
+ invalidate the Merchant's Offer as a changed selection will
+ invalidate the Offer Response.
+
+7.16.3 Delivery Completion Codes
+
+ The following table contains the valid values for the CompletionCode
+ attribute for a Delivery. It is recommended that the StatusDesc
+ attribute is used to provide further explanation where appropriate.
+
+ Value Description
+
+ BackOrdered Back Ordered. The goods to be delivered are on order
+ but they have not yet been received. Shipping will be
+ arranged when they are received. This is only valid
+ if ProcessState is CompletedOk.
+
+ Recovery is not possible.
+
+ PermNotAvail Permanently Not Available. The goods are permanently
+ unavailable and cannot be re-ordered. This is only
+ valid if ProcessState is Failed.
+
+ Recovery is not possible.
+
+ TempNotAvail Temporarily Not Available. The goods are temporarily
+ unavailable and may become available if they can be
+ ordered. This is only valid if ProcessState is
+ CompletedOk.
+
+
+
+Burdett Informational [Page 140]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Recovery is not possible.
+
+ ShipPending Shipping Pending. The goods are available and are
+ scheduled for shipping but they have not yet been
+ shipped. This is only valid if ProcessState is
+ CompletedOk.
+
+ Recovery is not possible.
+
+ Shipped Goods Shipped. The goods have been shipped.
+ Confirmation of delivery is awaited. This is only
+ valid if ProcessState is CompletedOk.
+
+ Recovery is not possible.
+
+ ShippedNoConf Shipped - No Delivery Confirmation. The goods have
+ been shipped but it is not possible to confirm
+ delivery of the goods. This is only valid if
+ ProcessState is CompletedOk.
+
+ Recovery is not possible.
+
+ ConsCancelled Consumer Cancelled. The Consumer decides to cancel
+ the delivery for some reason. This code is only valid
+ in a Status Component contained in a Cancel Block or
+ an Inquiry Response Block.
+
+ Recovery is not possible.
+
+ DelivCancelled Delivery Cancelled. The Delivery Handler declines to
+ complete the Delivery for some reason and cancels the
+ transaction. This code is only valid in a Status
+ Component contained in a Cancel Block or an Inquiry
+ Response Block.
+
+ Recovery is not possible.
+
+ Confirmed Confirmed. All goods have been delivered and
+ confirmation of their delivery has been received.
+ This is only valid if ProcessState is CompletedOk.
+
+ Recovery is not possible.
+
+ Unspecified Unspecified error. There is some unknown problem or
+ error which does not fall into one of the other
+ CompletionCodes. The StatusDesc attribute should
+ provide the explanation of the cause.
+
+
+
+
+Burdett Informational [Page 141]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Recovery is not possible.
+
+ TimedOutRcvr Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ Recovery is possible if the last message from the
+ other Trading Role is received again.
+
+ TimedOutNoRcvr Non Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ No recovery possible.
+
+ Note: Recovery from failed, or partially completed deliveries is not
+ possible. The Consumer should use the Transaction Status Inquiry
+ Transaction (see section 9.2.1) to determine up-to- date information
+ on the current state.
+
+7.16.4 Authentication Completion Codes
+
+ The Completion Code is only required if the ProcessState attribute is
+ set to Failed. The following table contains the valid values for the
+ CompletionCode that may be used. It is recommended that the
+ StatusDesc attribute is used to provide further explanation where
+ appropriate.
+
+ Value Description
+
+ AutEeCancel Authenticatee Cancel. The Organisation being
+ authenticated declines to be authenticated for some
+ reason. This could be, for example because the
+ signature on an Authentication Request was invalid or
+ the Authenticator was not known or acceptable to the
+ Authenticatee.
+
+ Recovery is not possible.
+
+ AutOrCancel Authenticator Cancel. The Organisation requesting
+ authentication declines to validate the
+ Authentication Response received for some reason and
+ cancels the transaction.
+
+ Recovery is not possible.
+
+
+
+
+Burdett Informational [Page 142]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ NoAuthReq Authentication Request Not Available. The
+ Authenticatee does not have the data that must be
+ provided so that they may be successfully
+ authenticated. For example a password may have been
+ forgotten, the Authenticatee has not yet become a
+ member, or a smart card token is not present.
+
+ Recovery is not possible
+
+ AuthFailed Authentication Failed. The Authenticator checked the
+ Authentication Response but the authentication failed
+ for some reason. For example a password may have been
+ incorrect.
+
+ Recovery may be possible by the Authenticatee re-
+ sending a revised Authentication Response with
+ corrected data.
+
+ TradRolesIncon Trading Roles Inconsistent. The Trading Roles
+ contained within the TradingRoleList attribute of the
+ Trading Role Information Request Component (see
+ section 7.4) are inconsistent with the Trading Role
+ which the Authenticatee is taking in the IOTP
+ Transaction or is able to take. Examples of
+ inconsistencies include:
+ o asking a PaymentHandler for DeliveryHandler
+ information
+ o asking a Consumer for Merchant information
+
+ Recovery may be possible by the Authenticator re-
+ sending a revised Authentication Request Block with
+ corrected information.
+
+ Unspecified Unspecified error. There is some unknown problem or
+ error which does not fall into one of the other
+ CompletionCodes.
+
+ Recovery is not possible.
+
+ TimedOutRcvr Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ Recovery is possible if the last message from the
+ other Trading Role is received again.
+
+
+
+
+
+Burdett Informational [Page 143]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TimedOutNoRcvr Non Recoverable Time Out. Messages were resent but no
+ response received. The document exchange has
+ therefore "Timed Out". This code is only valid on a
+ Transaction Inquiry.
+
+ No recovery possible.
+
+7.16.5 Undefined Completion Codes
+
+ The Completion Code is only required if the ProcessState attribute is
+ set to Failed. The following table contains the valid values for the
+ CompletionCode that may be used. It is recommended that the
+ StatusDesc attribute is used to provide further explanation where
+ appropriate.
+
+ Value Description
+
+ InMsgHardError Input Message Hard Error. The type of Request Block
+ could not be identified or was inconsistent.
+ Therefore no single Document Exchange could be
+ identified. This will cause a Hard Error in the
+ transaction
+
+7.16.6 Transaction Inquiry Completion Codes
+
+ The Completion Code is only required if the ProcessState attribute is
+ set to Failed. The following table contains the valid values for the
+ CompletionCode that may be used. It is recommended that the
+ StatusDesc attribute is used to provide further explanation where
+ appropriate.
+
+ Value Description
+
+ UnAuthReq Unauthorised Request. The recipient of the
+ Transaction Status Request declines to respond to the
+ request.
+
+7.17 Trading Role Data Component
+
+ The Trading Role Data Component contains opaque data which needs to
+ be communicated between the Trading Roles involved in an IOTP
+ Transaction.
+
+ Trading Role Components identify:
+
+ o the Organisation that generated the component, and
+
+ o the Organisation that is to receive it.
+
+
+
+Burdett Informational [Page 144]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ They are first generated and included in a "Response" Block, and then
+ copied to the appropriate "Request" Block. For example a Payment
+ Handler might need to inform a Delivery Handler that a credit card
+ payment had been authorised but not captured. There may also be other
+ information that the Payment Handler has generated where the format
+ is privately agreed with the Delivery Handler which needs to be
+ communicated. In another example a Merchant might need to provide a
+ Payment Handler with some specific information about a Consumer so
+ that consumer can acquire double loyalty points with the payment.
+
+ Its definition is as follows.
+
+ <!ELEMENT TradingRoleData (PackagedContent+) >
+ <!ATTLIST TradingRoleData
+ ID ID #REQUIRED
+ OriginatorElRef NMTOKEN #REQUIRED
+ DestinationElRefs NMTOKENS #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Trading Role Data Component within the IOTP
+ Transaction.
+
+ OrginatorElRef Contains an element reference to the Organisation
+ Component of the Organisation that created the
+ Trading Role Data Component and included it in a
+ "Response" Block (e.g., an Offer Response or a
+ Payment Response Block).
+
+ DestinationElRefs Contains element references to the Organisation
+ Components of the Organisations that are to
+ receive the Trading Role Data Component in a
+ "Request" Block (e.g., either a Payment Request or
+ a Delivery Request Block).
+
+ Content:
+
+ PackagedContent This contains the data which is to be sent between
+ the various Trading Roles as one or more
+ PackagedContent elements see section 3.7.
+
+7.17.1 Who Receives a Trading Role Data Component
+
+ The rules for deciding what to do with Trading Role Data Components
+ are described below.
+
+
+
+
+
+Burdett Informational [Page 145]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o whenever a Trading Role Data Component is received in a "Response"
+ block identify the Organisation Components of the Organisations
+ that are to receive it as identified by the DestinationElRefs
+ attribute.
+
+ o whenever a "Request" Block is being sent, check to see if it is
+ being sent to one of the Organisations identified by the
+ DestinationElRefs attribute. If it is then include in the
+ "Request" block:
+
+ - the Trading Role Data Component as well as,
+
+ - the Organisation Component of the Organisation identified by
+ the OriginatorElRef attribute (if not already present)
+
+7.18 Inquiry Type Component
+
+ The Inquiry Type Component contains the information which indicates
+ the type of process that is being inquired upon. Its definition is as
+ follows.
+
+ <!ELEMENT InquiryType EMPTY >
+ <!ATTLIST InquiryType
+ ID ID #REQUIRED
+ Type NMTOKEN #REQUIRED
+ ElRef NMTOKEN #IMPLIED
+ ProcessReference CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Inquiry Type Component within the IOTP
+ Transaction.
+
+ Type Contains the type of inquiry. Valid values for
+ Type are:
+ o Offer. The inquiry is about the status of an
+ offer and is addressed to the Merchant.
+ o Payment. The inquiry is about the status of a
+ payment and is addressed to the Payment
+ Handler.
+ o Delivery. The inquiry is about the status of a
+ delivery and addressed to the Delivery Handler.
+
+ ElRef Contains an Element Reference (see section 3.5) to
+ the component to which this Inquiry Type Component
+ applies. That is,
+ o TPO Block when Type is Offer
+
+
+
+Burdett Informational [Page 146]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Payment Component when Type is Payment
+ o Delivery Component when Type is Delivery
+
+ ProcessReference Optionally contains a reference to the process
+ being inquired upon. It should be set if the
+ information is available. For the definition of
+ the values it may contain, see the
+ ProcessReference attribute of the Status Component
+ (see section 7.16).
+
+7.19 Signature Component
+
+ Note: Definitions of the XML structures for signatures and
+ certificates are described in the document titled "Digital Signatures
+ for the Internet Open Trading Protocol" by Kent Davidson and Yoshiaki
+ Kawatsura published at the same time as this document - see
+ [IOTPDSIG].
+
+ In the future it is anticipated that future versions of IOTP will
+ adopt a whatever method for digitally signing XML becomes the
+ standard.
+
+ Each Signature Component digitally signs one or more Blocks or
+ Components including other Signature Components.
+
+ The Signature Component:
+
+ o contains digests of one or more Blocks or Components in one or
+ more IOTP Messages within the same IOTP Transaction and places the
+ result in a Digest Element
+
+ o concatenates these Digest elements with other information on the
+ type of signature, the originator and potential recipients of the
+ signature and details of the signature algorithms being used and
+ places them in a Manifest element, and
+
+ o signs the Manifest element using the optional certificate
+ identified in the Certificate element within the Signature Block
+ placing the result in a Value element within a Signature Component
+
+ Note that there may be multiple Value elements that contain
+ signatures of a Manifest Element.
+
+ A Signature Component can be one of four types either:
+
+ o an Offer Response Signature,
+
+ o a Payment Response Signature,
+
+
+
+Burdett Informational [Page 147]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o a Delivery Response Signature, or
+
+ o an Authentication Response Signature.
+
+ For a general explanation of signatures see section 6 Digital
+ Signatures.
+
+7.19.1 IOTP usage of signature elements and attributes
+
+ Definitions of the elements and attributes are contained in
+ [IOTPDSIG]. The following contains additional information that
+ describes how these elements and attributes are used by IOTP.
+
+ SIGNATURE ELEMENT
+
+ The ID attribute is mandatory.
+
+ MANIFEST ELEMENT
+
+ The optional LocatorHrefBase attribute contains text which should be
+ concatenated before the text contained in the LocatorHREF attribute
+ of all Digest elements within the Manifest.
+
+ Its purpose is to reduce the size of LocatorHREF attribute values
+ since the first part of the LocatorHREF attributes in the same
+ signature are likely to be the same.
+
+ Typically, within IOTP, it will contain all the characters in a
+ LocatorHref attribute up to the sharp ("#") character (see
+ immediately below).
+
+ ALGORITHM AND PARAMETER ELEMENTS
+
+ The algorithm element identifies the algorithms used in generating
+ the signature. The type of the algorithm is defined by the value of
+ the Type attribute which indicates if it is to be used as a Digest
+ algorithm, a Signature algorithm or a Key Agreement algorithm.
+
+ The following Digest algorithms must be implemented:
+
+ o a [DOM-HASH] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:ibm:dom-hash"
+
+ o a [SHA1] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:fips:sha1", and
+
+ o a [MD5] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:rsa:md5"
+
+
+
+Burdett Informational [Page 148]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o The following Signature algorithms must be implemented:
+
+ o a [DSA] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:us.gov:dsa"
+
+ o a [HMAC] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:ibm:hmac"
+
+ It is recommended that the following Signature algorithm is also
+ implemented:
+
+ o a [RSA] algorithm. This is identified by setting the Name
+ attribute of the Algorithm element to "urn:rsa:rsa"
+
+ In addition other payment scheme specific algorithms may be used. In
+ this case the value of the name attribute to use is specified in the
+ payment scheme supplement for that algorithm.
+
+ One algorithm may make use of other algorithms by use of the
+ Parameter element, for example:
+
+ <Algorithm ID=A1 type="digest" name="urn:ibm:dom-hash">
+ <Parameter type='AlgorithmRef'>A2</Parameter>
+ </Algorithm>
+ <Algorithm ID=A2 type="digest" name="urn:fips:sha1">
+ </Algorithm>
+ <Algorithm ID=A3 type="signature" name="urn:ibm:hmac">
+ <Parameter type='AlgorithmRef'>A1</Parameter>
+ </Algorithm>
+
+ DIGEST ELEMENT
+
+ The LocatorHREF attribute identifies the IOTP element which is being
+ digitally signed. Specifically it consists of:
+
+ o the value of the IotpTransId attribute of the Transaction ID
+ Component, followed by:
+
+ o a sharp character, i.e. "#", followed by
+
+ o an Element Reference (see section 3.5) to the element within the
+ IOTP Transaction which is the subject of the digest.
+
+ Before analysing the structure of the LocatorHREF attribute, it must
+ be concatenated with the value of the LocatorHrefBase attribute of
+ the Manifest element (see immediately above).
+
+
+
+
+
+Burdett Informational [Page 149]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ATTRIBUTE ELEMENT
+
+ There must be one and only one Attribute Element that contains a Type
+ attribute with a value of IOTP Signature Type and with content set to
+ either: OfferResponse, PaymentResponse, DeliveryResponse,
+
+ AuthenticationRequest, AuthenticationResponse, PingRequest or
+ PingResponse; depending on the type of the signature.
+
+ Values of the content of the Attribute element are controlled under
+ the procedures defined in section 12 IANA Considerations which also
+ allows user defined values to be defined.
+
+ The Critical attribute must be set to true.
+
+ ORIGINATORINFO ELEMENT
+
+ The OriginatorRef attribute of the OriginatorInfo element must always
+ be present and contain an Element Reference (see section 3.5) to the
+ Organisation Component of the Organisation that generated the
+ Signature Component.
+
+ RECIPIENTINFO ELEMENT
+
+ The RecipientRefs attribute contains a list of Element References
+ (see section 3.5), that point to the Organisations that might need to
+ validate the signature. For details see below.
+
+7.19.2 Offer Response Signature Component
+
+ The Manifest Element of a signature which has a type of OfferResponse
+ should contain Digest elements for the following Components:
+
+ o the Transaction Id Component (see section 3.3.1) of the IOTP
+ message that contains the Offer Response Signature
+
+ o the Transaction Reference Block (see section 3.3) of the IOTP
+ Message that contains the Offer Response Signature
+
+ o from the TPO Block:
+
+ - the Protocol Options Component
+
+ - each of the Organisation Components
+
+ - each of the Brand List Components
+
+
+
+
+
+Burdett Informational [Page 150]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o optionally, all the Brand Selection Components if they were sent
+ to the Merchant in a TPO Selection Block
+
+ o from the Offer Response Block:
+
+ - the Order Component
+
+ - each of the Payment Components
+
+ - the Delivery Component
+
+ - each of the Authentication Request Components
+
+ - any Trading Role Data Components
+
+ The Offer Response Signature should also contain Digest elements for
+ the components that describe each of the Organisations that may or
+ will need to verify the signature. This involves:
+
+ o if the Merchant has received a TPO Selection Block containing
+ Brand Selection Components, then generate a Digest element for the
+ Payment Handler identified by the Brand Selection Component and
+ the Delivery Handler identified by the Delivery Component. See
+ section 6.3.1 Check Request Block sent Correct Organisation for a
+ description of how this can be done.
+
+ o if the Merchant is not expecting to receive a TPO Selection Block
+ then generate a Digest element for the Delivery Handler and all
+ the Payment Handlers that are involved.
+
+7.19.3 Payment Receipt Signature Component
+
+ The Manifest Element of the Payment Receipt Signature Component
+ should contain Digest Elements for the following Components:
+
+ o the Transaction Id Component (see section 3.3.1) of the IOTP
+ message that contains the Payment Receipt Signature
+
+ o the Transaction Reference Block (see section 3.3) of the IOTP
+ Message that contains the Payment Receipt Signature
+
+ o the Offer Response Signature Component
+
+ o the Payment Receipt Component
+
+ o the Payment Note Component
+
+ o the Status Component
+
+
+
+Burdett Informational [Page 151]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Brand Selection Component.
+
+ o any Trading Role Data Components
+
+7.19.4 Delivery Response Signature Component
+
+ The Manifest Element of the Delivery Response Signature Component
+ should contain Digest Elements for the following Components:
+
+ o the Transaction Id Component (see section 3.3.1) of the IOTP
+ message that contains the Delivery Response Signature
+
+ o the Transaction Reference Block (see section 3.3) of the IOTP
+ Message that contains the Delivery Response Signature
+
+ o the Consumer Delivery Data component contained in the preceding
+ Delivery Request (if any)
+
+ o the Signature Components contained in the preceding Delivery
+ Request (if any)
+
+ o the Status Component
+
+ o the Delivery Note Component
+
+7.19.5 Authentication Request Signature Component
+
+ The Manifest Element of the Authentication Request Signature
+ Component should contain Digest Elements for the following
+ Components:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the TPO Block :
+
+ - the Protocol Options Component
+
+ - the Organisation Component
+
+ o the following components of the Authentication Request Block:
+
+ - the Authentication Request Component(s) (if present)
+
+
+
+
+Burdett Informational [Page 152]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - the Trading Role Information Request Component (if present)
+
+7.19.6 Authentication Response Signature Component
+
+ The Manifest Element of the Authentication Response Signature
+ Component should contain Digest Elements for the following
+ Components:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the Authentication Request Block:
+
+ - the Authentication Request Component that was used in the
+ Authentication (if present)
+
+ - the Trading Role Information Request Component (if present)
+
+ o the Organisation Components contained in the Authentication
+ Response Block
+
+7.19.7 Inquiry Request Signature Component
+
+ If the Inquiry Request is being signed (see section 9.2.1) the
+ Manifest Element of the Inquiry Request Signature Component should
+ contain Digest elements of the Inquiry Type Component, and if
+ present, the Payment Scheme Component.
+
+7.19.8 Inquiry Response Signature Component
+
+ If the Inquiry Response is being signed (see section 9.2.1) the
+ Manifest Element of the Inquiry Response Signature Component should
+ contain Digest elements of the Trading Response Block and the Status
+ Component.
+
+7.19.9 Ping Request Signature Component
+
+ If the Ping Request is being singed (see section 9.2.2), the Manifest
+ Element of the Ping Request Signature Component should contain Digest
+ elements for all the Organisation Components.
+
+
+
+
+
+
+
+Burdett Informational [Page 153]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.19.10 Ping Response Signature Component
+
+ If the Ping Response is being singed (see section 9.2.2), the
+ Manifest Element of the Ping Response Signature Component should
+ contain Digest elements fir all the Organisation Components.
+
+7.20 Certificate Component
+
+ Note: Definitions of the XML structures for signatures and
+ certificates are described in the paper "Digital Signatures for the
+ Internet Open Trading Protocol", see [IOTPDSIG].
+
+ See note at the start of section 7.19 Signature Component for more
+ details.
+
+ A Certificate Component contains a Digital Certificate. They are used
+ only when required, for example, when asymmetric cryptography is
+ being used and the recipient of the signature that needs to check has
+ not already received the Public Key.
+
+ The structure of a Certificate Component is defined in [IOTPDSIG].
+
+7.20.1 IOTP usage of signature elements and attributes
+
+ Detailed definitions of the above elements and attributes are
+ contained in [IOTPDSIG]. The following contains additional
+ information that describes how these elements and attributes are used
+ by IOTP.
+
+ CERTIFICATE COMPONENT
+
+ The ID attribute is mandatory.
+
+ VALUE ELEMENT
+
+ The ID attribute is mandatory.
+
+7.21 Error Component
+
+ The Error Component contains information about Technical Errors (see
+ section 4.1) in an IOTP Message which has been received by one of the
+ Trading Roles involved in the trade.
+
+ For clarity two phrases are defined which are used in the description
+ of an Error Component:
+
+ o message in error. An IOTP message which contains or causes an
+ error of some kind
+
+
+
+Burdett Informational [Page 154]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o message reporting the error. An IOTP message that contains an
+ Error Component that describes the error found in a message in
+ error.
+
+ The definition of the Error Component is as follows.
+
+ <!ELEMENT ErrorComp (ErrorLocation+, PackagedContent*) >
+ <!ATTLIST ErrorComp
+ ID NMTOKEN #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ErrorCode NMTOKEN #REQUIRED
+ ErrorDesc CDATA #REQUIRED
+ Severity (Warning|TransientError|HardError) #REQUIRED
+ MinRetrySecs CDATA #IMPLIED
+ SwVendorErrorRef CDATA #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Error
+ Component within the IOTP Transaction.
+
+ xml:lang Defines the language used by attributes or child
+ elements within this component, unless overridden
+ by an xml:lang attribute on a child element. See
+ section 3.8 Identifying Languages.
+
+ ErrorCode Contains an error code which indicates the nature
+ of the error in the message in error. Valid values
+ for the ErrorCode are given in section 7.21.2
+ Error Codes.
+
+ ErrorDesc Contains a narrative description of the error in
+ the language defined by xml:lang. The content of
+ this attribute is defined by the vendor/developer
+ of the software which generated the Error
+ Component
+
+ Severity Indicates the severity of the error. Valid values
+ are:
+ o Warning. This indicates that although there is
+ a message in error the IOTP Transaction can
+ still continue.
+ o TransientError. This indicates that the error
+ in the message in error may be recovered if the
+ message in error that is referred to by the
+ ErrorLocation element is resent
+
+
+
+
+
+Burdett Informational [Page 155]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o HardError. This indicates that there is an
+ unrecoverable error in the message in error and
+ the IOTP Transaction must stop.
+
+ MinRetrySecs This attribute should be present if Severity is
+ set to TransientError. It is the minimum number of
+ whole seconds which the IOTP aware application
+ which received the message reporting the error
+ should wait before re-sending the message in error
+ identified by the ErrorLocation element.
+
+ If Severity is not set to TransientError then the
+ value of this attribute is ignored.
+
+ SwVendorErrorRef This attribute is a reference whose value is set
+ by the vendor/developer of the software which
+ generated the Error Component. It should contain
+ data which enables the vendor to identify the
+ precise location in their software and the set of
+ circumstances which caused the software to
+ generate a message reporting the error. See also
+ the SoftwareId attribute of the Message Id element
+ in the Transaction Reference Block (section 3.3).
+
+ Content:
+
+ ErrorLocation This identifies the IOTP Transaction Id of the
+ message in error and, where possible, the element
+ and attribute in the message in error that caused
+ the Error Component to be generated.
+
+ If the Severity of the error is not
+ TransientError, more than one ErrorLocation may be
+ specified as appropriate depending on the nature
+ of the error (see section 7.21.2 Error Codes) and
+ at the discretion of the vendor/developer of the
+ IOTP Aware Application.
+
+ PackagedContent This contains additional data which can be used to
+ understand the error. Its content may vary as
+ appropriate depending on the nature of the error
+ (see section 7.21.2 Error Codes) and at the
+ discretion of the vendor/developer of the IOTP
+ Aware Application. For a definition of
+ PackagedContent see section 3.7.
+
+
+
+
+
+
+Burdett Informational [Page 156]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+7.21.1 Error Processing Guidelines
+
+ If there is more than one Error Component in a message reporting the
+ error, carry out the actions appropriate for the Error Component with
+ the highest severity. In this context, HardError has a higher
+ severity than TransientError, which has a higher severity than
+ Warning.
+
+7.21.1.1 Severity - Warning
+
+ If an IOTP aware application is generating a message reporting the
+ error with an Error Component where the Severity attribute is set to
+ Warning, then if the message reporting the error does not contain
+ another Error Component with a severity higher than Warning, the IOTP
+ Message must also include the Trading Blocks and Trading Components
+ that would have been included if no error was being reported.
+
+ If a message reporting the error is received with an Error Component
+ where Severity is set to Warning, then:
+
+ o it is recommended that information about the error is either
+ logged, or otherwise reported to the user,
+
+ o the implementer of the IOTP aware application must either, at
+ their or the user's discretion:
+
+ - continue the IOTP transaction as normal, or
+
+ - fail the IOTP transaction by generating a message reporting the
+ error with an Error Component with Severity set to HardError
+ (see section 7.21.1.3).
+
+ If the intention is to continue the IOTP transaction then, if there
+ are no other Error Components with a higher severity, check that the
+ necessary Trading Blocks and Trading Components for normal processing
+ of the transaction to continue are present. If they are not then
+ generate a message reporting the error with an Error Component with
+ Severity set to HardError.
+
+7.21.1.2 Severity - Transient Error
+
+ If an IOTP Aware Application is generating a message reporting the
+ error with an Error Component where the Severity attribute is set to
+ TransientError, then there should be only one Error Component in the
+ message reporting the error. In addition, the MinRetrySecs attribute
+ should be present.
+
+
+
+
+
+Burdett Informational [Page 157]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If a message reporting the error is received with an Error Component
+ where Severity is set to TransientError then:
+
+ o if the MinRetrySecs attribute is present and a valid number, then
+ use the MinRetrySecs value given. Otherwise if MinRetrySecs is
+ missing or is invalid, then:
+
+ - generate a message reporting the error containing an Error
+ Component with a Severity of Warning and send it on the next
+ IOTP message (if any) to be sent to the Trading Role which sent
+ the message reporting the error with the invalid MinRetrySecs,
+ and
+
+ - use a value for MinRetrySecs which is set by the
+ vendor/developer of the IOTP Aware Application.
+
+ o check that only one ErrorLocation element is contained within the
+ Error Component and that it refers to an IOTP Message which was
+ sent by the recipient of the Error Component with a Severity of
+ TransientError. If more than one ErrorLocation is present then
+ generate a message reporting the error with a Severity of
+ HardError.
+
+7.21.1.3 Severity - Hard Error
+
+ If an IOTP Aware Application is generating a message reporting the
+ error with an Error Component where the Severity attribute set to
+ HardError, then there should be only one Error Component in the
+ message reporting the error.
+
+ If a message reporting the error is received with an Error Component
+ where Severity is set to HardError then terminate the IOTP
+ Transaction.
+
+7.21.2 Error Codes
+
+ The following table contains the valid values for the ErrorCode
+ attribute of the Error Component. The first sentence of the
+ description contains the text that should be used to describe the
+ error when displayed or otherwise reported. Individual
+ implementations may translate this into alternative languages at
+ their discretion.
+
+ An Error Code must not be more that 14 characters long.
+
+
+
+
+
+
+
+Burdett Informational [Page 158]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Value Description
+
+ Reserved Reserved. This error is reserved by the
+ vendor/developer of the software. Contact the
+ vendor/developer of the software for more information
+ See the SoftwareId attribute of the Message Id
+ element in the Transaction Reference Block(section
+ 3.3).
+
+ XmlNotWellFrmd XML not well formed. The XML document is not well
+ formed. See [XML] for the meaning of "well formed".
+ Even if the XML is not well formed, it should still
+ be scanned to find the Transaction Reference Block so
+ that a properly formed Error Response may be
+ generated.
+
+ XmlNotValid XML not valid. The XML document is well formed but
+ the document is not valid. See [XML] for the meaning
+ of "valid". Specifically:
+ o the XML document does not comply with the
+ constraints defined in the IOTP document type
+ declaration (DTD) (see section 13 Internet Open
+ Trading Protocol Data Type Definition), and
+ o the XML document does not comply with the
+ constraints defined in the document type
+ declaration of any additional [XML Namespace] that
+ are declared.
+
+ As for XML not well formed, attempts should still be
+ made to extract the Transaction Reference Block so
+ that a properly formed Error Response may be
+ generated.
+
+ ElUnexpected Unexpected element. Although the XML document is well
+ formed and valid, an element is present that is not
+ expected in the particular context according to the
+ rules and constraints contained in this
+ specification.
+
+ ElNotSupp Element not supported. Although the document is well
+ formed and valid, an element is present that:
+ o is consistent with the rules and constraints
+ contained in this specification, but
+ o is not supported by the IOTP Aware Application
+ which is processing the IOTP Message.
+
+
+
+
+
+
+Burdett Informational [Page 159]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ElMissing Element missing. Although the document is well formed
+ and valid, an element is missing that should have
+ been present if the rules and constraints contained
+ in this specification are followed.
+
+ In this case set the PackagedContent of the Error
+ Component to the type of the missing element.
+
+ ElContIllegal Element content illegal. Although the document is
+ well formed and valid, the element Content contains
+ values which do not conform to the rules and
+ constraints contained in this specification.
+
+ EncapProtErr Encapsulated protocol error. Although the document is
+ well formed and valid, the PackagedContent of an
+ element contains data from an encapsulated protocol
+ which contains errors.
+
+ AttUnexpected Unexpected attribute. Although the XML document is
+ well formed and valid, the presence of the attribute
+ is not expected in the particular context according
+ to the rules and constraints contained in this
+ specification.
+
+ AttNotSupp Attribute not supported. Although the XML document is
+ well formed and valid, and the presence of the
+ attribute in an element is consistent with the rules
+ and constraints contained in this specification, it
+ is not supported by the IOTP Aware Application which
+ is processing the IOTP Message.
+
+ AttMissing Attribute missing. Although the document is well
+ formed and valid, an attribute is missing that should
+ have been present if the rules and constraints
+ contained in this specification are followed.
+
+ In this case set the PackagedContent of the Error
+ Component to the type of the missing attribute.
+
+ AttValIllegal Attribute value illegal. The attribute contains a
+ value which does not conform to the rules and
+ constraints contained in this specification.
+
+ AttValNotRecog Attribute Value Not Recognised. The attribute
+ contains a value which the IOTP Aware Application
+ generating the message reporting the error could not
+ recognise.
+
+
+
+
+Burdett Informational [Page 160]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ MsgTooLarge Message too large. The message is too large to be
+ processed by the IOTP Aware Application.
+
+ ElTooLarge Element too large. The element is too large to be
+ processed by the IOTP Aware Application
+
+ ValueTooSmall Value too small or early. The value of all or part of
+ the Content of an element or an attribute, although
+ valid, is too small.
+
+ ValueTooLarge Value too large or in the future. The value of all or
+ part of the Content of an element or an attribute,
+ although valid, is too large.
+
+ ElInconsistent Element Inconsistent. Although the document is well
+ formed and valid, according to the rules and
+ constraints contained in this specification:
+ o the content of an element is inconsistent with the
+ content of other elements or their attributes, or
+ o the value of an attribute is inconsistent with the
+ value of one or more other attributes.
+
+ In this case create ErrorLocation elements which
+ identify all the attributes or elements which are
+ inconsistent.
+
+ TransportError Transport Error. This error code is used to indicate
+ that there is a problem with the Transport Mechanism
+ which is preventing the message from being received.
+ It is typically associated with a Transient Error.
+ Explanation of the Transport Error is contained
+ within the ErrorDesc attribute. The values which can
+ be used inside ErrorDesc with a TransportError is
+ specified in the IOTP supplement for the Transport
+ mechanism.
+
+ MsgBeingProc Message Being Processed. This error code is only used
+ with a Severity of Transient Error. It indicates that
+ the previous message, which may be an exchange
+ message or a request message, is being processed and,
+ if no response is received by the time indicated by
+ the MinRetrySecs attribute, then the original message
+ should be resent.
+
+ SystemBusy System Busy. This error code is only used with a
+ Severity of Transient Error. It indicates that the
+ server that received a message is currently too busy
+ to handle the message. If no response is received by
+
+
+
+Burdett Informational [Page 161]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ the time indicated by the MinRetrySecs attribute,
+ then the original message should be resent.
+
+ Note: If the server/system handling the Transport Mechanism (e.g.,
+ HTTP) is busy then a Transport Specific error message should be used
+ instead of an IOTP Error message. This code should be used in
+ association with IOTP servers/systems or other servers/systems to
+ which the IOTP server is connected.
+
+ UnknownError Unknown Error. Indicates that the transaction cannot
+ complete for some reason that is not covered
+ explicitly by any of the other errors. The ErrorDesc
+ attribute should be used to indicate the nature of
+ the problem.
+
+ This could be used to indicate, for example, an
+ internal error in a backend server or client process
+ of some kind.
+
+7.21.3 Error Location Element
+
+ An Error Location Element identifies an element and optionally an
+ attribute in the message in error which is associated with the error.
+ It contains a reference to the IOTP Message, Trading Block, Trading
+ Component, element and attribute, which is in error.
+
+ <!ELEMENT ErrorLocation EMPTY >
+ <!ATTLIST ErrorLocation
+ ElementType NMTOKEN #REQUIRED
+ IotpMsgRef NMTOKEN #IMPLIED
+ BlkRef NMTOKEN #IMPLIED
+ CompRef NMTOKEN #IMPLIED
+ ElementRef NMTOKEN #IMPLIED
+ AttName NMTOKEN #IMPLIED >
+
+ Attributes:
+
+ ElementType This is the name of the type of the element where
+ the error is located. For example if the element
+ was declared as <!ELEMENT Org ... then its name is
+ "Org".
+
+ IotpMsgRef This is the value of the ID attribute of the of
+ the Message Id Component (see section 3.3.2) of
+ the message in error to which this Error Component
+ applies.
+
+
+
+
+
+Burdett Informational [Page 162]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ BlkRef If the error is associated with a specific Trading
+ Block, then this is the value of the ID attribute
+ of the Trading Block where the error is located.
+
+ CompRef If the error is associated with a specific Trading
+ Component, then this is the value of the ID
+ attribute of the Trading Component where the error
+ is located.
+
+ ElementRef If the error is associated with a specific element
+ within a Trading Component then, if the element
+ has an attribute with an "attribute type" (see
+ [XML]) of "ID", then this is the value of that
+ attribute.
+
+ AttName If the error is associated with the value of an
+ attribute, then this is the name of that
+ attribute. In this case the PackagedContent of the
+ Error Component should contain the value of the
+ attribute.
+
+ Note that as many as the attributes as possible should be included.
+ For example if an attribute in a child element of a Trading Component
+ contains an incorrect value, then all the attributes of ErrorLocation
+ should be present.
+
+8. Trading Blocks
+
+ Trading Blocks are child elements of the top level IOTP Messages that
+ are sent in the form of [XML] documents directly between the
+ different Trading Roles that are taking part in a trade.
+
+ Each Trading Blocks consist of one or more Trading Components (see
+ section 7). This is illustrated in the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 163]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ IOTP MESSAGE <-----------IOTP Message - an XML Document
+ | which is transported between the
+ | Trading Roles
+ |-Trans Ref Block <----- Trans Ref Block - contains
+ | | information which describes the
+ | | IOTP Transaction and the IOTP
+ | | Message.
+ | |-Trans Id Comp. <--- Transaction Id Component -
+ | | uniquely identifies the IOTP
+ | | Transaction. The Trans Id
+ | | Components are the same across
+ | | all IOTP messages that comprise a
+ | | single IOTP transaction.
+ | |-Msg Id Comp. <----- Message Id Component - identifies
+ | and describes an IOTP Message
+ | within an IOTP Transaction
+ |-Signature Block <----- Signature Block (optional) -
+ | | contains one or more Signature
+ | | Components and their associated
+ | | Certificates
+ | |-Signature Comp. <-- Signature Component - contains
+ | | digital signatures. Signatures
+ | | may sign digests of the Trans Ref
+ | | Block and any Trading Component
+ | | in any IOTP Message in the same
+ | | IOTP Transaction.
+ | |-Certificate Comp. <-Certificate Component. Used to
+ | check the signature. (Optional)
+ ------> |-Trading Block <--------Trading Block - an XML Element
+ | | |-Trading Comp. within an IOTP Message that
+ Trading | |-Trading Comp. contains a predefined set of
+ Blocks | |-Trading Comp. Trading Components
+ | | |-Trading Comp.
+ | | |-Trading Comp. <-----Trading Components - XML Elements
+ | | within a Trading Block that
+ ------> |-Trading Block contain a predefined set of XML
+ | |-Trading Comp. elements and attributes
+ | |-Trading Comp. containing information required
+ | |-Trading Comp. to support a Trading Exchange
+ | |-Trading Comp.
+ | |-Trading Comp.
+ |
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 16 Trading Blocks
+
+
+
+
+Burdett Informational [Page 164]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Trading Blocks are defined as part of the definition of an IOTP
+ Message (see section 3.1.1). The definition of an IOTP Message
+ element is repeated here:
+
+ <!ELEMENT IotpMessage
+ ( TransRefBlk,
+ SigBlk?,
+ ErrorBlk?,
+ ( AuthReqBlk |
+ AuthRespBlk |
+ AuthStatusBlk |
+ CancelBlk |
+ DeliveryReqBlk |
+ DeliveryRespBlk |
+ InquiryReqBlk |
+ InquiryRespBlk |
+ OfferRespBlk |
+ PayExchBlk |
+ PayReqBlk |
+ PayRespBlk |
+ PingReqBlk |
+ PingRespBlk |
+ TpoBlk |
+ TpoSelectionBlk
+ )*
+ ) >
+
+ The remainder of this section defines the Trading Blocks in this
+ version of IOTP. They are:
+
+ o Authentication Request Block
+
+ o Authentication Response Block
+
+ o Authentication Status Block
+
+ o Cancel Block
+
+ o Delivery Request Block
+
+ o Delivery Response Block
+
+ o Error Block
+
+ o Inquiry Request Block
+
+ o Inquiry Response Block
+
+
+
+
+Burdett Informational [Page 165]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Offer Response Block
+
+ o Payment Exchange Block
+
+ o Payment Request Block
+
+ o Payment Response Block
+
+ o Signature Block
+
+ o Trading Protocol Options Block
+
+ o TPO Selection Block
+
+ The Transaction Reference Block is described in section 3.3.
+
+8.1 Trading Protocol Options Block
+
+ The TPO Trading Block contains options which apply to the IOTP
+ Transaction. The definition of a TPO Trading Block is as follows.
+
+ <!ELEMENT TpoBlk ( ProtocolOptions, BrandList*, Org* ) >
+ <!ATTLIST TpoBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Trading Protocol Options Block within the IOTP
+ Transaction (see section 3.4 ID Attributes).
+
+ Content:
+
+ ProtocolOptions The Protocol Options Component (see section
+ 7.1)defines the options which apply to the whole
+ IOTP Transaction (see section 9).
+
+ BrandList This Brand List Component contains one or more
+ payment brands and protocols which may be selected
+ (see section 7.7).
+
+ Org The Organisation Components (see section 7.6)
+ identify the Organisations and their roles in the
+ IOTP Transaction. The roles and Organisations
+ which must be present will depend on the
+ particular type of IOTP Transaction. See the
+ definition of each transaction in section 9.
+ Internet Open Trading Protocol Transactions.
+
+
+
+Burdett Informational [Page 166]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The TPO Block should contain:
+
+ o the Protocol Options Component
+
+ o the Organisation Component with the Trading Role of Merchant
+
+ o the Organisation Component with the Trading Role of Consumer
+
+ o optionally, the Organisation Component with the Trading Role of
+ DeliverTo, if there is a Delivery included in the IOTP Transaction
+
+ o Brand List Components for each payment in the IOTP Transaction
+
+ o Organisation Components for all the Payment Handlers involved
+
+ o optionally, Organisation Components for the Delivery Handler (if
+ any) for the transaction
+
+ o additional Organisation Components that the Merchant may want to
+ include. For example
+
+ - a Customer Care Provider
+
+ - an Certificate Authority that offers Merchant "Credentials" or
+ some other warranty on the goods or services being offered.
+
+8.2 TPO Selection Block
+
+ The TPO Selection Block contains the results of selections made from
+ the options contained in the Trading Protocol Options Block (see
+ section 8.1).The definition of a TPO Selection Block is as follows.
+
+ <!ELEMENT TpoSelectionBlk (BrandSelection+) >
+ <!ATTLIST TpoSelectionBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the TPO
+ Selection Block within the IOTP Transaction.
+
+ Content:
+
+ BrandSelection This identifies the choice of payment brand and
+ payment protocol to be used in a payment within
+ the IOTP Transaction. There is one Brand Selection
+ Component (see section 7.8) for each payment to be
+ made in the IOTP Transaction.
+
+
+
+Burdett Informational [Page 167]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The TPO Selection Block should contain one Brand Selection Component
+ for each Brand List in the TPO Block.
+
+8.3 Offer Response Block
+
+ The Offer Response Block contains details of the goods, services,
+ amount, delivery instructions or financial transaction which is to
+ take place. Its definition is as follows.
+
+ <!ELEMENT OfferRespBlk (Status, Order?, Payment*,
+ Delivery?, TradingRoleData*) >
+ <!ATTLIST OfferRespBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Offer
+ Response Block within the IOTP Transaction.
+
+ Content:
+
+ Status Contains status information about the business
+ success (see section 4.2) or failure of the
+ generation of the Offer. Note that in an Offer
+ Response Block, a ProcessState of NotYetStarted or
+ InProgress are illegal values.
+
+ Order The Order Component contains details about the
+ goods, services or financial transaction which is
+ taking place see section 7.5.
+
+ The Order Component must be present unless the
+ ProcessState attribute of the Status Component is
+ set to Failed.
+
+ Payment The Payment Components contain information about
+ the payments which are to be made see section 7.9.
+
+ Delivery The Delivery Component contains details of the
+ delivery to be made (see section 7.13).
+
+ TradingRoleData The Trading Role Data Component contains opaque
+ data which is needs to be communicated between the
+ Trading Roles involved in an IOTP Transaction (see
+ section 7.17).
+
+ The Offer Response Block should contain:
+
+
+
+
+Burdett Informational [Page 168]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Order Component for the IOTP Transaction
+
+ o Payment Components for each Payment in the IOTP Transaction
+
+ o the Delivery Component the IOTP Transaction requires (if any).
+
+8.4 Authentication Request Block
+
+ The Authentication Request Block contains the data which is used by
+ one Trading Role to obtain information about and optionally
+ authenticate another Trading Role.
+
+ In outline it contains:
+
+ o information about how the authentication itself will be carried
+ out, and/or
+
+ o a request for additional information about the Organisation being
+ authenticated.
+
+ Its definition is as follows.
+
+ <!ELEMENT AuthReqBlk (AuthReq*, TradingRoleInfoReq?) >
+ <!ATTLIST AuthReqBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Authentication Request Block within the IOTP
+ Transaction.
+
+ Content:
+
+ AuthReq Each Authentication Request (see section 7.2)
+ component describes an alternative way in which
+ the recipient of the Authentication Request may
+ authenticate themselves by generating an
+ Authentication Response Component (see section
+ 7.3).
+
+ If one Authentication Request Component is
+ present then that Authentication Request
+ Component should be used.
+
+
+
+
+
+
+
+Burdett Informational [Page 169]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If more than one Authentication Request Component
+ is present then the recipient should choose one
+ of the components based on personal preference of
+ the recipient or their software.
+
+ If no Authentication Request Component is present
+ it means that the Authentication Request Block is
+ requesting the return of Organisation Components
+ as specified in the Trading Role Information
+ Request Component.
+
+ TradingRoleInfoReq The Trading Role Information Request Component
+ (see section 7.4) contains a list of Trading
+ Roles about which information is being requested
+
+ There must be at least one Component (either an Authentication
+ Request or a Trading Role Information Request) within the
+ Authentication Block otherwise it is an error.
+
+8.5 Authentication Response Block
+
+ The Authentication Response Block contains the response which results
+ from processing the Authentication Request Block. Its definition is
+ as follows.
+
+ <!ELEMENT AuthRespBlk (AuthResp?, Org*) >
+ <!ATTLIST AuthRespBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Authentication Response Block within the IOTP
+ Transaction.
+
+ Content:
+
+ AuthResp The optional Authentication Response Component
+ which contains the results of processing the
+ Authentication Request Component - see section
+ 7.3.
+
+ Org Optional Organisation Components that contain
+ information corresponding to the Trading Roles as
+ requested by the TradingRoleList attribute of the
+ Trading Role Information Request component.
+
+
+
+
+
+Burdett Informational [Page 170]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The components present in the Authentication Response Block must
+ match the requirement of the corresponding Authentication Request
+ Block otherwise it is an error.
+
+8.6 Authentication Status Block
+
+ The Authentication Status Block indicates the success or failure of
+ the validation of an Authentication Response Block by an
+ Authenticator. Its definition is as follows.
+
+ <!ELEMENT AuthStatusBlk (Status) >
+ <!ATTLIST AuthStatusBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Authentication Status Block within the IOTP
+ Transaction.
+
+ Content:
+
+ Status Contains status information about the business
+ success (see section 4.2) or failure of the
+ authentication
+
+8.7 Payment Request Block
+
+ The Payment Request Block contains information which requests that a
+ payment is started. Its definition is as follows.
+
+ <!ELEMENT PayReqBlk (Status+, BrandList, BrandSelection,
+ Payment, PaySchemeData?, Org*, TradingRoleData*) >
+ <!ATTLIST PayReqBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Request Block within the IOTP Transaction.
+
+ Content:
+
+ Status Contains the Status Components (see section 7.13)
+ of the responses of the steps (e.g., an Offer
+ Response and/or a Payment Response) on which this
+
+
+
+
+
+Burdett Informational [Page 171]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ step depends. It is used to indicate the success
+ or failure of those steps. Payment should only
+ occur if the previous steps were successful.
+
+ BrandList The Brand List Component contains a list of one or
+ more payment brands and protocols which may be
+ selected (see section 7.7).
+
+ BrandSelection This identifies the choice of payment brand, the
+ payment protocol and the Payment Handler to be
+ used in a payment within the IOTP Transaction.
+ There is one Brand Selection Component (see
+ section 7.8) for each payment to be made in the
+ IOTP Transaction.
+
+ Payment The Payment Components contain information about
+ the payment which is being made see section 7.9.
+
+ PaySchemeData The Payment Scheme Component contains payment
+ scheme specific data see section 7.10.
+
+ Org The Organisation Component contains details of
+ Organisations involved in the payment (see section
+ 7.6). The Organisations present are dependent on
+ the IOTP Transaction and the data which is to be
+ signed. See section 6 Digital Signatures for more
+ details.
+
+ TradingRoleData The Trading Role Data Component contains opaque
+ data which is needs to be communicated between the
+ Trading Roles involved in an IOTP Transaction (see
+ section 7.17).
+
+ The Payment Request Block should contain:
+
+ o the Organisation Component with a Trading Role of Merchant
+
+ o the Organisation Component with the Trading Role of Consumer
+
+ o the Payment Component for the Payment
+
+ o the Brand List Component for the Payment
+
+ o the Brand Selection Component for the Brand List
+
+ o the Organisation Component for the Payment Handler of the Payment
+
+
+
+
+
+Burdett Informational [Page 172]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Organisation Component (if any) for the Organisation which
+ carried out the previous step, for example another Payment Handler
+
+ o the Organisation Component for the Organisation which is to carry
+ out the next step, if any. This may be, for example, either a
+ Delivery Handler or a Payment Handler.
+
+ o the Organisation Components for any additional Organisations that
+ the Merchant has included in the Offer Response Block
+
+ o an Optional Payment Scheme Data Component, if required by the
+ Payment Method as defined in the IOTP supplement for the payment
+ method
+
+ o any Trading Role Data Components that may be required (see section
+ 7.17.1).
+
+8.8 Payment Exchange Block
+
+ The Payment Exchange Block contains payment scheme specific data
+ which is exchanged between two of the roles in a trade. Its
+ definition is as follows.
+
+ <!ELEMENT PayExchBlk (PaySchemeData+) >
+ <!ATTLIST PayExchBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Exchange Block within the IOTP
+ Transaction.
+
+ Content:
+
+ PaySchemeData This Trading Component contains payment scheme
+ specific data see section 7.10 Payment Scheme
+ Component.
+
+8.9 Payment Response Block
+
+ This Payment Response Block contains a information about the Payment
+ Status, an optional Payment Receipt, and an optional payment protocol
+ message. Its definition is as follows.
+
+
+
+
+
+
+
+Burdett Informational [Page 173]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT PayRespBlk (Status, PayReceipt?, PaySchemeData?,
+ PaymentNote?, TradingRoleData*) >
+ <!ATTLIST PayRespBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Payment Response Block within the IOTP
+ Transaction.
+
+ Content:
+
+ Status Contains status information about the business
+ success (see section 4.2) or failure of the
+ payment. Note that in a Pay Response Block, a
+ ProcessState of NotYetStarted or InProgress are
+ illegal values.
+
+ PayReceipt Contains payment scheme specific data which can be
+ used to verify the payment occurred. See section
+ 7.11 Payment Receipt Component. It must be present
+ if the ProcessState attribute of the Status
+ Component is set to CompletedOk. PayReceipt is
+ optional for other values as specified by the
+ appropriate Payment Scheme supplement.
+
+ PaySchemeData Contains payment scheme specific data see section,
+ for example a payment protocol message. See 7.10
+ Payment Scheme Component.
+
+ PaymentNote Contains additional, non payment related,
+ information which the Payment Handler wants to
+ provide to the Consumer. For example, if a
+ withdrawal or deposit were being made then it
+ could contain information on the remaining balance
+ on the account after the transfer was complete.
+ See section 7.12 Payment Note Component.
+
+ TradingRoleData The Trading Role Data Component contains opaque
+ data which is needs to be communicated between the
+ Trading Roles involved in an IOTP Transaction (see
+ section 7.17).
+
+
+
+
+
+
+
+
+Burdett Informational [Page 174]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+8.10 Delivery Request Block
+
+ The Delivery Request Block contains details of the goods or services
+ which are to be delivered together with a signature which can be used
+ to check that delivery is authorised. Its definition is as follows.
+
+ <!ELEMENT DeliveryReqBlk (Status+, Order, Org*, Delivery,
+ ConsumerDeliveryData?, TradingRoleData*) >
+ <!ATTLIST DeliveryReqBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Delivery Request Block within the IOTP
+ Transaction.
+
+ Content:
+
+ Status Contains the Status Components (see section
+ 7.13) of the responses of the steps (e.g., a
+ Payment Response) on which this step is
+ dependent. It is used to indicate the success
+ or failure of those steps. Delivery should only
+ occur if the previous steps were successful.
+
+ Order The Order Component contains details about the
+ goods, services or financial transaction which
+ is taking place see section 7.5.
+
+ The Organisation Components (see section 7.6)
+ identify the Organisations and their roles in
+ Org the IOTP Transaction. The roles and
+ Organisations which must be present will depend
+ on the particular type of IOTP Transaction. See
+ the definition of each transaction in section
+ 9. Internet Open Trading Protocol Transactions.
+
+ Delivery The Delivery Component contains details of the
+ delivery to be made (see section 7.13).
+
+ ConsumerDeliveryData Optional. Contains an identifier specified by
+ the Consumer which, if returned by the Delivery
+ Handler will enable the Consumer to identify
+ which Delivery is being referred to.
+
+
+
+
+
+
+Burdett Informational [Page 175]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TradingRoleData The Trading Role Data Component contains opaque
+ data which is needs to be communicated between
+ the Trading Roles involved in an IOTP
+ Transaction (see section 7.17).
+
+ The Delivery Request Block contains:
+
+ o the Organisation Component with a Trading Role of Merchant
+
+ o the Organisation Component for the Consumer and DeliverTo Trading
+ Roles
+
+ o the Delivery Component for the Delivery
+
+ o the Organisation Component for the Delivery Handler. Specifically
+ the Organisation Component identified by the ActionOrgRef
+ attribute on the Delivery Component
+
+ o the Organisation Component (if any) for the Organisation which
+ carried out the previous step, for example a Payment Handler
+
+ o the Organisation Components for any additional Organisations that
+ the Merchant has included in the Offer Response Block
+
+ o any Trading Role Data Components that may be required (see section
+ 7.17.1).
+
+8.11 Delivery Response Block
+
+ The Delivery Response Block contains a Delivery Note containing
+ details on how the goods will be delivered. Its definition is as
+ follows. Note that in a Delivery Response Block a Delivery Status
+ Element with a DeliveryStatusCode of NotYetStarted or InProgress is
+ invalid.
+
+ <!ELEMENT DeliveryRespBlk (Status, DeliveryNote) >
+ <!ATTLIST DeliveryRespBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Delivery Response Block within the IOTP
+ Transaction.
+
+ Content:
+
+
+
+
+
+Burdett Informational [Page 176]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Status Contains status information about the business
+ success (see section 4.2) or failure of the
+ delivery. Note that in a Delivery Response Block,
+ a ProcessState of NotYetStarted or InProgress are
+ illegal values.
+
+ DeliveryNote The Delivery Note Component contains details about
+ how the goods or services will be delivered (see
+ section 7.15).
+
+8.12 Inquiry Request Trading Block
+
+ The Inquiry Request Trading Block contains an Inquiry Type Component
+ and an optional Payment Scheme Component to contain payment scheme
+ specific inquiry messages.
+
+ <!ELEMENT InquiryReqBlk ( InquiryType, PaySchemeData? ) >
+ <!ATTLIST InquiryReqBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Inquiry Request Trading Block within the IOTP
+ Transaction.
+
+ Content:
+
+ InquiryType Inquiry Type Component (see section 7.18) that
+ contains the type of inquiry.
+
+ PaySchemeData Payment Scheme Component (see section 7.10) that
+ contains payment scheme specific inquiry messages
+ for inquiries on payments. This is present when
+ the Type attribute of Inquiry Type Component is
+ Payment.
+
+8.13 Inquiry Response Trading Block
+
+ The Inquiry Response Trading Block contains a Status Component and an
+ optional Payment Scheme Component to contain payment scheme specific
+ inquiry messages. Its purpose is to enquire on the current status of
+ an IOTP transaction at a server.
+
+
+
+
+
+
+
+
+Burdett Informational [Page 177]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT InquiryRespBlk (Status, PaySchemeData?) >
+ <!ATTLIST InquiryRespBlk
+ ID ID #REQUIRED
+ LastReceivedIotpMsgRef NMTOKEN #IMPLIED
+ LastSentIotpMsgRef NMTOKEN #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Inquiry Response Trading Block within the
+ IOTP Transaction.
+
+ LastReceivedIotpMsgRef Contains an Element Reference (see section
+ 3.5) to the Message Id Component (see section
+ 3.3.2) of the last message this server has
+ received from the Consumer. If there is no
+ previously received message from the Consumer
+ in the pertinent transaction, this attribute
+ should be contain the value Null. This
+ attribute exists for debugging purposes.
+
+ LastSentIotpMsgRef Contains an Element Reference (see section
+ 3.5) to the Message Id Component (see section
+ 3.3.2) of the last message this server has
+ sent to the Consumer. If there is no
+ previously sent message to the Consumer in
+ the pertinent transaction, this attribute
+ should contain the value Null. This attribute
+ exists for debugging purposes.
+
+ Content:
+
+ Status Contains status information about the business
+ success (see section 4.2) or failure of a certain
+ trading exchange (i.e., Offer, Payment, or
+ Delivery).
+
+ PaySchemeData Payment Scheme Component (see section 7.10) that
+ contains payment scheme specific inquiry messages
+ for inquiries on payments. This is present when
+ the Type attribute of StatusType attribute of the
+ Status Component is set to Payment.
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 178]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+8.14 Ping Request Block
+
+ The Ping Request Block is used to determine if a Server is operating
+ and whether or not cryptography is compatible.
+
+ The definition of a Ping Request Block is as follows.
+
+ <!ELEMENT PingReqBlk (Org*)>
+ <!ATTLIST PingReqBlk
+ ID ID #REQUIRED>
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Ping
+ Request Trading Block within the IOTP Transaction.
+
+ Content:
+
+ Org Optional Organisation Components (see section
+ 7.6).
+
+ If no Organisation Component is present then the
+ Ping Request is anonymous and simply determines if
+ the server is operating.
+
+ However if Organisation Components are present,
+ then it indicates that the sender of the Ping
+ Request wants to verify that digital signatures
+ can be handled.
+
+ In this case the sender includes:
+ o an Organisation Component that identifies
+ itself specifying the Trading Role(s) it is
+ taking in IOTP transactions (Merchant, Payment
+ Handler, etc.)
+ o an Organisation Component that identifies the
+ intended recipient of the message.
+
+ These are then used to generate a signature over
+ the Ping Response Block.
+
+8.15 Ping Response Block
+
+ The Ping Response Trading Block provides the result of a Ping
+ Request.
+
+ It contains an Organisation Component that identifies the sender of
+ the Ping Response.
+
+
+
+Burdett Informational [Page 179]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If the Ping Request to which this block is a response contained
+ Organisation Components, then it also contains those Organisation
+ Components.
+
+ <!ELEMENT PingRespBlk (Org+)>
+ <!ATTLIST PingRespBlk
+ ID ID #REQUIRED
+ PingStatusCode (Ok | Busy | Down) #REQUIRED
+ SigVerifyStatusCode (Ok | NotSupported | Fail) #IMPLIED
+ xml:lang NMTOKEN #IMPLIED
+ PingStatusDesc CDATA #IMPLIED>
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Ping
+ Request Trading Block within the IOTP
+ Transaction.
+
+ PingStatusCode Contains a code which shows the status of the
+ sender software which processes IOTP messages.
+ Valid values are:
+ o Ok. Everything with the service is working
+ normally, including the signature
+ verification.
+ o Busy. Things are working normally but there
+ may be some delays.
+ o Down. The server is not functioning fully but
+ can still provide a Ping response.
+
+ SigVerifyStatusCode Contains a code which shows the status of
+ signature verification. This is present only
+ when the message containing the Ping Request
+ Block also contains a Signature Block. Valid
+ values are:
+ o Ok. The signature has successfully been
+ verified and proved compatible.
+ o NotSupported The receiver of this Ping
+ Request Block does not support validation of
+ signatures.
+ o Fail. Signature verification failed.
+
+ Xml:lang Defines the language used in PingStatusDesc.
+ This is present when PingStatusDesc is present.
+
+ PingStatusDesc Contains a short description of the status of
+ the server which sends this Ping Response Block.
+ Servers, if their designers want, can use this
+
+
+
+
+Burdett Informational [Page 180]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ attribute to send more refined status
+ information than PingStatusCode which can be
+ used for debugging purposes, for example.
+
+ Content:
+
+ Org These are Organisation Components (see section
+ 7.6).
+
+ The Organisation Components of the sender of the
+ Ping Response is always included in addition to
+ the Organisation Components sent in the Ping
+ Request.
+
+ Note: Ping Status Code values do not include a value such as Fail,
+ since, when the software receiving the Ping Request message is not
+ working at all, no Ping Response message will be sent back.
+
+8.16 Signature Block
+
+ The Signature Block contains one or more Signature Components and
+ associated Certificates (if required) which sign data associated with
+ the IOTP Transaction. For a general discussion and introduction to
+ how IOTP uses signatures, see section 6 Digital Signatures. The
+ definition of the Signature Component and certificates is contained
+ in the paper "Digital Signatures for the Internet Open Trading
+ Protocol", see [IOTPDSIG]. Descriptions of how these are used by
+ IOTP is contained in sections 7.19 and 7.20.
+
+ The definition of a Signature Block is as follows:
+
+ <!ELEMENT IotpSignatures (Signature+, Certificate*) >
+ <!ATTLIST IotpSignatures
+ ID ID #IMPLIED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the
+ Signature Block within the IOTP Transaction.
+
+ Content:
+
+ Signature A Signature Component. See section 7.19.
+
+ Certificate A Certificate Component. See section 7.20.
+
+
+
+
+
+
+Burdett Informational [Page 181]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The contents of a Signature Block depends on the Trading Block that
+ is contained in the same IOTP Message as the Signature Block.
+
+8.16.1 Signature Block with Offer Response
+
+ A Signature Block which is in the same message as an Offer Response
+ Block contains just an Offer Response Signature Component (see
+ section 7.19.2).
+
+8.16.2 Signature Block with Payment Request
+
+ A Signature Block which is in the same message as a Payment Request
+ Block contains:
+
+ o an Offer Response Signature Component (see section 7.19.2), and
+
+ o if the Payment is dependent on an earlier step (as indicated by
+ the StartAfter attribute on the Payment Component), then the
+ Payment Receipt Signature Component (see section 7.19.3) generated
+ by the previous step
+
+8.16.3 Signature Block with Payment Response
+
+ A Signature Block which is in the same message as a Payment
+ Response Block contains just a Payment Receipt Signature Component
+ (see section 7.19.3) generated by the step.
+
+8.16.4 Signature Block with Delivery Request
+
+ A Signature Block which is in the same message as a Delivery
+ Request Block contains:
+
+ o an Offer Response Signature Component (see section 7.19.2), and
+
+ o the Payment Receipt Signature Component (see section 7.19.3)
+ generated by the previous step.
+
+8.16.5 Signature Block with Delivery Response
+
+ A Signature Block which is in the same message as a Delivery Response
+ Block contains just a Delivery Response Signature component (see
+ section 7.19.4) generated by the step.
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 182]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+8.17 Error Block
+
+ The Error Trading Block contains one or more Error Components (see
+ section 7.21) which contain information about Technical Errors (see
+ section 4.1) in an IOTP Message which has been received by one of the
+ Trading Roles involved in the trade.
+
+ For clarity two phrases are defined which are used in the description
+ of an Error Trading Block:
+
+ o message in error. An IOTP message which contains or causes an
+ error of some kind
+
+ o message reporting the error. An IOTP message that contains an
+ Error Trading Block that describes the error found in a message in
+ error.
+
+ An Error Trading Block may be contained in any message reporting the
+ error. The action which then follows depends on the severity of the
+ error. See the definition of an Error Component, for an explanation
+ of the different types of severity and the actions which can then
+ occur.
+
+ in3 Note: Although, an Error Trading Block can report multiple
+ different errors using multiple Error Components, there is no
+ obligation on a developer of an IOTP Aware Application to do so.
+
+ The structure of an Error Trading Block is as follows.
+
+ <!ELEMENT ErrorBlk (ErrorComp+, PaySchemeData*) >
+ <!ATTLIST ErrorBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Error
+ Trading Block within the IOTP Transaction.
+
+ Content:
+
+ ErrorComp An Error Components (see section 7.21) that
+ contains information about an individual Technical
+ Error.
+
+ PaySchemeData An optional Payment Scheme Component (see section
+ 7.10) which contains a Payment Scheme Message. See
+ the appropriate payment scheme supplement to
+
+
+
+
+Burdett Informational [Page 183]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ determine whether or not this component needs to
+ be present and for the definition of what it must
+ contain.
+
+8.18 Cancel Block
+
+ The Cancel Block is used by one Trading Role to inform any other that
+ a transaction has been cancelled. Example usage includes:
+
+ o a Consumer Role informing a non-Consumer role that it no longer
+ plans to continue with the transaction. This will allow the server
+ to close down the transaction tidily without a waiting for a
+ time-out to occur
+
+ o a non-Consumer Role to inform a Consumer role that the Transaction
+ is being stopped. In this case, the Consumer is then unlikely to
+ re-send the previous message that was sent in the mistaken
+ understanding that the original was not received.
+
+ Its definition is as follows.
+
+ <!ELEMENT CancelBlk (Status) >
+ <!ATTLIST CancelBlk
+ ID ID #REQUIRED >
+
+ Attributes:
+
+ ID An identifier which uniquely identifies the Cancel
+ Block within the IOTP Transaction.
+
+ Content:
+
+ Status Contains status information indicating that the
+ IOTP transaction has been cancelled.
+
+9. Internet Open Trading Protocol Transactions
+
+ The Baseline Internet Open Trading Protocol supports three types of
+ transactions for different purposes. These are
+
+ o an Authentication IOTP transaction which supports authentication
+ of one party in a trade by another and/or requests information
+ about another Trading Role
+
+
+
+
+
+
+
+
+Burdett Informational [Page 184]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o IOTP Transactions that involve one or more payments. Specifically:
+
+ - Deposit
+
+ - Purchase
+
+ - Refund
+
+ - Withdrawal, and
+
+ - Value Exchange
+
+ o IOTP Transactions designed to check the correct function of the
+ IOTP infrastructure. Specifically:
+
+ - Transaction Status Inquiry, and
+
+ - Ping
+
+ Although the Authentication IOTP Transaction can operate on its own,
+ authentication can optionally precede any of the "payment"
+ transactions. Therefore, the rest of this section is divided into
+ two parts covering:
+
+ o Authentication and Payment transactions (Authentication, Deposit,
+ Purchase, Refund, Withdrawal and Value Exchange)
+
+ o Infrastructure Transactions (Transaction Status Inquiry and Ping)
+ that are designed to support inquiries on whether or not a
+ transaction has succeeded or a Trading Role's servers are
+ operating correctly, and
+
+9.1 Authentication and Payment Related IOTP Transactions
+
+ The Authentication and Payment related IOTP Transactions consist
+ of six Document Exchanges which are then combined in sequence to
+ implement a specific transaction.
+
+ Generally, there is a close, but not exact, correspondence between
+ a Document Exchange and a Trading Exchange. The main difference is
+ that some Document Exchanges implement part or all of two Trading
+ Exchanges simultaneously in order to minimise the number of actual
+ IOTP Messages which must be sent over the Internet.
+
+ The six Document Exchanges are:
+
+ o Authentication. This is a direct implementation of the
+ Authentication Trading Exchange
+
+
+
+Burdett Informational [Page 185]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Brand Dependent Offer. This is the Offer Trading Exchange combined
+ with the Brand Selection part of the Payment Trading Exchange. Its
+ purpose is to provide the Merchant with information on the Brand
+ selected so that the content of the Offer Response may be adapted
+ accordingly
+
+ o Brand Independent Offer. This is also an Offer Trading Exchange.
+ However, in this instance, the content of the Offer Response does
+ not depend on the Brand selected.
+
+ o Payment. This is a direct implementation of the Payment part of a
+ Payment Trading Exchange
+
+ o Delivery. This is a direct implementation of the Delivery Exchange
+
+ o Delivery with Payment. This is an implementation of combined
+ Payment and Delivery Trading Exchanges
+
+ These Document Exchanges are combined together in different sequences
+ to implement each IOTP Transaction. The way in which they may be
+ combined is illustrated by the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 186]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- | |
+ | | | |
+ | -------------- | ------------- |
+ v v v v |
+ ------------------- ----------------- |
+ | BRAND INDEPENDENT | | BRAND DEPENDENT | |
+ | OFFER | | OFFER | |
+ ------------------- ----------------- |
+ | | | | |
+ | --------------- | | |
+ | | | | |
+ | -------------- | -- | |
+ v v v v |
+ --------- -------------- |
+ | PAYMENT | | PAYMENT WITH | |
+ | (first) | | DELIVERY | |
+ --------- -------------- |
+ | | |
+ ----------------------------- | |
+ v v | | |
+ ---------- --------- | | |
+ | DELIVERY | | PAYMENT | | | |
+ | | | {second)| | | |
+ ---------- --------- | | |
+ | | | | v
+ ----------------------------------------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 17 Payment and Authentication Message Flow Combinations
+
+ The combinations of Document Exchanges that are valid depend on the
+ particular IOTP transaction.
+
+ The remainder of this sub-section describes:
+
+ o each Document Exchange in more detail including descriptions of
+ the content of each Trading Block in the Document Exchanges, and
+
+ o descriptions of how each IOTP Transaction uses the Document
+ Exchanges to effect the desired result.
+
+
+
+Burdett Informational [Page 187]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note: The descriptions of the Document Exchanges which follow
+ describe the ways in which various Business Errors (see section 4.2)
+ are handled. No reference is made however to the handling of
+ Technical Errors (see section 4.1) in any of the messages since these
+ are handled the same way irrespective of the context in which the
+ message is being sent. See section 4 for more details.
+
+9.1.1 Authentication Document Exchange
+
+ The Authentication Document Exchange is a direct implementation of
+ the Authentication Trading Exchange (see section 2.2.4). It involves:
+
+ o an Authenticator - the Organisation which is requesting the
+ authentication, and
+
+ o an Authenticatee - the Organisation being authenticated.
+
+ The authentication consists of:
+
+ o an Authentication Request being sent by the Authenticator to the
+ Authenticatee,
+
+ o an Authentication Response being sent in return by the
+ Authenticatee to the Authenticator which is then checked, and
+
+ o an Authentication Status being sent by the Authenticator to the
+ Authenticatee to provide an indication of the success or failure
+ of the authentication.
+
+ An Authentication Document Exchange also:
+
+ o provides an Authenticatee with an Organisation Component which
+ describes the Authenticator, and
+
+ o optionally provides the Authenticator with Organisation Components
+ which describe the Authenticatee.
+
+ The Authentication Request may also be digitally signed which allows
+ the Authenticatee to verify the credentials of the Authenticator.
+
+ The IOTP Messages which are involved are illustrated by the diagram
+ below.
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 188]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Organisation 1
+ (Authenticatee)
+ | Organisation 2
+ | (Authenticator)
+STEP | |
+ 1. First Organisation takes an action (for example by
+ pressing a button on an HTML page) which requires that
+ the Organisation is authenticated
+
+ 1 --> 2 Authentication Need (outside scope of IOTP)
+
+ 2. The second Organisation generates: an Authentication
+ Request Block containing one or more Authentication
+ Request Components and/or a Trading Role Information
+ Request Component, then sends it to the first
+ Organisation
+
+ 1 <-- 2 TPO & AUTHENTICATION REQUEST. IotpMsg: Trans Ref Block;
+ Signature Block (optional); TPO Block; Auth Request Block
+
+ 3. IOTP aware application started. If a Signature Block is
+ present, the first Organisation may use this to check the
+ credentials of the second Organisation. If credentials are
+ OK, the first Organisation selects an Authentication
+ Request to use (if present and more than one), then uses
+ the authentication algorithm selected to generate an
+ Authentication Response Block. If present, the Trading
+ Role Information Request Component is used to generate
+ Organisation Components. Finally a Signature Component is
+ created if required and all components are then sent back
+ to the second Organisation for validation.
+
+ 1 --> 2 AUTHENTICATION RESPONSE. IotpMsg; Trans Ref Block;
+ Signature Block (optional) ; Auth Response Block
+
+ 4. The second Organisation checks the Authentication
+ Response against the data in the Authentication Request
+ Block to check that the first Organisation is who they
+ appear to be, and sends an Authentication Status Block to
+ the first Organisation to indicate the result then
+ stops.
+
+ 1 <-- 2 AUTHENTICATION STATUS. IotpMsg: Trans Ref Block;
+ Signature Block (optional); Auth Response Block
+
+
+
+
+
+
+Burdett Informational [Page 189]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 5. The first Organisation checks the authentication Status
+ Block and optionally keeps information on the IOTP
+ transaction for record keeping purposes and stops.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 18 Authentication Document Exchange
+
+9.1.1.1 Message Processing Guidelines
+
+ On receiving a TPO & Authentication Request IOTP Message (see below),
+ an Authenticatee may either:
+
+ o generate and send an Authentication Response IOTP Message back to
+ the Authenticator, or
+
+ o indicate failure to comply with the Authentication Request by
+ sending a Cancel Block back to the Authenticator containing a
+ Status Component with a StatusType of Authentication a
+ ProcessState of Failed and the CompletionCode (see section 7.16.4)
+ set to either: AutEeCancel, NoAuthReq, TradRolesIncon or
+ Unspecified.
+
+ On receiving an Authentication Response IOTP Message (see below), an
+ Authenticator should send in return, an Authentication Status IOTP
+ Message (see below) containing a Status Block with a Status Component
+ where the StatusType is set to Authentication, and:
+
+ o the ProcessState attribute of the Status Component is set to
+ CompletedOk which indicates a successful completion, or
+
+ o the ProcessState attribute is set to Failed and the CompletionCode
+ attribute is set to either: AutOrCancel, AuthFailed or Unspecified
+ which indicates a failed authentication,
+
+ On receiving an Authentication Status IOTP Message (see below), the
+ Authenticatee should check the Status Component in the Status Block.
+ If this indicates:
+
+ o a successful authentication, then the Authenticatee should either:
+
+ - continue with the next step in the IOTP Transaction of which
+ the Authentication Document Exchange is part (if any), or
+
+
+
+
+
+
+
+
+Burdett Informational [Page 190]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - indicate a failure to continue with the rest of the IOTP
+ Transaction, by sending back to the Authenticator a Cancel
+ Block containing a Status Component with a StatusType of
+ Authentication, a ProcessState of Failed and the CompletionCode
+ (see section 7.16.4) set to AutEeCancel.
+
+ o a failed authentication, then the failure should be reported to
+ the Authenticatee and any further processing stopped.
+
+ If the Authenticator receives an IOTP Message containing a Cancel
+ block from a Consumer, then the Authenticatee may go to the
+ CancelNetLocn specified on the Trading Role Element in the
+ Organisation Component for the Authenticator contained in the Trading
+ Protocol Options Block.
+
+9.1.1.2 TPO & Authentication Request IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of:
+
+ o a Trading Protocol Options Block (see section 8.1)
+
+ o an Authentication Request Block (see section 8.4), and
+
+ o an optional Signature Block (see section 8.16).
+
+ Each of these are described below.
+
+ TRADING PROTOCOL OPTIONS BLOCK
+
+ The Trading Protocol Options Block (see section 8.1) must contain the
+ following Trading Components:
+
+ o one Protocol Options Component (see Section 7.1) which defines the
+ options which apply to the whole Authentication Document Exchange.
+
+ o one Organisation Component (see section 7.6) which describes the
+ Authenticator. The Trading Role on the Organisation Component
+ should indicate the role which the Authenticator is taking in the
+ Trade, for example a Merchant or a Consumer.
+
+ AUTHENTICATION REQUEST BLOCK
+
+ The Authentication Request Block (see section 8.4) must contain the
+ following Trading Components:
+
+ o one Authentication Request Component (see section 7.2), and
+
+
+
+
+Burdett Informational [Page 191]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ SIGNATURE BLOCK (AUTHENTICATION REQUEST)
+
+ If the Authentication Request is being digitally signed then a
+ Signature Block must be included. It contains Digests of the
+ following XML elements:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the TPO Block :
+
+ - the Protocol Options Component
+
+ - the Organisation Component
+
+ o the following components of the Authentication Request Block:
+
+ - the Authentication Request Component
+
+ - the Trading Role Information Request Component
+
+9.1.1.3 Authentication Response IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of:
+
+ o an Authentication Response Block (see section 8.5), and
+
+ o an optional Signature Block (see section 8.16).
+
+ Each of these are described below.
+
+ AUTHENTICATION RESPONSE BLOCK
+
+ The Authentication Response Block must contain the following Trading
+ Component:
+
+ o one Authentication Response Component (see section 7.3)
+
+ o one Organisation Component for every Trading Role identified in
+ the TradingRoleList attribute of the Trading Role Information
+ Request Component contained in the Authentication Request Block.
+
+
+
+
+
+Burdett Informational [Page 192]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ SIGNATURE BLOCK (AUTHENTICATION RESPONSE)
+
+ If the Algorithm element (see section 12. IANA Considerations) within
+ the Authentication Request Component contained in the Authentication
+ Request Block indicates that the Authentication Response should
+ consist of a digital signature then a Signature Block must be
+ included in the same IOTP message that contains an Authentication
+ Response Block. The Signature Component contains Digest Elements for
+ the following XML elements:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the Authentication Request Block:
+
+ - the Authentication Request Component
+
+ - the Trading Role Information Request Component
+
+ o the Organisation Components contained in the Authentication
+ Response Block
+
+ Note: It should not be assumed that all trading roles can support the
+ signing of data. Particularly it should not be assumed that Consumers
+ support the signing of data.
+
+9.1.1.4 Authentication Status IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of:
+
+ o an Authentication Status Block (see section 8.5), and
+
+ o an optional Signature Block (see section 8.16).
+
+ Each of these are described below.
+
+ AUTHENTICATION STATUS BLOCK
+
+ The Authentication Status Block (see section 8.6) must contain the
+ following Trading Components:
+
+ o one Status Component (see section 7.16) with a ProcessState
+ attribute set to CompletedOk.
+
+
+
+Burdett Informational [Page 193]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ SIGNATURE BLOCK (AUTHENTICATION STATUS)
+
+ If the Authentication Status Block is being digitally signed then
+ a Signature Block must be included that contains a Signature
+ Component with Digest elements for the following XML elements:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the Authentication Status Block:
+
+ - the Status Component (see section 7.16).
+
+ Note: If the Authentication Document Exchange is followed by an Offer
+ Document Exchange (see section 9.1.2) then the Authentication Status
+ Block and the Signature Block (Authentication Status) may be combined
+ with either:
+
+ o a TPO IOTP Message (see section 9.1.2.3), or
+
+ o a TPO and Offer Response IOTP Message (see section 9.1.2.6)
+
+9.1.2 Offer Document Exchange
+
+ The Offer Document Exchange occurs in two basic forms:
+
+ o Brand Dependent Offer Exchange. Where the content of the offer,
+ e.g., the order details, amount, delivery details, etc., are
+ dependent on the payment brand and protocol selected by the
+ consumer, and
+
+ o Brand Independent Offer Exchange. Where the content of the offer
+ is not dependent on the payment brand and protocol selected.
+
+ Each of these types of Offer Document Exchange may be preceded by
+ an Authentication Document Exchange (see section 9.1.1).
+
+9.1.2.1 Brand Dependent Offer Document Exchange
+
+ In a Brand Dependent Offer Document Exchange the TPO Block and the
+ Offer Response Block are sent separately by the Merchant to the
+ Consumer, i.e.:
+
+
+
+
+
+Burdett Informational [Page 194]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Brand List Component is sent to the Consumer in a TPO Block,
+
+ o the Consumer selects a Payment Brand, Payment Protocol and
+ optionally a Currency and amount from the Brand List Component
+
+ o the Consumer sends the selected brand, protocol and
+ currency/amount back to the Merchant in a TPO Selection Block, and
+
+ o the Merchant uses the information received to define the content
+ of and then send the Offer Response Block to the Consumer.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 195]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ This is illustrated by the diagram below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Merchant
+STEP | |
+ 1. Consumer decides to trade and sends to the Merchant
+ information (e.g., using HTML) that enables the Merchant
+ to create an offer,
+
+ C --> M Offer information - outside scope of IOTP
+
+ 2. Merchant decides which payment brand protocols,
+ currencies and amounts apply, places then in a Brand List
+ Component inside a TPO Block and sends to Consumer
+
+ C <-- M TPO. IotpMsg: Trans Ref Block; TPO Block
+
+ 3. IOTP aware application started. Consumer selects the
+ payment brand, payment protocol and currency/amount to
+ use. Records selection in a Brand Selection Component and
+ sends back to Merchant.
+
+ C --> M TPO SELECTION. IotpMsg: Trans Ref Block; TPO Selection
+ Block
+
+ 4. Merchant uses selected payment brand, payment protocol,
+ currency/amount and the offer information to create an
+ Offer Response Block containing details about the IOTP
+ Transaction including price, etc. Optionally signs it and
+ sends to the Consumer
+
+ C <-- M OFFER RESPONSE. IotpMsg: Trans Ref Block; Signature Block
+ (optional); Offer Response Block
+
+ 5. Consumer checks the Offer is OK, then combines components
+ from the TPO Block, the TPO Selection Block and the Offer
+ Response Block to create the next IOTP Message for the
+ Transaction and sends it together with the Signature
+ block if present to the required Trading Role
+
+ CONTINUED ...
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 19 Brand Dependent Offer Document Exchange
+
+
+
+
+
+Burdett Informational [Page 196]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note, a Consumer identifies a Brand Dependent Offer Document
+ Exchange, by the absence of an Offer Response Block in the first IOTP
+ Message.
+
+ MESSAGE PROCESSING GUIDELINES
+
+ On receiving a TPO IOTP Message (see below), the Consumer may either:
+
+ o generate and send a TPO Selection IOTP Message back to the
+ Merchant, or
+
+ o indicate failure to continue with the IOTP Transaction by sending
+ a Cancel Block back to the Merchant containing a Status Component
+ with a StatusType of Offer, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.4) set to either: ConsCancelled
+ or Unspecified.
+
+ On receiving a TPO Selection IOTP Message (see below) the Merchant
+ may either:
+
+ o generate and send an Offer Response IOTP Message back to the
+ Consumer, or
+
+ o indicate failure to continue with the IOTP Transaction by sending
+ a Cancel Block back to the Consumer containing a Status Component
+ with a StatusType of Offer, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.4) set to either: MerchCancelled
+ or Unspecified.
+
+ On receiving an Offer Response IOTP Message (see below) the Consumer
+ may either:
+
+ o generate and send the next IOTP Message in the IOTP transaction
+ and send it to the required Trading Role. This is dependent on the
+ IOTP Transaction, or
+
+ o indicate failure to continue with the IOTP Transaction by sending
+ a Cancel Block back to the Merchant containing a Status Component
+ with a StatusType of Offer, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.4) set to either: ConsCancelled
+ or Unspecified.
+
+ If the Merchant receives an IOTP Message containing a Cancel block,
+ then the Consumer is likely to go to the CancelNetLocn specified on
+ the Trading Role Element in the Organisation Component for the
+ Merchant.
+
+
+
+
+
+Burdett Informational [Page 197]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ If the Consumer receives an IOTP Message containing a Cancel block,
+ then the information contained in the IOTP Message should be reported
+ to the Consumer but no further action taken.
+
+9.1.2.2 Brand Independent Offer Document Exchange
+
+ In a Brand Independent Offer Document Exchange the TPO Block and the
+ Offer Response Block are sent together by the Merchant to the
+ Consumer, i.e. there is one IOTP Message that contains both a TPO
+ Block, and an Offer Response Block.
+
+ The message flow is illustrated by the diagram below:
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Merchant
+STEP | |
+ 1. Consumer decides to trade and sends to the Merchant
+ information (e.g., using HTML) that enables the Merchant
+ to create an offer,
+
+ C --> M Offer information - outside scope of IOTP
+
+ 2. Merchant decides which payment brand protocols,
+ currencies and amounts apply, places then in a Brand List
+ Component inside a TPO Block, creates an Offer Response
+ containing details about the IOTP Transaction including
+ price, etc., optionally signs it and sends to Consumer
+
+ C <-- M TPO & OFFER RESPONSE. IotpMsg: Trans Ref Block; Signature
+ Block; TPO Block; Offer Response Block
+
+ 3. IOTP aware application started. Consumer selects the
+ payment brand, payment protocol and currency/amount to
+ use. Records selection in a Brand Selection Component,
+ checks offer is OK, combines the Brand Selection
+ Component with information from the TPO Block and Offer
+ Response Block to create the next IOTP Message for the
+ Transaction and sends it together with the Signature
+ Block if present to the required Trading Role.
+
+ CONTINUED ...
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 20 Brand Independent Offer Exchange
+
+
+
+
+
+Burdett Informational [Page 198]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note that a Brand Independent Offer Document Exchange always occurs
+ when only one payment brand, protocol and currency/amount is being
+ offered to the Consumer by the Merchant. It is also likely to, but
+ will not necessarily, occur when multiple brands are being offered,
+ the Payment Handler is the same, and all brands use the same set of
+ protocols.
+
+ Note that the TPO Block and the Offer Response Block can be sent in
+ separate IOTP messages (see Brand Dependent Offer Document Exchange)
+ even if the Offer Response Block does not change. However this
+ increases the number of messages in the transaction and is therefore
+ likely to increase transaction response times.
+
+ IOTP aware applications supporting the Consumer Trading Role must
+ check for the existence of an Offer Response Block in the first IOTP
+ Message to determine whether the Offer Document Exchange is brand
+ dependent or not.
+
+ MESSAGE PROCESSING GUIDELINES
+
+ On receiving a TPO and Offer Response IOTP Message (see below), the
+ Consumer may either:
+
+ o generate and send the next IOTP Message in the IOTP transaction
+ and send it to the required Trading Role. This is dependent on the
+ IOTP Transaction, or
+
+ o indicate failure to continue with the IOTP Transaction by sending
+ a Cancel Block back to the Merchant containing a Status Component
+ with a StatusType of Offer, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.1) set to either: ConsCancelled
+ or Unspecified.
+
+ If the Merchant receives an IOTP Message containing a Cancel block,
+ then the Consumer is likely to go to the CancelNetLocn specified on
+ the Trading Role Element in the Organisation Component for the
+ Merchant.
+
+9.1.2.3 TPO IOTP Message
+
+ The TPO IOTP Message is only used with a Brand Dependent Offer
+ Document Exchange. Apart from a Transaction Reference Block (see
+ section 3.3), this message consists of just a Trading Protocol
+ Options Block (see section 8.1) which is described below.
+
+
+
+
+
+
+
+Burdett Informational [Page 199]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TPO (TRADING PROTOCOL OPTIONS) BLOCK
+
+ The Trading Protocol Options Block (see section 8.1) must contain the
+ following Trading Components:
+
+ o one Protocol Options Component which defines the options which
+ apply to the whole IOTP Transaction. See Section 7.1.
+
+ o one Brand List Component (see section 7.7) for each Payment in the
+ IOTP Transaction that contain one or more payment brands and
+ protocols which may be selected for use in each payment
+
+ o Organisation Components (see section 7.6) with the following
+ roles:
+
+ - Merchant who is making the offer
+
+ - Consumer who is carrying out the transaction
+
+ - the PaymentHandler(s) for the payment. The "ID" of the Payment
+ Handler Organisation Component is contained within the PhOrgRef
+ attribute of the Payment Component
+
+ If the IOTP Transaction includes a Delivery then the TPO Block must
+ also contain:
+
+ o Organisation Components with the following roles:
+
+ - DeliveryHandler who will be delivering the goods or services
+
+ - DelivTo i.e. the person or Organisation which is to take
+ delivery
+
+ AUTHENTICATION STATUS AND SIGNATURE BLOCKS
+
+ If the Offer Document Exchange was preceded by an Authentication
+ Document Exchange, then the TPO IOTP Message may also contain:
+
+ o an Authentication Status Block (see section 8.6), and
+
+ o an optional Signature Block (Authentication Status) Signature
+ Block
+
+ See section 9.1.1.4 Authentication Status IOTP Message for more
+ details.
+
+
+
+
+
+
+Burdett Informational [Page 200]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+9.1.2.4 TPO Selection IOTP Message
+
+ The TPO Selection IOTP Message is only used with a Brand Dependent
+ Offer Document Exchange. Apart from a Transaction Reference Block
+ (see section 3.3), this message consists of just a TPO Selection
+ Block (see section 8.1) which is described below.
+
+ TPO SELECTION BLOCK
+
+ The TPO Selection Block (see section 8.2) contains:
+
+ o one Brand Selection Component (see section 7.8) for use in a
+ later Payment Exchange. It contains the results of the consumer
+ selecting a Payment Brand, Payment Protocol and currency/amount
+ from the list provided in the Brand List Component.
+
+9.1.2.5 Offer Response IOTP Message
+
+ The Offer Response IOTP Message is only used with a Brand Dependent
+ Offer Document Exchange. Apart from a Transaction Reference Block
+ (see section 3.3), this message consists of:
+
+ o an Offer Response Block (see section 8.1) and
+
+ o an optional Signature Block (see section 8.16).
+
+ OFFER RESPONSE BLOCK
+
+ The Offer Response Block (see section 8.3) contains the following
+ components:
+
+ o one Status Component (see section 7.16) which indicates the status
+ of the Offer Response. The ProcessState attribute should be set to
+ CompletedOk
+
+ o one Order Component (see section 7.5) which contains details about
+ the goods and services which are being purchased or the financial
+ transaction which is taking place
+
+ o one or more Payment Component(s) (see section 7.9) for each
+ payment which is to be made
+
+ o zero or one Delivery Components (see section 7.13) containing
+ details of the delivery to be made if the IOTP Transaction
+ includes a delivery
+
+ o zero or more Trading Role Data Components (see section 7.17) if
+ required by the Merchant.
+
+
+
+Burdett Informational [Page 201]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ SIGNATURE BLOCK (OFFER RESPONSE)
+
+ If the Authentication Status Block is being digitally signed then a
+ Signature Block must be included that contains a Signature Component
+ (see section 7.19) with Digest Elements for the following XML
+ elements:
+
+ If the Offer Response is being digitally signed then a Signature
+ Block must be included that contains a Signature Component (see
+ section 7.19) with Digest Elements for the following XML elements:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message that contains information that describes the IOTP Message
+ and IOTP Transaction
+
+ o the Transaction Id Component (see section 3.3.1) which globally
+ uniquely identifies the IOTP Transaction
+
+ o the following components of the TPO Block :
+
+ - the Protocol Options Component, and
+
+ - the Brand List Component
+
+ - all the Organisation Components present
+
+ o the following components of the Offer Response Block:
+
+ - the Order Component
+
+ - all the Payment Components present
+
+ - the Delivery Component if present
+
+ - any Trading Role Data Components present
+
+9.1.2.6 TPO and Offer Response IOTP Message
+
+ The TPO and Offer Response IOTP Message is only used with a Brand
+ Independent Offer Document Exchange. Apart from a Transaction
+ Reference Block (see section 3.3), this message consists of:
+
+ o a Trading Protocol Options Block (see section 8.1)
+
+ o an Offer Response Block (see section 8.1) and
+
+ o an optional Signature Block (see section 8.16).
+
+
+
+
+Burdett Informational [Page 202]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TPO (TRADING PROTOCOL OPTIONS) BLOCK
+
+ This is the same as the Trading Protocol Options Block described in
+ TPO IOTP Message (see section 9.1.2.3).
+
+ OFFER RESPONSE BLOCK
+
+ This the same as the Offer Response Block in the Offer Response IOTP
+ Message (see section 9.1.2.5).
+
+ AUTHENTICATION STATUS
+
+ If the Offer Document Exchange was preceded by an Authentication
+ Document Exchange, then the TPO and Offer Response IOTP Message may
+ also contain an Authentication Status Block (see section 8.6).
+
+ SIGNATURE BLOCK
+
+ This is the same as the Signature Block in the Offer Response IOTP
+ Message (see section 9.1.2.5) with the addition that:
+
+ o if the Offer Document Exchange is Brand Dependent then the
+ Signature Component in the Signature Block additionally contains a
+ Digest Element for the Brand Selection Component contained in the
+ TPO Selection Block
+
+ o if the Offer Document Exchange was preceded by an Authentication
+ Document Exchange then the Signature Component in the Signature
+ Block additionally contains a Digest Element for the
+ Authentication Status Block.
+
+9.1.3 Payment Document Exchange
+
+ The Payment Document Exchange is a direct implementation of the last
+ part of a Payment Trading Exchange (see section 2.2.2) after the
+ Brand has been selected by the Consumer. A Payment Exchange consists
+ of:
+
+ o the Consumer requesting that a payment starts by generating
+ Payment Request IOTP Message using information from previous IOTP
+ Messages in the Transaction and then sending it to the Payment
+ Handler
+
+ o the Payment Handler and the Consumer then swapping Payment
+ Exchange IOTP Messages encapsulating payment protocol messages
+ until the payment is complete, and finally
+
+
+
+
+
+Burdett Informational [Page 203]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Payment Handler sending a Payment Response IOTP Message to the
+ Consumer containing a receipt for the payment.
+
+ The IOTP Messages which are involved are illustrated by the diagram
+ below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Payment
+ | Handler
+STEP | |
+ 1. Consumer generates Pay Request Block encapsulating a
+ payment protocol message if required and sends to Payment
+ Handler with the Signature Block if present
+
+ C --> P PAYMENT REQUEST. IotpMsg: Trans Ref Block; Signature
+ Block (optional); Pay Request Block
+
+ 2. Payment Handler processes Pay Request Block, checks
+ optional signature and starts exchanging payment protocol
+ messages encapsulated in a Pay Exchange Block, with the
+ Consumer
+
+ C <-> P PAYMENT EXCHANGE. IotpMsg: Trans Ref Block; Pay Exchange
+ Block
+
+ 3. Consumer and Payment Handler keep on exchanging Payment
+ Exchange blocks until eventually payment protocol
+ messages finish so Payment Handler creates a Pay Receipt
+ Component inside a Pay Response Block, and an optional
+ Signature Component inside a Signature Block, sends them
+ to the Consumer and stops.
+
+ C <-- P PAYMENT RESPONSE. IotpMsg: Trans Ref Block; Signature
+ Block (optional); Pay Response Block
+
+ 4. Consumer checks Payment Response is OK. Optionally keeps
+ information on IOTP Transaction for record keeping
+ purposes and either stops or creates the next IOTP
+ message for the Transaction and sends it together with
+ the Signature Block, if present, to the required Trading
+ Role
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 21 Payment Document Exchange
+
+
+
+
+
+Burdett Informational [Page 204]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+9.1.3.1 Message Processing Guidelines
+
+ On receiving a Payment Request IOTP Message, the Payment Handler
+ should check that they are authorised to carry out the Payment (see
+ section 6 Digital Signatures). They may then either:
+
+ o generate and send a Payment Exchange IOTP Message back to the
+ Consumer, if more payment protocol messages need to be exchanged,
+ or
+
+ o generate and send a Payment Response IOTP Message if the exchange
+ of payment protocol messages is complete, or
+
+ o indicate failure to continue with the Payment by sending a Cancel
+ Block back to the Consumer containing a Status Component with a
+ StatusType of Payment, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.4) set to either: BrandNotSupp,
+ CurrNotSupp, PaymtCancelled, AuthError, InsuffFunds,
+ InstBrandInvalid, InstNotValid, BadInstrument or Unspecified.
+
+ On receiving a Payment Exchange IOTP Message, the Consumer may
+ either:
+
+ o generate and send a Payment Exchange Message back to the Payment
+ Handler or
+
+ o indicate failure to continue with the Payment by sending a Cancel
+ Block back to the Payment Handler containing a Status Component
+ with a StatusType of Payment, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.2) set to either: ConsCancelled
+ or Unspecified.
+
+ On receiving a Payment Exchange IOTP Message, the Payment Handler may
+ either:
+
+ o generate and send a Payment Exchange IOTP Message back to the
+ Consumer, if more payment protocol messages need to be exchanged,
+ or
+
+ o generate and send a Payment Response IOTP Message if the exchange
+ of payment protocol messages is complete, or
+
+ o indicate failure to continue with the Payment by sending a Cancel
+ Block back to the Consumer containing a Status Component with a
+ StatusType of Payment, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.2) set to either: PaymtCancelled
+ or Unspecified.
+
+
+
+
+Burdett Informational [Page 205]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ On receiving a Payment Response IOTP Message, the Consumer may
+ either:
+
+ o generate and send the next IOTP Message in the IOTP transaction
+ and send it to the required Trading Role. This is dependent on the
+ IOTP Transaction,
+
+ o stop, since the IOTP Transaction has ended, or
+
+ o indicate failure to continue with the IOTP Transaction by sending
+ a Cancel Block back to the Merchant containing a Status Component
+ with a StatusType of Payment, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.1) set to either: ConsCancelled
+ or Unspecified.
+
+ If the Consumer receives an IOTP Message containing a Cancel block,
+ then the information contained in the IOTP Message should be reported
+ to the Consumer but no further action taken.
+
+ If the Payment Handler receives an IOTP Message containing a Cancel
+ block, then the Consumer is likely to go to the CancelNetLocn
+ specified on the Trading Role Element in the Organisation Component
+ for the Payment Handler from which any further action may take place.
+
+ If the Merchant receives an IOTP Message containing a Cancel block,
+ then the Consumer should have completed the payment but not
+ continuing with the transaction for some reason. In this case the
+ Consumer is likely to go to the CancelNetLocn specified on the
+ Trading Role Element in the Organisation Component for the Merchant
+ from which any further action may take place.
+
+9.1.3.2 Payment Request IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of:
+
+ o a Payment Request Block, and
+
+ o an optional Signature Block
+
+ PAYMENT REQUEST BLOCK
+
+ The Payment Request Block (see section 8.7) contains:
+
+ o the following components copied from the Offer Response Block from
+ the preceding Offer Document Exchange:
+
+ - the Status Component
+
+
+
+Burdett Informational [Page 206]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - the Payment Component for the payment which is being carried
+ out
+
+ o the following components from the TPO Block:
+
+ - the Organisation Components with the roles of Merchant and for
+ the PaymentHandler that is being sent the Payment Request Block
+
+ - the Brand List Component for the payment, i.e. the Brand List
+ referred to by the BrandListRef attribute on the Payment
+ Component
+
+ o one Brand Selection Component for the Brand List, i.e. the Brand
+ Selection Component where BrandListRef attribute points to the
+ Brand List. This component can be either:
+
+ - copied from the TPO Selection Block if the payment was preceded
+ by a Brand Dependent Offer Document Exchange (see section
+ 9.1.2.1), or
+
+ - created by the Consumer, containing the payment brand, payment
+ protocol and currency/amount selected from the Brand List, if
+ the payment was preceded by a Brand Independent Offer Document
+ Exchange (see section 9.1.2.2)
+
+ o an optional Payment Scheme Component (see section 7.10) if
+ required by the payment method used (see the Payment Method
+ supplement to determine if this is needed).
+
+ o zero or more Trading Role Data Components (see section 7.17).
+
+ Note that:
+
+ o if there is more than one Payment Components in an Offer Response
+ Block, then the second payment is the one within the Offer
+ Response Block that contains a StartAfter attribute (see section
+ 7.9) that identifies the Payment Component for the first payment
+
+ o the Payment Handler to include is identified by the Brand
+ Selection Component (see section 7.8) for the payment. Also see
+ section 6.3.1 Check Request Block sent Correct Organisation for an
+ explanation on how Payment Handlers are identified
+
+ o the Brand List Component to include is the one identified by the
+ BrandListRef attribute of the Payment Component for the identified
+ payment
+
+
+
+
+
+Burdett Informational [Page 207]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Brand Selection Component to include from the Offer Response
+ Block is the one that contains an BrandListRef attribute (see
+ section 3.5) which identifies the Brand List Component for the
+ second payment.
+
+ SIGNATURE BLOCK (PAYMENT REQUEST)
+
+ If the either the preceding Offer Document Exchange included an Offer
+ Response Signature (see section 9.1.2.5 Offer Response IOTP Message),
+ or a preceding Payment Exchange included a Payment Response Signature
+
+ (see section 9.1.3.4 Payment Response IOTP Message) then they should
+ both be copied to the Signature Block in the Payment Request IOTP
+ Message.
+
+9.1.3.3 Payment Exchange IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of just a Payment Exchange Block.
+
+ PAYMENT EXCHANGE BLOCK
+
+ The Payment Exchange Block (see section 8.8) contains:
+
+ o one Payment Scheme Component (see section 7.10) which contains
+ payment method specific data. See the Payment Method supplement
+ for the payment method being used to determine what this should
+ contain.
+
+9.1.3.4 Payment Response IOTP Message
+
+ Apart from a Transaction Reference Block (see section 3.3), this
+ message consists of:
+
+ o a Payment Response Block, and
+
+ o an optional Signature Block
+
+ PAYMENT RESPONSE BLOCK
+
+ The Payment Response Block (see section 8.9) contains:
+
+ o one Payment Receipt Component (see section 7.11) which contains
+ scheme specific data which can be used to verify the payment
+ occurred
+
+
+
+
+
+
+Burdett Informational [Page 208]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o one Payment Scheme Component (see section 7.10) if required which
+ contains payment method specific data. See the Payment Method
+ supplement for the payment method being used to determine what
+ this should contain
+
+ o an optional Payment Note Component (see section 7.12)
+
+ o zero or more Trading Role Data Components (see section 7.17).
+
+ SIGNATURE BLOCK (PAYMENT RESPONSE)
+
+ If a signed Payment Receipt is being provided, indicated by the
+ SignedPayReceipt attribute of the Payment Component being set to
+ True, then the Signature Block should contain a Signature Component
+ which contains Digest Elements for the following:
+
+ o the Transaction Reference Block (see section 3.3) for the IOTP
+ Message which contains the first usage of the Payment Response
+ Block,
+
+ o the Transaction Id Component (see section 3.3.1) within the
+ Transaction Reference Block that globally uniquely identifies the
+ IOTP Transaction,
+
+ o the Payment Receipt Component from the Payment Response Block,
+
+ o the Payment Note Component from the Payment Response Block,
+
+ o the other Components referenced by the PayReceiptNameRefs
+ attribute (if present) of the Payment Receipt Component,
+
+ o the Status Component from the Payment Response Block,
+
+ o any Trading Role Data Components in the Payment Response Block,
+ and
+
+ o all the Signature Components contained in the Payment Request
+ Block if present.
+
+9.1.4 Delivery Document Exchange
+
+ The Delivery Document Exchange is a direct implementation of a
+ Delivery Trading Exchange (see section 2.2.3). It consists of:
+
+ o the Consumer requesting a Delivery by generating Delivery Request
+ IOTP Message using information from previous IOTP Messages in the
+ Transaction and then sending it to the Delivery Handler
+
+
+
+
+Burdett Informational [Page 209]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Delivery Handler sending a Delivery Response IOTP Message to
+ the Consumer containing details about the Handler's response to
+ the request together with an optional signature.
+
+ The message flow is illustrated by the diagram below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Delivery
+ | Handler
+STEP | |
+ 1. Consumer generates Delivery Request Block and sends it to
+ the Delivery Handler with the Signature Block if present
+
+ C --> D DELIVERY REQUEST. IotpMsg: Trans Ref Block; Signature
+ Block; Delivery Request Block
+
+ 2. Delivery Handler checks the Status and Order Components
+ in the Delivery Request and the optional Signatures,
+ creates a Delivery Response Block, sends to the Consumer
+ and stops.
+
+ C <-- D DELIVERY RESPONSE. IotpMsg: Trans Ref Block; Signature
+ Block; Delivery Response Block
+
+3. Consumer checks Delivery Response Block and optional
+ Signature Block are OK. Optionally keeps information on
+ IOTP Transaction for record keeping purposes and stops.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 22 Delivery Document Exchange
+
+9.1.4.1 Message Processing Guidelines
+
+ On receiving a Delivery Request IOTP Message, the Delivery Handler
+ should check that they are authorised to carry out the Delivery (see
+ section 6 Digital Signatures). They may then either:
+
+ o generate and send a Delivery Response IOTP Message to the
+ Consumer, or
+
+ o indicate failure to continue with the Delivery by sending a Cancel
+ Block back to the Consumer containing a Status Component with a
+ StatusType of Delivery, a ProcessState of Failed and the
+ CompletionCode (see section 7.16.4) set to either: DelivCanceled,
+ or Unspecified.
+
+
+
+
+Burdett Informational [Page 210]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ On receiving a Delivery Response IOTP Message, the Consumer should
+ just stop since the IOTP Transaction is complete.
+
+ If the Consumer receives an IOTP Message containing a Cancel block,
+ then the information contained in the IOTP Message should be reported
+ to the Consumer but no further action taken.
+
+9.1.4.2 Delivery Request IOTP Message
+
+ The Delivery Request IOTP Message consists of:
+
+ o a Delivery Request Block, and
+
+ o an optional Signature Block
+
+ DELIVERY REQUEST BLOCK
+
+ The Delivery Request Block (see section 8.10) contains:
+
+ o the following components copied from the Offer Response Block:
+
+ - the Status Component (see section 7.16)
+
+ - the Order Component (see section 7.5)
+
+ - the Organisation Component (see section 7.6) with the roles of:
+ Merchant, DeliveryHandler and DeliverTo
+
+ - the Delivery Component (see section 7.13)
+
+ o the following Component from the Payment Response Block:
+
+ - the Status Component (see section 7.16).
+
+ o zero or more Trading Role Data Components (see section 7.17).
+
+ SIGNATURE BLOCK (DELIVERY REQUEST)
+
+ If the preceding Offer Document Exchange included an Offer Response
+ Signature or the Payment Document Exchange included a Payment
+ Response Signature, then they should both be copied to the Signature
+ Block.
+
+9.1.4.3 Delivery Response IOTP Message
+
+ The Delivery Response IOTP Message contains a Delivery Response Block
+ and an optional Signature Block.
+
+
+
+
+Burdett Informational [Page 211]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ DELIVERY RESPONSE BLOCK
+
+ The Delivery Response Block contains:
+
+ o one Delivery Note Component (see section 7.15) which contains
+ delivery instructions about the delivery of goods or services
+
+ in3 SIGNATURE BLOCK (DELIVERY RESPONSE)
+
+ The Signature Block should contain one Signature Component that
+ contains Digest elements that refer to
+
+ o the Transaction Id Component (see section 3.3.1) of the IOTP
+ message that contains the Delivery Response Signature
+
+ o the Transaction Reference Block (see section 3.3) of the IOTP
+ Message that contains the Delivery Response Signature
+
+ o the Consumer Delivery Data component contained in the Delivery
+ Request Block (if any)
+
+ o the Signature Components contained in the Delivery Request Block
+ (if any)
+
+ o the Status Component
+
+ o the Delivery Note Component
+
+9.1.5 Payment and Delivery Document Exchange
+
+ The Payment and Delivery Document Exchange is a combination of the
+ last part of the Payment Trading Exchange (see section 2.2.2) and a
+ Delivery Trading Exchange (see section 2.2.3). It consists of:
+
+ o the Consumer requesting that a payment starts by generating
+ Payment Request IOTP Message using information from previous IOTP
+ Messages in the Transaction and then sending it to the Payment
+ Handler
+
+ o the Payment Handler and the Consumer then swapping Payment
+ Exchange IOTP Messages encapsulating payment protocol messages
+ until the payment is complete, and finally
+
+ o the Payment Handler sending to the Consumer in one IOTP Message:
+
+ - a Payment Response Block containing a receipt for the payment,
+ and
+
+
+
+
+Burdett Informational [Page 212]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - a Delivery Response Block containing details of the goods or
+ services to be delivered
+
+ The IOTP Messages which are involved are illustrated by the diagram
+ below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 213]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ Consumer
+ | Payment
+ | Handler
+STEP | |
+ 1. Consumer generates Pay Request Block encapsulating a
+ payment protocol message if required and sends to Payment
+ Handler with the Signature Block if present
+
+ C --> P PAYMENT REQUEST. IotpMsg: Trans Ref Block; Signature
+ Block; Pay Request Block
+
+ 2. Payment Handler processes Pay Request Block, checks
+ optional signature and starts exchanging payment protocol
+ messages encapsulated in a Pay Exchange Block, with the
+ Consumer
+
+ C <-> P PAYMENT EXCHANGE. IotpMsg: Trans Ref Block; Pay Exchange
+ Block
+
+ 3. Consumer and Payment Handler keep on exchanging Payment
+ Exchange blocks until eventually payment protocol
+ messages finish so Payment Handler creates a Pay Receipt
+ Component inside a Pay Response Block, and an optional
+ Signature Component inside a Signature Block, then uses
+ information from the Offer Response Bock to create a
+ Delivery Response Block and sends both to the Consumer
+ and stops.
+
+ C <-- P PAYMENT RESPONSE & DELIVERY RESPONSE. IotpMsg: Trans Ref
+ Block; Signature Block; Pay Response Block; Delivery
+ Response Block
+
+ 4. Consumer checks Payment Response and Delivery Response
+ Blocks are OK. Optionally keeps information on IOTP
+ Transaction for record keeping purposes and either stops
+ or creates the next IOTP message for the Transaction and
+ sends it together with the Signature Block, if present,
+ to the required Trading Role
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 23 Payment and Delivery Document Exchange
+
+
+
+
+
+
+
+
+Burdett Informational [Page 214]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The Delivery Response Block and the Payment Response Block may be
+ combined into the same IOTP Message only if the Payment Handler has
+ the information available so that she can send the Delivery Response
+ Block. This is likely to, but will not necessarily, occur when the
+ Merchant, the Payment Handler and the Delivery Handler Roles are
+ combined.
+
+ The DelivAndPayResp attribute of the Delivery Component (see section
+ 7.13) contained within the Offer Response Block (see section 8.3) is
+ set to True if the Delivery Response Block and the Payment Response
+ Block are combined into the same IOTP Message and is set to False if
+ the Delivery Response Block and the Payment Response Block are sent
+ in separate IOTP Messages.
+
+9.1.5.1 Message Processing Guidelines
+
+ On receiving a Payment Request IOTP Message or a Payment Exchange
+ IOTP Message, the Payment Handler should carry out the same actions
+ as for a Payment Document Exchange (see section 9.1.3.1).
+
+ On receiving a Payment Exchange IOTP Message, the Consumer should
+ also carry out the same actions as for a Payment Document Exchange
+ (see section 9.1.3.1).
+
+ On receiving a Payment Response and Delivery Response IOTP Message
+ then the IOTP Transaction is complete and should take no further
+ action.
+
+ If the Consumer receives an IOTP Message containing a Cancel block,
+ then the information contained in the IOTP Message should be reported
+ to the Consumer but no further action taken.
+
+ If the Payment Handler receives an IOTP Message containing a Cancel
+ block, then the Consumer is likely to go to the CancelNetLocn
+ specified on the Trading Role Element in the Organisation Component
+ for the Payment Handler from which any further action may take place.
+
+ If the Merchant receives an IOTP Message containing a Cancel block,
+ then the Consumer should have completed the payment but not
+ continuing with the transaction for some reason. In this case the
+ Consumer is likely to go to the CancelNetLocn specified on the
+ Trading Role Element in the Organisation Component for the Merchant
+ from which any further action may take place.
+
+9.1.5.2 Payment Request IOTP Message
+
+ The content of this message is the same as for a Payment Request IOTP
+ Message in a Payment Document Exchange (see section 9.1.3.2).
+
+
+
+Burdett Informational [Page 215]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+9.1.5.3 Payment Exchange IOTP Message
+
+ The content of this message is the same as for a Payment Exchange
+ IOTP Message in a Payment Document Exchange (see section 9.1.3.3).
+
+9.1.5.4 Payment Response and Delivery Response IOTP Message
+
+ The content of this message consists of:
+
+ o a Payment Response Block,
+
+ o an optional Signature Block (Payment Response), and
+
+ o a Delivery Response Block.
+
+ PAYMENT RESPONSE BLOCK
+
+ The content of this block is the same as the Payment Response Block
+ in the Payment Response IOTP Message associated with a Payment
+ Document Exchange (see section 9.1.3.4).
+
+ SIGNATURE BLOCK (PAYMENT RESPONSE)
+
+ The content of this block is the same as the Signature Block (Payment
+ Response) in the Payment Response IOTP Message associated with a
+ Payment Document Exchange (see section 9.1.3.4).
+
+ DELIVERY RESPONSE BLOCK
+
+ The content of this block is the same as the Delivery Response Block
+ in the Delivery Response IOTP Message associated with a Delivery
+ Document Exchange (see section 9.1.4.3).
+
+9.1.6 Baseline Authentication IOTP Transaction
+
+ A Baseline Authentication IOTP Transaction may occur at any time
+ between any of the Trading Roles involved in IOTP Transactions. This
+ means it could occur:
+
+ o before another IOTP Transaction
+
+ o at the same time as another IOTP Transaction
+
+ o independently of any other IOTP Transaction.
+
+ The Baseline Authentication IOTP Transaction consists of just an
+ Authentication Document Exchange (see section 9.1.1) as illustrated
+ by the diagram below.
+
+
+
+Burdett Informational [Page 216]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -------------------------------------------------------
+ v
+ ----------------
+ | AUTHENTICATION |
+ ----------------
+ |
+ |
+ |
+ |
+ ------------------- ----------------- |
+ | BRAND INDEPENDENT | | BRAND DEPENDENT | |
+ | OFFER | | OFFER | |
+ ------------------- ----------------- |
+ |
+ |
+ |
+ |
+ |
+ --------- -------------- |
+ | PAYMENT | | PAYMENT WITH | |
+ | (first) | | DELIVERY | |
+ --------- -------------- |
+ |
+ |
+ |
+ ---------- --------- |
+ | DELIVERY | | PAYMENT | |
+ | | | {second)| |
+ ---------- --------- |
+ v
+ STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 24 Baseline Authentication IOTP Transaction
+
+ Example uses of the Baseline Authentication IOTP Transaction include:
+
+ o when the Baseline Authentication IOTP Transaction takes place as
+ an early part of a session where strong continuity exists. For
+ example, a Financial Institution could:
+
+ - set up a secure channel (e.g., using [SSL/TLS]) with a customer
+
+ - authenticate the customer using the Baseline Authentication
+ IOTP Transaction, and then
+
+
+
+Burdett Informational [Page 217]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - provide the customer with access to account information and
+ other services with the confidence that they are communicating
+ with a bona fide customer.
+
+ o as a means of providing a Merchant role with Organisation
+ Components that contain information about Consumer and DelivTo
+ Trading Roles
+
+ o so that a Consumer may authenticate a Payment Handler before
+ starting a payment.
+
+9.1.7 Baseline Deposit IOTP Transaction
+
+ The Baseline Deposit IOTP Transaction supports the deposit of
+ electronic cash with a Financial Institution.
+
+ Note: The Financial Institution has, in IOTP terminology, a role of
+ merchant in that a service (i.e. a deposit of electronic cash) is
+ being offered in return for a fee, for example bank charges of some
+ kind. The term "Financial Institution" is used in the diagrams and in
+ the text for clarity.
+
+ The Baseline Deposit IOTP Transaction consists of the following
+ Document Exchanges:
+
+ o an optional Authentication Document Exchange (see section 9.1.1)
+
+ o an Offer Document Exchange (see section 9.1.2), and
+
+ o a Payment Document Exchange (see section 9.1.3).
+
+ The way in which these Document Exchanges may be combined together is
+ illustrated by the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 218]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- |
+ | | |
+ | -------------- | -------------
+ v v v v
+ ------------------- -----------------
+ | BRAND INDEPENDENT | | BRAND DEPENDENT |
+ | OFFER | | OFFER |
+ ------------------- -----------------
+ | |
+ | |
+ | |
+ | -------------------
+ v v
+ --------- --------------
+ | PAYMENT | | PAYMENT WITH |
+ | (first) | | DELIVERY |
+ --------- --------------
+ |
+ ----------------
+ |
+ ---------- --------- |
+ | DELIVERY | | PAYMENT | |
+ | | | {second)| |
+ ---------- --------- |
+ |
+ -----------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 25 Baseline Deposit IOTP Transaction
+
+ See section 9.1.12 "Valid Combinations of Document Exchanges" to
+ determine which combination of document exchanges apply to a
+ particular instance of an IOTP Transaction
+
+ Note that:
+
+ o a Merchant (Financial Institution) may be able to accept a deposit
+ in several different types of electronic cash although, since the
+ Consumer role that is depositing the electronic cash usually knows
+ what type of cash they want to deposit, it is usually constrained
+
+
+
+Burdett Informational [Page 219]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ in practice to only one type. However, there may be several
+ different protocols which may be used for the same "brand" of
+ electronic cash. In this case a Brand Dependent Offer may be
+ appropriate to negotiate the protocol to be used.
+
+ o the Merchant (Financial Institution) may use the results of the
+ authentication to identify not only the consumer but also the
+ account to which the payment is to be deposited. If no single
+ account can be identified, then it must be obtained by other
+ means. For example:
+
+ - the consumer could specify the account number prior to the
+ Baseline Deposit IOTP Transaction starting, or
+
+ - the consumer could have been identified earlier, for example
+ using a Baseline Authentication IOTP Transaction, and an
+ account selected from a list provided by the Financial
+ Institution.
+
+ o The Baseline Deposit IOTP Transaction without an Authentication
+ Document Exchange might be used:
+
+ - if a previous IOTP transaction, for example a Baseline
+ Withdrawal or a Baseline Authentication, authenticated the
+ consumer, and a secure channel has been maintained, therefore
+ the authenticity of the consumer is known
+
+ - if authentication is achieved as part of a proprietary payment
+ protocol and is therefore included in the Payment Document
+ Exchange
+
+ - if authentication of the consumer has been achieved by some
+ other means outside of the scope of IOTP, for example, by using
+ a pass phrase, or a proprietary banking software solution.
+
+9.1.8 Baseline Purchase IOTP Transaction
+
+ The Baseline Purchase IOTP Transaction supports the purchase of goods
+ or services using any payment method. It consists of the following
+ Document Exchanges:
+
+ o an optional Authentication Document Exchange (see section 9.1.1)
+
+ o an Offer Document Exchange (see section 9.1.2)
+
+ o either:
+
+ - a Payment Document Exchange (see section 9.1.3) followed by
+
+
+
+Burdett Informational [Page 220]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - a Delivery Document Exchange (see section 9.1.4)
+
+ o a Payment Document Exchange only, or
+
+ o a combined Payment and Delivery Document Exchange (see section
+ 9.1.5).
+
+ The ways in which these Document Exchanges are combined is
+ illustrated by the diagram below.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- | |
+ | | | |
+ | -------------- | ------------- |
+ v v v v |
+ ------------------- ----------------- |
+ | BRAND INDEPENDENT | | BRAND DEPENDENT | |
+ | OFFER | | OFFER | |
+ ------------------- ----------------- |
+ | | | | |
+ | --------------- | | |
+ | | | | |
+ | -------------- | -- | |
+ v v v v |
+ --------- -------------- |
+ | PAYMENT | | PAYMENT WITH | |
+ | (first) | | DELIVERY | |
+ --------- -------------- |
+ | | |
+ ----------------------------- | |
+ v | | |
+ ---------- --------- | | |
+ | DELIVERY | | PAYMENT | | | |
+ | | | {second)| | | |
+ ---------- --------- | | |
+ | | | v
+ ----------------------------------------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 26 Baseline Purchase IOTP Transaction
+
+
+
+
+Burdett Informational [Page 221]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ See section 9.1.12 "Valid Combinations of Document Exchanges" to
+ determine which combination of document exchanges apply to a
+ particular instance of an IOTP Transaction.
+
+9.1.9 Baseline Refund IOTP Transaction
+
+ In business terms the refund process typically consists of:
+
+ o a request for a refund being made by the Consumer to the Merchant,
+ typically supported by evidence to demonstrate:
+
+ - the original trade took place, for example by providing a
+ receipt for the original transaction
+
+ - using some type of authentication, that the consumer requesting
+ the refund is the consumer, or a representative of the
+ consumer, who carried out the original trade
+
+ - the reason why the merchant should make the refund
+
+ o the merchant agreeing (or not) to the refund. This may involve
+ some negotiation between the Consumer and the Merchant, and, if
+ the merchant agrees,
+
+ o a refund payment by the Merchant to the Consumer.
+
+ The Baseline Refund IOTP Transaction supports a subset of the above,
+ specifically it supports:
+
+ o stand alone authentication of the Consumer using a separate
+ Baseline Authentication IOTP Transaction (see section 9.1.6)
+
+ o a refund payment by the Merchant to the Consumer using the
+ following two Trading Exchanges:
+
+ - an optional Authentication Document Exchange (see section
+ 9.1.1)
+
+ - an Offer Document Exchange (see section 9.1.2), and
+
+ - a Payment Document Exchange (see section 9.1.3).
+
+ The ways in which these Document Exchanges are combined is
+ illustrated by the diagram below.
+
+
+
+
+
+
+
+Burdett Informational [Page 222]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- |
+ | | |
+ | -------------- | -------------
+ v v v v
+ ------------------- -----------------
+ | BRAND INDEPENDENT | | BRAND DEPENDENT |
+ | OFFER | | OFFER |
+ ------------------- -----------------
+ | |
+ | |
+ | |
+ | -------------------
+ v v
+ --------- --------------
+ | PAYMENT | | PAYMENT WITH |
+ | (first) | | DELIVERY |
+ --------- --------------
+ |
+ ----------------
+ |
+ ---------- --------- |
+ | DELIVERY | | PAYMENT | |
+ | | | {second)| |
+ ---------- --------- |
+ |
+ -----------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 27 Baseline Refund IOTP Transaction
+
+ A Baseline Refund IOTP Transaction without an Authentication Document
+ Exchange might be used:
+
+ o when authentication of the consumer has been achieved by some
+ other means, for example, the consumer has entered some previously
+ supplied code in order to identify herself and the refund to which
+ the code applies. The code could be supplied, for example on a web
+ page or by e-mail.
+
+
+
+
+
+Burdett Informational [Page 223]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o when a previous IOTP transaction, for example a Baseline
+ Authentication, authenticated the consumer, and a secure channel
+ has been maintained, therefore the authenticity of the consumer is
+ known and therefore the previously agreed refund can be
+ identified.
+
+ o when the authentication of the consumer is carried out by the
+ Payment Handler using a payment scheme authentication algorithm.
+
+9.1.10 Baseline Withdrawal IOTP Transaction
+
+ The Baseline Withdrawal IOTP Transaction supports the withdrawal of
+ electronic cash from a Financial Institution.
+
+ Note: The Financial Institution has, in IOTP terminology, a role of
+ merchant in that a service (i.e. a withdrawal of electronic cash) is
+ being offered in return for a fee, for example bank charges of some
+ kind. The term "Financial Institution" is used in the diagrams and in
+ the text for clarity.
+
+ The Baseline Withdrawal IOTP Transaction consists of the following
+ Document Exchanges:
+
+ o an optional Authentication Document Exchange (see section 9.1.1)
+
+ o an Offer Document Exchange (see section 9.1.2), and
+
+ o a Payment Document Exchange (see section 9.1.3).
+
+ The way in which these Document Exchanges may be combined together is
+ illustrated by the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 224]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- |
+ | | |
+ | -------------- | -------------
+ v v v v
+ ------------------- -----------------
+ | BRAND INDEPENDENT | | BRAND DEPENDENT |
+ | OFFER | | OFFER |
+ ------------------- -----------------
+ | |
+ | |
+ | |
+ | -------------------
+ v v
+ --------- --------------
+ | PAYMENT | | PAYMENT WITH |
+ | (first) | | DELIVERY |
+ --------- --------------
+ |
+ ----------------
+ |
+ ---------- --------- |
+ | DELIVERY | | PAYMENT | |
+ | | | {second)| |
+ ---------- --------- |
+ |
+ -----------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 28 Baseline Withdrawal IOTP Transaction
+
+ Note that:
+
+ o a Merchant (Financial Institution) may be able to offer withdrawal
+ of several different types of electronic cash. In practice usually
+ only one form of electronic cash may be offered. However, there
+ may be several different protocols which may be used for the same
+ "brand" of electronic cash.
+
+
+
+
+
+
+Burdett Informational [Page 225]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the Merchant (Financial Institution) may use the results of the
+ authentication to identify not only the consumer but also the
+ account from which the withdrawal is to be made. If no single
+ account can be identified, then it must be obtained by other
+ means. For example:
+
+ - the consumer could specify the account number prior to the
+ Baseline Withdrawal IOTP Transaction starting, or
+
+ - the consumer could have been identified earlier, for example
+ using a Baseline Authentication IOTP Transaction, and an
+ account selected from a list provided by the Financial
+ Institution.
+
+ o a Baseline Withdrawal without an authentication might be used:
+
+ - if a previous IOTP transaction, for example a Baseline Deposit
+ or a Baseline Authentication, authenticated the consumer, and a
+ secure channel has been maintained, therefore the authenticity
+ of the consumer is known
+
+ - if authentication is achieved as part of a proprietary payment
+ protocol and is therefore included in the Payment Document
+ Exchange
+
+ - if authentication of the consumer has been achieved by some
+ other means, for example, by using a pass phrase, or a
+ proprietary banking software solution.
+
+9.1.11 Baseline Value Exchange IOTP Transaction
+
+ The Baseline Value Exchange Transaction uses Payment Document
+ Exchanges to support the exchange of value in one currency obtained
+ using one payment method with value in the same or another currency
+ using the same or another payment method. Examples of its use
+ include:
+
+ o electronic cash advance on a credit card. For example the first
+ payment could be a "dollar SET Payment" using a credit card with
+ the second payment being a download of Visa Cash e-cash in
+ dollars.
+
+ o foreign exchange using the same payment method. For example the
+ payment could be an upload of Mondex value in British Pounds and
+ the second a download of Mondex value in Euros
+
+
+
+
+
+
+Burdett Informational [Page 226]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o foreign exchange using different payment methods. For example the
+ first payment could be a SET payment in Canadian Dollars followed
+ a download of GeldKarte in Deutchmarks.
+
+ The Baseline Value Exchange uses the following Document Exchanges:
+
+ o an optional Authentication Document Exchange (see section 9.1.1)
+
+ o an Offer Document Exchange (see section 9.1.2), which provides
+ details of what values and currencies will be exchanged, and
+
+ o two Payment Document Exchanges (see section 9.1.3) which carry out
+ the two payments involved.
+
+ The way in which these Document Exchanges may be combined together is
+ illustrated by the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 227]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START -----------------------------------------------------
+ | v
+ | ----------------
+ | | AUTHENTICATION |
+ | ----------------
+ -------------------------------------- |
+ | | |
+ | -------------- | -------------
+ v v v v
+ ------------------- -----------------
+ | BRAND INDEPENDENT | | BRAND DEPENDENT |
+ | OFFER | | OFFER |
+ ------------------- -----------------
+ | |
+ | |
+ | |
+ | -------------------
+ v v
+ --------- --------------
+ | PAYMENT | | PAYMENT WITH |
+ | (first) | | DELIVERY |
+ --------- --------------
+ |
+ ----
+ v
+ ---------- ---------
+ | DELIVERY | | PAYMENT |
+ | | | {second)|
+ ---------- ---------
+ |
+ -----------------------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 29 Baseline Value Exchange IOTP Transaction
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 228]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The Baseline Value Exchange IOTP Transaction occurs in two basic
+ forms:
+
+ o Brand Dependent Value Exchange. Where the content of the offer,
+ for example the rate at which one form of value is exchanged for
+ another, is dependent on the payment brands and protocols selected
+ by the consumer, and
+
+ o Brand Independent Value Exchange. Where the content of the offer
+ is not dependent on the payment brands and protocols selected.
+
+ Note: In the above the role is a Merchant even though the
+ Organisation carrying out the Value Exchange may be a Bank or some
+ other Financial Institution. This is because the Bank is acting as a
+ merchant in that they are making an offer which the Consumer can
+ either accept or decline.
+
+ The TPO Block and Offer Response Block may only be combined into the
+ same IOTP Message if the content of the Offer Response Block does not
+ change as a result of selecting the payment brands and payment
+ protocols to be used in the Value Exchange.
+
+ BASELINE VALUE EXCHANGE SIGNATURES
+
+ The use of signatures to ensure the integrity of a Baseline Value
+ Exchange is illustrated by the diagram below.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 229]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+Signature generated IotpMsg (TPO)
+by Merchant ensures - Trans Ref Block
+integrity of the Offer --------> - - Signature Block
+ | - TPO Block MERCHANT
+ | - Offer Response Block
+ |
+Signature generated by |
+the Payment Handler of | IotpMsg (Pay Resp 1)
+the first payment binds | - Trans Ref Block PAYMENT
+Pay Receipt for the first -----> -> - Signature Block ----- HANDLER
+payment to the Offer - Pay Response Block 1 | 1
+ |
+Signature generated by |
+the Payment Handler of IotpMsg (Pay Resp 2) | PAYMENT
+the second payment binds - Trans Ref Block | HANDLER
+the second payment to the -----> - Signature Block <------ 2
+first payment and therefore - Pay Response Block 2
+to the Offer
+
+*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 30 Baseline Value Exchange Signatures
+
+9.1.12 Valid Combinations of Document Exchanges
+
+ The following diagram illustrates the data conditions in the various
+ IOTP messages which can be used by a Consumer Trading Role to
+ determine whether the combination of Document Exchanges are valid.
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ START
+ |
+ v
+ Auth Request Block in =TRUE
+ first IOTP Message ? ---------------------------------------
+ | = FALSE |
+ v v
+ Offer Response Block in ----------------
+ first IOTP Message ? | AUTHENTICATION |
+ |=TRUE |=FALSE ----------------
+ | | |
+ | | v
+
+
+
+
+
+
+Burdett Informational [Page 230]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ | ---------------------- TPO & Offer Response
+ ------------- | Blocks in last IOTP Msg
+ | | |=TRUE |=FALSE
+ | | | v
+ | ------------- | ---- TPO Block only if
+ | | | last IOTP Message
+ | | | of Authentication
+ | | | |=TRUE |=FALSE
+ v v v v |
+ ------------------- ----------------- |
+ | BRAND INDEPENDENT | | BRAND DEPENDENT | |
+ | OFFER | | OFFER | |
+ ------------------- ----------------- |
+ | | |
+ v v |
+ Offer Response Block contains |
+ Delivery Component ? |
+ |=FALSE |=TRUE |
+ --- v |
+ | Value of DelivAndPayResp |
+ | attribute of Delivery Component ? |
+ | |=FALSE |=TRUE |
+ | | | |
+ v v v |
+ --------- -------------- |
+ | PAYMENT | | PAYMENT WITH | |
+ | (first) | | DELIVERY | |
+ --------- -------------- |
+ | | |
+ v | |
+ Offer and Response Block contains -------------->|
+ Delivery Component ? |
+ |=TRUE |=FALSE |
+ | v |
+ | Two Payment Components |
+ | present in Offer Response Block? |
+ | |=TRUE |=FALSE |
+ v v | |
+ ---------- --------- | |
+ | DELIVERY | | PAYMENT | | |
+ | | | {second)| | |
+ ---------- --------- | |
+ | | | v
+ ----------------------------------------------> STOP
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 31 Valid Combinations of Document Exchanges
+
+
+
+Burdett Informational [Page 231]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 1) If first IOTP Message of an IOTP Transaction contains an
+ Authentication Request then:
+
+ a) IOTP Transaction includes an Authentication Document Exchange
+ (see section 9.1.1). (Note 1)
+
+ b) If the last IOTP Message of the Authentication Document
+ Exchange includes a TPO Block and an Offer Response Block then:
+
+ i) IOTP Transaction includes a Brand Independent Offer Document
+ Exchange (see section 9.1.2.2). (Note 2)
+
+ c) Otherwise, if the last IOTP Message of the Authentication
+ Exchange includes a TPO Block but NO Offer Response Block,
+ then:
+
+ i) IOTP Transaction includes a Brand Dependent Offer Document
+ Exchange (see section 9.1.2.1). (Note 2)
+
+ d) Otherwise (Authentication Status IOTP Message of the
+ Authentication Document Exchange contains neither a TPO Block
+ but nor an Offer Response Block)
+
+ i) IOTP Transaction consists of just an Authentication Document
+ Exchange. (Note 3)
+
+ 2) Otherwise (no Authentication Request in first IOTP Message):
+
+ e) IOTP Transaction does not include an Authentication Document
+ Exchange (Note 2)
+
+ f) If first IOTP Message contains an Offer Response Block, then:
+
+ i) the IOTP Transaction contains a Brand Independent Offer
+ Document Exchange (Note 2)
+
+ g) Otherwise (no Offer Response Block in first IOTP Message):
+
+ i) the IOTP Transaction includes a Brand Dependent Offer
+ Document Exchange (Note 2)
+
+ 3) If an Offer Response Block exists in any IOTP message then:
+
+ h) If the Offer Response Block contains a Delivery Component then:
+
+ i) If the DelivAndPayResp attribute of the Delivery Component
+ is set to True, then:
+
+
+
+
+Burdett Informational [Page 232]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ (1) the IOTP Transaction consists of a Payment And Delivery
+ Document Exchange (see section 9.1.5) (Note 4)
+
+ ii) otherwise (the DelivAndPayResp attribute of the Delivery
+ Component is set to False)
+
+ (1) the IOTP Transaction consists of a Payment Document
+ Exchange (see section 9.1.3) followed by a Delivery
+ Document Exchange (see section 9.1.4) (Note 4)
+
+ i) otherwise (the Offer Response Block does not contain a Delivery
+ Component)
+
+ i) if the Offer Response Block contains just one Payment
+ Component, then:
+
+ (1) the IOTP Transaction contains just one Payment Document
+ Exchange (Note 5)
+
+ ii) if the Offer Response Block contains two Payment Components,
+ then:
+
+ (1) the IOTP Transaction contains two Payment Document
+ Exchanges. The StartAfter attribute of the Payment
+ Components is used to indicate which payment occurs
+ first (Note 6)
+
+ iii) if the Offer Response Block contains no or more than two
+ Payment Components, then there is an error
+
+ 4) Otherwise (no Offer Response Block) there is an error.
+
+ The following table indicates the types of IOTP Transactions which
+ can validly have the conditions indicated above.
+
+ Note IOTP Transaction Validity
+
+ 1. Any Payment and Authentication IOTP Transaction
+
+ 2. Any Payment and Authentication IOTP Transaction except Baseline
+ Authentication
+
+ 3. Either Baseline Authentication, or a Baseline Purchase, Refund,
+ Deposit, Withdrawal or Value Exchange with a failed Authentication
+
+ 4. Baseline Purchase only
+
+ 5. Baseline Purchase, Refund, Deposit or Withdrawal
+
+
+
+Burdett Informational [Page 233]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ 6. Baseline Value Exchange only
+
+9.1.13 Combining Authentication Transactions with other Transactions
+
+ In the previous sections an Authentication Document Exchange is shown
+ preceding an Offer Document Exchange as part of a single IOTP
+ Transaction with the same IOTP Transaction Id.
+
+ It is also possible to run a separate Authentication Transaction at
+ any point, even in parallel with another IOTP Transaction. Typically
+ this will be used:
+
+ o by a Consumer to authenticate a Merchant, Payment Handler or a
+ Delivery Handler, or
+
+ o by a Payment Handler or Delivery Handler to authenticate a
+ Consumer.
+
+ In outline the basic process consists of:
+
+ o the Trading Role that decides it wants to carry out an
+ authentication of another role suspends the current IOTP
+ transaction being carried out
+
+ o a stand-alone Authentication transaction is then carried out. This
+ may, at implementer's option, be linked to the original IOTP
+ Transaction using a Related To Component (see section 3.3.3) in
+ the Transaction Reference Block.
+
+ o if the Authentication transaction is successful, then the original
+ IOTP Transaction is restarted
+
+ o if the Authentication fails then the original IOTP Transaction is
+ cancelled.
+
+ For example, a Consumer could:
+
+ o authenticate the Payment Handler for a Payment between receiving
+ an Offer Response from a Merchant and before sending the Payment
+ Request to that Payment Handler
+
+ o authenticate a Delivery Handler for a Delivery between receiving
+ the Payment Response from a Payment Handler and before sending the
+ Delivery Request
+
+ A Payment Handler could authenticate a Consumer after receiving the
+ Payment Request and before sending the next Payment related message.
+
+
+
+
+Burdett Informational [Page 234]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ A Delivery Handler could authenticate a Consumer after receiving the
+ Delivery Request and before sending the Delivery Response.
+
+ Note: Some Payment Methods may carry out an authentication within the
+ Payment Exchange. In this case the information required to carry out
+ the authentication will be included in Payment Scheme Components.
+
+ In this instance IOTP aware application will not be aware that an
+ authentication has occurred since the Payment Scheme Components that
+ contain authentication request information will be indistinguishable
+ from other Payment Scheme Components.
+
+9.2 Infrastructure Transactions
+
+ Infrastructure Transactions are designed to support inquiries about
+ whether or not a transaction has succeeded or a Trading Role's
+ servers are operating correctly. There are two types of transaction:
+
+ o a Transaction Status Inquiry Transaction which provides
+ information on the status of an existing or complete IOTP
+ transaction, and
+
+ o Ping Transaction that enables one IOTP aware application to
+ determine if the IOTP aware application at another Trading Role is
+ operating and verify whether or not signatures can be handled.
+
+ Each of these is described below
+
+9.2.1 Baseline Transaction Status Inquiry IOTP Transaction
+
+ The Baseline IOTP Transaction Status Inquiry provides information on
+ the status of an existing or complete IOTP transaction.
+
+ The Trading Blocks used by the Baseline Transaction Status Inquiry
+ Transaction are:
+
+ o an Inquiry Request Trading Block (see section 8.12),
+
+ o an Inquiry Response Trading Block (see section 8.13)
+
+ o an optional Signature Block (see section 8.16).
+
+ The Inquiry IOTP Transaction can be used for a variety of reasons.
+ For example:
+
+ o to help in resuming a suspended transaction to determine the
+ current state of processing of one of the other roles,
+
+
+
+
+Burdett Informational [Page 235]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o for a merchant to determine if a payment, delivery, etc., was
+ completed. For example, a Consumer might claim that payment was
+ made but no signed IOTP payment receipt was available to prove it.
+ If the Merchant makes an inquiry of the Payment Handler then the
+ Merchant can determine whether or not payment was made.
+
+ Note: Inquiries on Baseline Ping IOTP Transactions (see section
+ 9.2.2) are ignored.
+
+ MAKING INQUIRIES OF ANOTHER TRADING ROLE
+
+ One Trading Role may make an inquiry of any other Trading Role at any
+ point in time.
+
+ IOTP aware software that supports the Consumer Trading Role may not:
+
+ o digitally sign a response if requested, since it may not have the
+ capability, or
+
+ o respond to an Inquiry Request at all since it may not be on-line,
+ or may consider that the request is not reasonable since, for
+ example, the Request was not digitally signed.
+
+ As a guideline:
+
+ o the Consumer should send a Transaction Status Inquiry Block to a
+ Trading Role only after the following events have occurred:
+
+ - to the Merchant, after sending a TPO Selection Block,
+
+ - to the Payment Handler, after sending a Payment Request Block,
+
+ - to the Delivery Handler, after sending a Delivery Request Block,
+
+ o other Trading Roles should send a Transaction Status Inquiry Block
+ to the Consumer only after receiving a message from the Consumer
+ and before sending the final "Response" message to the Consumer
+
+ o there are no restrictions on non-Consumer Trading Roles sending
+ Inquiries to other trading roles.
+
+ TRANSACTION STATUS INQUIRY TRANSPORT SESSION
+
+ For a Transaction Status Inquiry on an ongoing transaction a
+ different transport session from the ongoing transaction is used. For
+ a Transaction Status Inquiry on a past transaction, how the IOTP
+
+
+
+
+
+Burdett Informational [Page 236]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ module on the software at the Trading Role is started upon the
+ receipt of Inquiry Request message is defined in each Mapping to
+ Transport supplement for IOTP.
+
+ TRANSACTION STATUS INQUIRY ERROR HANDLING
+
+ Errors in a Transaction Status Inquiry can be categorised into one of
+ the following three cases:
+
+ o Business errors (see section 4.2) in the original (inquired)
+ messages
+
+ o Technical errors (see section 4.1) - both IOTP and payment scheme
+ specific ones - in the original IOTP (inquired) messages
+
+ o Technical errors in the message containing the Inquiry Request
+ Block itself
+
+ The following outlines what the software should do in each case
+
+ BUSINESS ERRORS IN THE ORIGINAL MESSAGES
+
+ Return an Inquiry Response Block containing the Status Component
+ which was last sent to the Consumer Role.
+
+ TECHNICAL ERRORS IN THE ORIGINAL MESSAGES
+
+ Return an Inquiry Response Block containing a Status Component. The
+ Status Component should contain a ProcessState attribute set to
+ ProcessError. In this case send back an Error Block indicating where
+ the error was found in the original message.
+
+ TECHNICAL ERRORS IN THE INQUIRY REQUEST BLOCK
+
+ Return an Error message. That is, send back an Error Block containing
+ the Error Code (see section 7.21.2) which describes the nature of the
+ error in the Inquiry Request message.
+
+ INQUIRY TRANSACTION MESSAGES
+
+ The following Figure outlines the Baseline IOTP Transaction Status
+ Inquiry process.
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 237]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+
+ 1st Role
+ | 2nd Role
+STEP | |
+ 1. The first role decides to inquire on an IOTP Transaction
+ by, for example, clicking on the inquiry button of an
+ IOTP Aware Application. This will then generate an
+ Inquiry Request Block and send it to the appropriate
+ Trading Role.
+
+ 1 --> 2 INQUIRY REQUEST. IotpMsg: TransRef Block; Signature Block
+ (optional); Inquiry Request Block
+
+ 2. The Trading Role checks the digital signature (if
+ present). If the recipient wants to respond, then the
+ Trading Role checks the transaction status of the
+ transaction that is being inquired upon by using the
+ IotpTransId in the Transaction ID Component of the
+ Transaction Reference Block, then generates the
+ appropriate Inquiry Response Block, sends the message
+ back to the 1st Role and stops
+
+ 1 <-- 2 INQUIRY RESPONSE. IotpMsg: TransRef Block; Inquiry
+ Response Block; Signature Block (Optional)
+
+3. First role checks the Inquiry Response Block and optional
+ signature, takes whatever action is appropriate or
+ perhaps stops. This may include displaying status
+ information to the end user.
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 32 Baseline Transaction Status Inquiry
+
+
+ The remainder of this sub-section on the Baseline Transaction Status
+ Inquiry IOTP Transaction defines the contents of each Trading Block.
+ Note that the term "original transaction" is the transaction which a
+ trading role wants to discover some information about.
+
+ TRANSACTION REFERENCE BLOCK
+
+ A Trading Role making an inquiry must use a Transaction Id Component
+ (see section 3.3.1) where both the IotpTransId and TransTimeStamp
+ attributes are the same as in the Transaction Id Component of the
+ original transaction that is being inquired upon. The IotpTransId
+ attribute in this component serves as the key in querying the
+
+
+
+Burdett Informational [Page 238]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ transaction logs maintained at the Trading Role's site. The value of
+ the ID attribute of the Message Id Component should be different from
+ those of any in the original transaction (see section 3.4.1).
+
+ If up-to-date status information is required then the MsgId
+ Component, and in particular the ID attribute for the MsgId Component
+ must be different from any other IOTP Message that has been sent by
+ the Trading Role. This is required because of the way that
+ Idempotency is handled by IOTP (see section 4.5.2.2 Checking/Handling
+ Duplicate Messages).
+
+ INQUIRY REQUEST BLOCK
+
+ The Inquiry Request Block (see section 8.12) contains the following
+ components:
+
+ o one Inquiry Type Component (see section 7.18). This identifies
+ whether the inquiry is on an offer, payment, or delivery.
+
+ o zero or one Payment Scheme Components (see section 7.10). This is
+ for encapsulating payment scheme specific inquiry messages for
+ inquiries on a payment.
+
+ SIGNATURE BLOCK (INQUIRY REQUEST)
+
+ If a signature block is present on the message containing the Inquiry
+ Request Block then it may be checked to determine if the Inquiry
+ Request is authorised.
+
+ If present, the Inquiry Request Signature Block (see section 8.12)
+ contains the following components:
+
+ o one Signature Component (see section 7.19)
+
+ o one or more Certificate Components, if required.
+
+ Inquiry Response Blocks should only be generated if the Transaction
+ is authorised.
+
+ Note: Digital signatures on an Inquiry Request is only likely to
+ occur if the recipient of the request expects the Inquiry Request to
+ be signed. In this version of IOTP this will require some kind of
+ pre-existing agreement. This means that:
+
+ o Consumers are unlikely to generate requests with signatures,
+ although it is not an error if they do
+
+
+
+
+
+Burdett Informational [Page 239]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o the other trading roles may agree that digital signatures are
+ required. For example a Payment Handler may require that an
+ Inquiry Request is digitally signed by the Merchant so that they
+ can check that the request is valid.
+
+ On the other hand if the original transaction to which the Inquiry
+ relates was carried out over a secure channel (e.g., [SSL]) then it
+ is probably reasonable to presume that if the sender of the Inquiry
+ knows the Transaction Id component of the original message (including
+ for example the timestamp) then the inquiry is likely to be genuine.
+
+ INQUIRY RESPONSE BLOCK
+
+ The Inquiry Response Block (see section 8.13) contains the following
+ components:
+
+ o one Status Component (see section 7.16). This component holds the
+ status information on the inquired transaction,
+
+ o zero or one Payment Scheme Components. These contain encapsulated
+ payment scheme specific inquiry messages for inquiries on payment.
+
+ SIGNATURE BLOCK (INQUIRY RESPONSE)
+
+ If a signature block is present on the message containing the Inquiry
+ Response Block then it may be checked by the receiver of the block to
+ determine if the Inquiry Response is valid.
+
+ If present, the Inquiry Response Signature Block (see section 8.13)
+ contains the following components:
+
+ o one Signature Component (see section 7.19)
+
+ o one or more Certificate Components, if required.
+
+ Note: Digital signatures on an Inquiry Response is only likely to
+ occur if the recipient of the response expects the Inquiry Request to
+ be signed. In this version of IOTP this will require some kind of
+ pre-existing agreement. This means that:
+
+ o Consumers are unlikely to generate responses with signatures,
+ although it is not an error if they do
+
+ o the other trading roles may agree that digital signatures are
+ required. For example a Merchant may require that an Inquiry
+ Response is digitally signed by the Payment Handler so that they
+ can check that the request response is valid.
+
+
+
+
+Burdett Informational [Page 240]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+9.2.2 Baseline Ping IOTP Transaction
+
+ The purpose of the Baseline IOTP Ping Transaction is to test basic
+ connectivity between the Trading Roles that may take part in an IOTP
+ Transaction.
+
+ It enables IOTP aware application software to:
+
+ o determine if the IOTP aware application at another Trading Role is
+ operating, and
+
+ o verify whether or not the two trading roles signatures can be
+ processed.
+
+ For example it can be used by a Merchant to determine if a Payment
+ Handler or Delivery Handler is up and running prior to starting a
+ Purchase transaction that uses those trading roles.
+
+ The Trading Blocks used by the Baseline Ping IOTP Transaction are:
+
+ o a Ping Request Block (see section 8.14)
+
+ o a Ping Response Block (see section 8.15), and
+
+ o a Signature Block (see section 8.16).
+
+ PING MESSAGES
+
+ The following figure outlines the message flows in the Baseline IOTP
+ Ping Transaction.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 241]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
+ 1st Role
+ | 2nd Role
+STEP | |
+ 1. The IOTP Aware Application in the first Trading Role
+ decides to check whether the counterparty IOTP
+ application is up and running. It generates a Ping
+ Request Block and optional Signature Block and sends them
+ to the second trading role.
+
+ 1 --> 2 PING REQUEST. IotpMsg: Trans Ref Block; Signature Block
+ (Optional); Ping Request Block
+
+ 2. The second Trading Role which receives the Ping Request
+ Block generates a Ping Response Block and sends it back
+ to the sender of the original Ping Request with a
+ signature block if required.
+
+ 1 <-- 2 PING Response. IotpMsg: Trans Ref Block; Signature Block
+ (Optional); Ping Response Block
+
+ 3. The first Trading Role checks the Ping Response Block and
+ takes appropriate action, if necessary
+
+ *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
+
+ Figure 33 Baseline Ping Messages
+
+ The verification that signatures can be handled is indicated by the
+ sender of the Ping Request Block including:
+
+ o Organisation Components that identify itself and the intended
+ recipient of the Ping Request Block, and
+
+ o a Signature Block that signs data in the Ping Request.
+
+ In this way the receiver of the Ping Request:
+
+ o knows who is sending the Ping Request and can therefore verify the
+ Signature on the Request, and
+
+ o knows who to generate a signature for on the Ping Response.
+
+ Note that a Ping Request:
+
+ o does not affect any on-going transaction
+
+
+
+
+
+Burdett Informational [Page 242]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o does NOT initiate an IOTP transaction, unlike other IOTP
+ transaction messages such as TPO or Transaction Status Inquiry.
+
+ All IOTP aware applications must return a Ping Response message to
+ the sender of a Ping Request message when it is received.
+
+ A Baseline IOTP Ping request can also contain an optional Signature
+ Block. IOTP aware applications can, for example, use the Signature
+ Block to check the recipient of a Ping Request can successfully
+ process and check signatures it has received.
+
+ For each Baseline Ping IOTP Transaction, each IOTP role shall
+ establish a different transport session from other IOTP transactions.
+
+ Any IOTP Trading Role can send a Ping request to any other IOTP
+ Trading Role at any time it wants. A Ping message has its own
+ IotpTransId, which is different from other IOTP transactions.
+
+ The remainder of this sub-section on the Baseline Ping IOTP
+ Transaction defines the contents of each Trading Block.
+
+ TRANSACTION REFERENCE BLOCK
+
+ The IotpTransId of a Ping transaction should be different from any
+ other IOTP transaction.
+
+ PING REQUEST BLOCK
+
+ If the Ping Transaction is anonymous then no Organisation Components
+ are included in the Ping Request Block (see section 8.7).
+
+ If the Ping Transaction is not anonymous then the Ping Request Block
+ contains Organisation Components for:
+
+ o the sender of the Ping Request Block, and
+
+ o the verifier of the Signature Component
+
+ If Organisation Components are present, then it indicates that the
+ sender of the Ping Request message has generated a Signature Block.
+ The signature block must be verified by the Trading Role that
+ receives the Ping Request Block.
+
+ SIGNATURE BLOCK (PING REQUEST)
+
+ The Ping Request Signature Block (see section 8.16) contains the
+ following components:
+
+
+
+
+Burdett Informational [Page 243]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o one Signature Component (see section 7.19)
+
+ o one or more Certificate Components, if required.
+
+ PING RESPONSE BLOCK
+
+ The Ping Response Block (see section 8.15) contains the following
+ component:
+
+ o the Organisation Component of the sender of the Ping Response
+ message
+
+ If the Ping Transaction is not anonymous then the Ping Response
+ additionally contains:
+
+ o copies of the Organisation Components contained in the Ping
+ Request Block.
+
+ SIGNATURE BLOCK (PING RESPONSE)
+
+ The Ping Response Signature Block (see section 8.16) contains the
+ following components:
+
+ o one Signature Component (see section 7.19)
+
+ o one or more Certificate Components, if required.
+
+10. Retrieving Logos
+
+ This section describes how to retrieve logos for display by IOTP
+ aware software using the Logo Net Locations attribute contained in
+ the Brand Element (see section 7.7.1) and the Organisation Component
+ (see section 7.6).
+
+ The full address of a logo is defined as follows: Logo_address ::=
+ Logo_net_location "/" Logo_size Logo_color_depth ".gif"
+
+ Where:
+
+ o Logo_net_location is obtained from the LogoNetLocn attribute in
+ the Brand Element (see section 7.7.1) or the Organisation
+ Component. Note that:
+
+ - the content of this attribute is dependent on the Transport
+ Mechanism (such as HTTP) that is used. See the Transport
+ Mechanism supplement,
+
+
+
+
+
+Burdett Informational [Page 244]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - implementers should check that if the rightmost character of
+ Logo Net Location is set to right-slash "/" then another, right
+ slash should not be included when generating the Logo Address,
+
+ o Logo_size identifies the size of the logo,
+
+ o Logo_color_depth identifies the colour depth of the logo
+
+ o "gif" indicates that the logos are in "gif" format
+
+ Logo_size and Logo_color_depth are specified by the implementer of
+ the IOTP software that is retrieving the logo depending on the size
+ and colour that they want to use.
+
+10.1 Logo Size
+
+ There are five standard sizes for logos. The sizes in pixels and the
+ corresponding values for Logo Size are given in the table below.
+
+ Size in Logo Size
+ Pixels Value
+
+ 32 x 32 or exsmall
+ 32 x 20
+
+ 53 x 33 small
+
+ 103 x 65 medium
+
+ 180 x 114 large
+
+ 263 x 166 exlarge
+
+10.2 Logo Color Depth
+
+ There are three standard colour depths. The colour depth (including
+ bits per pixel) and the corresponding value for Logo_Color_Depth are
+ given in the table below.
+
+ Color Depth Logo Color
+ (bits per pixel) Depth Value
+
+ 4 (16 colors) 4
+
+ 8 (256 colors) nothing
+
+ 24 (16 million colors) 24
+
+
+
+
+Burdett Informational [Page 245]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note that if Logo Color Depth is omitted then a logo with the default
+ colour depth of 256 colours will be retrieved.
+
+10.3 Logo Net Location Examples
+
+ If Logo Net Location was set to "ftp://logos.xzpay.com", then:
+
+ o "ftp://logos.xzpay.com/medium.gif" would retrieve a medium size
+ 256 colour logo
+
+ o "http://logos.xzpay.com/small4.gif" would retrieve a small size 16
+ colour logo
+
+ Note: Organisations which make logos available for use with IOTP
+ should always make available "small" and "medium" size logos and use
+ the "gif" format.
+
+11. Brands
+
+ This section contains:
+
+ o a definition of Brands and an outline of Brand Selection using
+ Brand Lists, and
+
+ o some XML examples of Brand Lists
+
+11.1 Brand Definitions and Brand Selection
+
+ One of the key features of IOTP is the ability for a merchant to
+ offer a list of Brands from which a consumer may make a selection.
+ This section provides an overview of what is involved and provides
+ guidance on how selection of a brand and associated payment
+ instrument can be carried out by a Consumer. It covers:
+
+ o definitions of Payment Instruments and Brands - what are Payment
+ Instruments and Brands in an IOTP context. Further categorises
+ Brands as optionally a "Dual Brand" or a "Promotional Brand",
+
+ o identification and selection of Promotional Brands - Promotional
+ Brands offer a Consumer some additional benefit, for example
+ loyalty points or a discount. This means that both Consumers and
+ Merchant must be able to correctly identify that a valid
+ Promotional Brand is being used.
+
+ Also see the following sections:
+
+
+
+
+
+
+Burdett Informational [Page 246]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o Brand List Component (section 7.7) which contains definitions of
+ the XML elements which contain the list of Brands offered by a
+ Merchant to a Consumer, and
+
+ o Brand Selection Component (section 7.8) for details of how a
+ Consumer records the Brand, currency, amount and payment protocol
+ that was selected.
+
+11.1.1 Definition of Payment Instrument
+
+ A Payment Instrument is the means by which a Consumer pays for goods
+ or services offered by a Merchant. It can be, for example:
+
+ o a credit card such as MasterCard or Visa;
+
+ o a debit card such as MasterCard's Maestro;
+
+ o a smart card based electronic cash payment instrument such as a
+ Mondex Card, a GeldKarte card or a Visa Cash card
+
+ o a software based electronic payment account such as a CyberCash or
+ DigiCash account.
+
+ Most Payment Instruments have a number, typically an account number,
+ by which the Payment Instrument can be identified.
+
+11.1.2 Definition of Brand
+
+ A Brand is the mark which identifies a particular type of Payment
+ Instrument. A list of Brands are the payment options which are
+ presented by the Merchant to the Consumer and from which the Consumer
+ makes a selection. Each Brand may have a different Payment Handler.
+ Examples of Brands include:
+
+ o payment association and proprietary Brands, for example
+ MasterCard, Visa, American Express, Diners Club, Mondex,
+ GeldKarte, CyberCash, etc.
+
+ o promotional brands (see below). These include:
+
+ - store brands, where the Payment Instrument is issued to a
+ Consumer by a particular Merchant, for example Walmart, Sears,
+ or Marks and Spencer (UK)
+
+ - cobrands, for example American Advantage Visa, where an
+ Organisation uses their own brand in conjunction with,
+ typically, a payment association Brand.
+
+
+
+
+Burdett Informational [Page 247]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+11.1.3 Definition of Dual Brand
+
+ A Dual Brand means that a single payment instrument may be used as if
+ it were two separate Brands. For example there could be a single
+ Japanese "UC" MasterCard which can be used as either a UC card or a
+ regular MasterCard. The UC card Brand and the MasterCard Brand could
+ each have their own separate Payment Handlers. This means that:
+
+ o the merchant treats, for example "UC" and "MasterCard" as two
+ separate Brands when offering a list of Brands to the Consumer,
+
+ o the consumer chooses a Brand, for example either "UC" or
+ "MasterCard,
+
+ o the consumer IOTP aware application determines which Payment
+ Instrument(s) match the chosen Brand, and selects, perhaps with
+ user assistance, the correct Payment Instrument to use.
+
+ Note: Dual Brands need no special treatment by the Merchant and
+ therefore no explicit reference is made to Dual Brands in the DTD.
+ This is because, as far as the Merchant is concerned, each Brand in a
+ Dual Brand is treated as a separate Brand. It is at the Consumer,
+ that the matching of a Brand to a Dual Brand Payment Instrument needs
+ to be done.
+
+11.1.4 Definition of Promotional Brand
+
+ A Promotional Brand means that, if the Consumer pays with that Brand,
+ then the Consumer will receive some additional benefit which can be
+ received in two ways:
+
+ o at the time of purchase. For example if a Consumer pays with a
+ "Walmart MasterCard" at a Walmart web site, then a 5% discount
+ might apply, which means the consumer actually pays less,
+
+ o from their Payment Instrument (card) issuer when the payment
+ appears on their statement. For example loyalty points in a
+ frequent flyer scheme could be awarded based on the total payments
+ made with the Payment Instrument since the last statement was
+ issued.
+
+ Note that:
+
+ o the first example (obtaining the benefit at the time of purchase),
+ requires that:
+
+ - the Consumer is informed of the benefits which arise if that
+ Brand is selected
+
+
+
+Burdett Informational [Page 248]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - if the Brand is selected, the Merchant changes the relevant
+ IOTP Components in the Offer Response to reflect the correct
+ amount to be paid
+
+ o the second (obtaining a benefit through the Payment Instrument
+ issuer) does not require that the Offer Response is changed
+
+ o each Promotional Brand should be identified as a separate Brand in
+ the list of Brands offered by the Merchant. For example:
+ "Walmart", "Sears", "Marks and Spencer" and "American Advantage
+ Visa", would each be a separate Brand.
+
+11.1.5 Identifying Promotional Brands
+
+ There are two problems which need to handled in identifying
+ Promotional Brands:
+
+ o how does the Merchant or their Payment Handler positively identify
+ the promotional brand being used at the time of purchase
+
+ o how does the Consumer reliably identify the correct promotional
+ brand from the Brand List presented by the Merchant
+
+ The following is a description of how this could be achieved.
+
+ Note: Please note that the approach described here is a model
+ approach that solves the problem. Other equivalent methods may be
+ used.
+
+11.1.5.1 Merchant/Payment Handler Identification of Promotional Brands
+
+ Correct identification that the Consumer is paying using a
+ Promotional Brand is important since a Consumer might fraudulently
+ claim to have a Promotional Brand that offers a reduced payment
+ amount when in reality they do not.
+
+ Two approaches seem possible:
+
+ o use some feature of the Payment Instrument or the payment method
+ to positively identify the Brand being used. For example, the SET
+ certificate for the Brand could be used, if one is available, or
+
+ o use the Payment Instrument (card) number to look up information
+ about the Payment Instrument on a Payment Instrument issuer
+ database to determine if the Payment Instrument is a promotional
+ brand.
+
+
+
+
+
+Burdett Informational [Page 249]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Note that:
+
+ o the first assumes that SET is available.
+
+ o the second is only possible if the Merchant, or alternatively the
+ Payment Handler, has access to card issuer information.
+
+ IOTP does not provide the Merchant with Payment Instrument
+ information (e.g., a card or account number). This is only sent as
+ part of the encapsulated payment protocol to a Payment Handler. This
+ means that:
+
+ o the Merchant would have to assume that the Payment Instrument
+ selected was a valid Promotional Brand, or
+
+ o the Payment Handler would have to check that the Payment
+ Instrument was for the valid Promotional Brand and fail the
+ payment if it was not.
+
+ A Payment Handler checking that a brand is a valid Promotional Brand
+ is most likely if the Payment Handler is also the Card Issuer.
+
+11.1.5.2 Consumer Selection of Promotional Brands
+
+ Two ways by which a Consumer can correctly select a Promotional Brand
+ are:
+
+ o the Consumer visually matching a logo for the Promotional Brand
+ which has been provided to the Consumer by the Merchant,
+
+ o the Consumer's IOTP aware application matching a code for the
+ Promotional Brand which the application has registered against a
+ similar code contained in the list of Brands offered by the
+ Merchant.
+
+ In the latter case, the code contained in the Consumer wallet must
+ match exactly the code in the list offered by the Merchant otherwise
+ no match will be found. Ways in which the Consumer's IOTP Aware
+ Application could obtain such a code include:
+
+ o the Consumer types the code in directly. This is error prone and
+ not user friendly, also the consumer needs to be provided with the
+ code. This approach is not recommended,
+
+ o using one of the Brand Identifiers defined by IOTP and pre-loaded
+ into the Consumers IOTP Aware application or wallet by the
+ developer of the Wallet,
+
+
+
+
+Burdett Informational [Page 250]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o using some information contained in the software or other data
+ associated with the Payment Instrument. This could be:
+
+ - a SET certificate for Brands which use this payment method
+
+ - a code provided by the payment software which handles the
+ particular payment method, this could apply to, for example,
+ GeldKarte, Mondex, CyberCash and DigiCash,
+
+ o the consumer making an initial "manual" link between a Promotional
+ Brand in the list of Brands offered by the Merchant and an
+ individual Payment Instrument, the first time the promotional
+ brand is used. The IOTP Aware application would then "remember"
+ the code for the Promotional Brand for use in future purchases.
+
+11.1.5.3 Consumer Software Brand Id recommendation
+
+ New Brand Ids are allocated under IANA procedures (see section 12
+ IANA Considerations). Which also contains an initial list of Brand
+ Identifiers.
+
+ It is recommended that implementers of consumer IOTP aware
+ applications (e.g., software wallets) pre-load their software with
+ the then current set of Brand Ids and provide a method by which they
+ can be updated. For example, by going to the software developer's web
+ site.
+
+11.2 Brand List Examples
+
+ This example contains three examples of the XML for a Brand List
+ Component. It covers:
+
+ o a simple credit card based example
+
+ o a credit card based brand list including promotional credit card
+ brands, and
+
+ o a complex electronic cash based brand list
+
+ Note that:
+
+ o brand lists can be as complex or as simple as required
+
+ o all example techniques described in this appendix can be included
+ in one brand list.
+
+
+
+
+
+
+Burdett Informational [Page 251]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+11.2.1 Simple Credit Card Based Example
+
+ This is a simple example involving:
+
+ o only major credit card payment brands
+
+ o a single price in a single currency
+
+ o a single Payment Handler, and
+
+ o a single payment protocol
+
+ <BrandList ID='M1.2'
+ XML:Lang='us-en'
+ ShortDesc='Purchase book including s&h'
+ PayDirection='Debit' >
+ <Brand ID ='M1.30'
+ BrandId='MasterCard'
+ BrandName='MasterCard Credit'
+ BrandLogoNetLocn='ftp://otplogos.mastercard.com/mastercardcredit'
+ ProtocolAmountRefs='M1.33'>
+ </Brand>
+ <Brand ID ='M.31'
+ BrandId='Visa'
+ BrandName='Visa Credit'
+ BrandLogoNetLocn='ftp://otplogos.visa.com/visacredit'
+ ProtocolAmountRefs='M1.33'>
+ </Brand>
+ <Brand ID ='M1.32'
+ BrandId='AmericanExpress'
+ BrandName='American Express'
+ BrandLogoNetLocn='ftp://otplogos.amex.com'
+ ProtocolAmountRefs ='M1.33' >
+ </Brand >
+ <ProtocolAmount ID ='M1.33'
+ PayProtocolRef='M1.35'
+ CurrencyAmountRefs='M1.34'>
+ </ProtocolAmount>
+ <CurrencyAmount ID ='M1.34'
+ Amount='10.95'
+ CurrCode='USD'/>
+ <PayProtocol ID ='M1.35'
+ ProtocolId='SCCD1.0'
+ ProtocolName='Secure Channel Credit/Debit'
+ PayReqNetLocn='http://www.example.com/etill/sccd1' >
+ </PayProtocol>
+ </BrandList>
+
+
+
+
+Burdett Informational [Page 252]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+11.2.2 Credit Card Brand List Including Promotional Brands
+
+ An example of a Credit Card based Brand List follows. It includes:
+
+ o two ordinary card association brands and two promotional credit
+ card brands. The promotional brands consist of one loyalty based
+ (British Airways MasterCard) which offers additional loyalty
+ points and one store based (Walmart) which offers a discount on
+ purchases over a certain amount
+
+ o two payment protocols:
+
+ - SET (Secure Electronic Transactions) see [SET], and
+
+ - SCCD (Secure Channel Credit Debit) see [SCCD].
+
+ <BrandList ID='M1.2'
+ XML:Lang='us-en'
+ ShortDesc='Purchase ladies coat'
+ PayDirection='Debit' >
+ <Brand ID ='M1.3'
+ BrandId='MasterCard'
+ BrandName='MasterCard Credit'
+ BrandLogoNetLocn='ftp://otplogos.mastercard.com'
+ ProtocolAmountRefs='M1.7 M1.8'>
+ <ProtocolBrand ProtocolId='SET1.0' ProtocolBrandId='MasterCard:'>
+ </ProtocolBrand>
+ </Brand>
+ <Brand ID ='M1.4'
+ BrandId='Visa'
+ BrandName='Visa Credit'
+ BrandLogoNetLocn='ftp://otplogos.visa.com'
+ ProtocolAmountRefs='M1.7 M1.8'>
+ <ProtocolBrand ProtocolId='SET1.0' ProtocolBrandId='Visa:'>
+ </ProtocolBrand>
+ </Brand>
+ <Brand ID ='M1.5'
+ BrandId='BritishAirwaysMC'
+ BrandName='British Airways MasterCard'
+ BrandLogoNetLocn='ftp://otplogos.britishairways.co.uk'
+ BrandNarrative='Double air miles with British Airways MasterCard'
+ ProtocolAmountRefs ='M1.7 M1.8' >
+ <ProtocolBrand ProtocolId='SET1.0' ProtocolBrandId='MasterCard:BA'>
+ </ProtocolBrand>
+ </Brand >
+ <Brand ID ='M1.6'
+ BrandId='Walmart'
+ BrandName='Walmart Store Card'
+
+
+
+Burdett Informational [Page 253]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ BrandLogoNetLocn='ftp://otplogos.walmart.com'
+
+ BrandNarrative='5% off with your Walmart Card
+ on purchases over $150'
+ ProtocolAmountRefs='M1.8'>
+ </Brand>
+ <ProtocolAmount ID ='M1.7'
+ PayProtocolRef='M1.10'
+ CurrencyAmountRefs='M1.9' >
+ <PackagedContent Transform="BASE64">
+ 238djqw1298erh18dhoire
+ </PackagedContent>
+ </ProtocolAmount>
+ <ProtocolAmount ID ='M1.8'
+ PayProtocolRef='M1.11'
+ CurrencyAmountRefs='M1.9' >
+ <PackagedContent Transform="BASE64">
+ 238djqw1298erh18dhoire
+ </PackagedContent>
+ </ProtocolAmount>
+ <CurrencyAmount ID ='M1.9'
+ Amount='157.53'
+ CurrCode='USD'/>
+ <PayProtocol ID ='M1.10'
+ ProtocolId='SET1.0'
+ ProtocolName='Secure Electronic Transaction Version 1.0'
+ PayReqNetLocn='http://www.example.com/etill/set1' >
+ <PackagedContent Transform="BASE64">
+ 8ueu26e482hd82he82
+ </PackagedContent>
+ </PayProtocol>
+ <PayProtocol ID ='M1.11'
+ ProtocolId='SCCD1.0'
+ ProtocolName='Secure Channel Credit/Debit'
+ PayReqNetLocn='http://www.example.com/etill/sccd1' >
+ <PackagedContent Transform="BASE64">
+ 82hd82he8226e48ueu
+ </PackagedContent>
+ </PayProtocol>
+ </BrandList>
+
+11.2.3 Brand Selection Example
+
+ In order to pay by 'British Airways' MasterCard using the example
+ above using SET and therefore getting double air miles, the Brand
+ Selection would be:
+
+ <BrandSelection ID='C1.2'
+
+
+
+Burdett Informational [Page 254]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ BrandListRef='M1.3'
+ BrandRef='M1.5'
+ ProtocolAmountRef='M1.7'
+ CurrencyAmountRef='M1.9' >
+ </BrandSelection>
+
+11.2.4 Complex Electronic Cash Based Brand List
+
+ The following is an fairly complex example which includes:
+
+ o payments using either Mondex, GeldKarte, CyberCash or DigiCash
+
+ o in currencies including US dollars, British Pounds, Italian Lira,
+ German Marks and Canadian Dollars
+
+ o a discount on the price if the payment is made in Mondex using
+ British pounds or US dollars, and
+
+ o more than one Payment Handler is used for payments involving
+ Mondex or CyberCash
+
+ o support for more than one version of a CyberCash CyberCoin payment
+ protocol.
+
+ <BrandList ID='M1.2'
+ XML:Lang='us-en'
+ ShortDesc='Company report on XYZ Co'
+ PayDirection='Debit' >
+ <Brand ID ='M1.13'
+ BrandId='Mondex'
+ BrandName='Mondex Electronic Cash'
+ BrandLogoNetLocn='ftp://otplogos.mondex.com'
+ ProtocolAmountRefs='M1.17 M1.18'>
+ </Brand>
+ <Brand ID ='M1.14'
+ BrandId='GeldKarte'
+ BrandName='GeldKarte Electronic Cash'
+ BrandLogoNetLocn='ftp://otplogos.geldkarte.co.de'
+ ProtocolAmountRefs='M1.19'>
+ </Brand>
+ <Brand ID ='M1.15'
+ BrandId='CyberCoin'
+ BrandName='CyberCoin Eletronic Cash'
+ BrandLogoNetLocn='http://otplogos.cybercash.com'
+ ProtocolAmountRefs ='M1.20' >
+ </Brand >
+ <Brand ID ='M1.16'
+ BrandId='DigiCash'
+
+
+
+Burdett Informational [Page 255]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ BrandName='DigiCash Electronic Cash'
+ BrandLogoNetLocn='http://otplogos.digicash.com'
+ BrandNarrative='5% off with your Walmart Card
+ on purchases over $150'
+ ProtocolAmountRefs='M1.22'>
+ </Brand>
+ <ProtocolAmount ID ='M1.17'
+ PayProtocolRef='M1.31'
+ CurrencyAmountRefs='M1.25 M1.29'>
+ </ProtocolAmount>
+ <ProtocolAmount ID ='M1.18'
+ PayProtocolRef='M1.32'
+ CurrencyAmountRefs='M1.26 M1.27 M1.28 M1.30'>
+ </ProtocolAmount>
+ <ProtocolAmount ID ='M1.19'
+ PayProtocolRef='M1.35'
+ CurrencyAmountRefs='M1.28'>
+ </ProtocolAmount>
+ <ProtocolAmount ID ='M1.20'
+ PayProtocolRef='M1.34 M1.33'
+ CurrencyAmountRefs='M1.23 M1.24 M1.27 M1.28 M1.29 M1.30'>
+ </ProtocolAmount>
+ <ProtocolAmount ID ='M1.21'
+ PayProtocolRef='M1.36'
+ CurrencyAmountRefs='M1.23 M1.24 M1.27 M1.28 M1.29 M1.30'>
+ </ProtocolAmount>
+ <CurrencyAmount ID ='M1.23'
+ Amount='20.00'
+ CurrCode='USD'/>
+ <CurrencyAmount ID ='M1.24'
+ Amount='12.00'
+ CurrCode='GBP'/>
+ <CurrencyAmount ID ='M1.25'
+ Amount='19.50'
+ CurrCode='USD'/>
+ <CurrencyAmount ID ='M1.26'
+ Amount='11.75'
+ CurrCode='GBP'/>
+ <CurrencyAmount ID ='M1.27'
+ Amount='36.00'
+ CurrCode='DEM'/>
+ <CurrencyAmount ID ='M1.28'
+ Amount='100.00'
+ CurrCode='FFR'/>
+ <CurrencyAmount ID ='M1.29'
+ Amount='22.00'
+ CurrCode='CAD'/>
+ <CurrencyAmount ID ='M1.30'
+
+
+
+Burdett Informational [Page 256]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Amount='15000'
+ CurrCode='ITL'/>
+ <PayProtocol ID ='M1.31'
+ ProtocolId='MXv1.0'
+ ProtocolName='Mondex IOTP Protocol Version 1.0'
+ PayReqNetLocn='http://www.mxbankus.com/etill/mx' >
+ </PayProtocol>
+ <PayProtocol ID ='M1.32'
+ ProtocolId='MXv1.0'
+ ProtocolName='Mondex IOTP Protocol Version 1.0'
+ PayReqNetLocn='http://www.mxbankuk.com/vserver' >
+ </PayProtocol>
+ <PayProtocol ID ='M1.33'
+ ProtocolId='Ccashv1.0'
+ ProtocolName='CyberCoin Version 1.0'
+ PayReqNetLocn='http://www.cybercash.com/ccoin' >
+ </PayProtocol>
+ <PayProtocol ID ='M1.34'
+ ProtocolId='CCashv2.0'
+ ProtocolName='CyberCoin Version 2.0'
+ PayReqNetLocn='http://www.cybercash.com/ccoin' >
+ </PayProtocol>
+ <PayProtocol ID ='M1.35'
+ ProtocolId='GKv1.0'
+ ProtocolName='GeldKarte Version 1.0'
+ PayReqNetLocn='http://www.example.com/pgway' >
+ </PayProtocol>
+ <PayProtocol ID ='M1.36'
+ ProtocolId='DCashv1.0'
+ ProtocolName='DigiCash Protocol Version 1.0'
+ PayReqNetLocn='http://www.example.com/digicash' >
+ </PayProtocol>
+ </BrandList>
+
+12. IANA Considerations
+
+ This section describes the codes that are controlled by IANA, and
+ also how new codes can be created for testing purposes that are not
+ controlled by IANA.
+
+12.1 Codes Controlled by IANA
+
+ To help ensure interoperability, there is a need for codes used by
+ IOTP to be maintained in a controlled environment so that their
+ meaning and usage are well defined and duplicate codes avoided.
+ [IANA] is the mechanism to be used for this purpose as described in
+ RFC 2434.
+
+
+
+
+Burdett Informational [Page 257]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ The element types and attributes names to which this procedure
+ applies is shown in the table below together with the initial values
+ that are valid for these attributes.
+
+ Note that:
+
+ o the IETF Trade mailing list's email address is ietf-
+ trade@elistx.com
+
+ o "Designated Experts" (see [IANA]) are appointed by the IESG.
+
+ Element Type/ Attribute Values
+ Attribute Name
+
+ Algorithm/ "sha1" - indicates that a [SHA1] authentication
+ Name will apply
+ (When Algorithm
+ is a child of an "signature" - indicates that authentication
+ AuthReq consists of the generation of a digital signature.
+ Component)
+ "Pay:ppp" where "ppp" may be set to any valid
+ value for "iotpbrand" (see below)
+
+ With the exception of Algorithms that begin with
+ "pay:", new values are allocated following review
+ on the IETF Trade mailing list and by the
+ Designated Expert.
+
+ Note: The Algorithm element is likely to be eventually defined
+ within the [DSIG] name space. It is likely that the maintenance
+ procedure defined here may need to vary over time, as the DSIG
+ proposals become more widely adopted.
+
+ Element Type/ Attribute Values
+ Attribute Name
+
+ Brand/BrandId The following list of initial BrandIds have been
+ taken from those Organisations that have applied
+ for SET certificates as at 1st June 1999:
+
+ "Amex" - American Express
+
+ "Dankort" - Dankort
+
+ "JCB" - JCB
+
+ "Maestro" - Maestro
+
+
+
+
+Burdett Informational [Page 258]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ "MasterCard" - MasterCard
+
+ "NICOS" - NICOS
+
+ "VISA" - Visa
+
+ In addition the following Brand Id values are
+ defined:
+
+ "Mondex"
+
+ "GeldKarte"
+
+ New values of BrandId must be announced to the
+ IETF Trade mailing list and, if there are no
+ objections within three weeks, are allocated on a
+ "first come first served" basis.
+
+ CurrencyAmount/ Currency codes are dependent on CurrCodeType (see
+ CurrCode below).
+
+ If CurrCodeType is "ISO4217-A" then the currency
+ code is an alphabetic currency code as defined by
+ [ISO4217].
+
+ If CurrCodeType is "IOTP" then new values must be
+ announced to the IETF Trade mailing list and, if
+ there are no objections within three weeks, are
+ allocated on a "first come first served" basis.
+
+ Note: The Currency Code Type of IOTP, is designed to allow the
+ support of "new" psuedo currencies such as loyalty or frequent flyer
+ points. At the time of writing this specification, no currency codes
+ of this type have been defined.
+
+ Element Type/ Attribute Values
+ Attribute Name
+
+ CurrencyAmount/ "ISO4217-A"
+ CurrCodeType
+ "IOTP"
+
+ New values of CurrCodeType attribute are allocated
+ following review on the IETF Trade mailing list
+ and by the Designated Expert.
+
+ DeliveryData/ "Post"
+ DelivMethod
+
+
+
+Burdett Informational [Page 259]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ "Web"
+
+ "Email"
+
+ New values of Delivery Method attribute are
+ allocated following review on the IETF Trade
+ mailing list and by the Designated Expert. This
+ may require the publication of additional
+ documentation to describe how the delivery method
+ is used.
+
+ PackagedContent/ "PCDATA"
+ Content
+ "MIME"
+
+ "MIME:mimetype" (where mimetype must be the same
+ as content-type as defined by [MIME] )
+
+ "XML"
+
+ If the Content attribute is of the form
+ "MIME"mimetype", then control of new values for
+ "mimetype" is as defined in [MIME].
+
+ Otherwise, new values of the Content attribute are
+ allocated following review on the IETF Trade
+ mailing list and by the Designated Expert. This
+ may require the publication of additional
+ documentation to describe how the new attribute is
+ used within a Packaged Content element.
+
+ RelatedTo/ "IotpTransaction"
+ RelationshipType
+ "Reference"
+
+ New values of the RelationshipType attribute are
+ allocated following review on the IETF Trade
+ Working Group mailing list and by the Designated
+ Expert. This may require the publication of
+ additional documentation to describe how the
+
+ Element Type/ Attribute Values
+ Attribute Name
+ delivery method is used.
+
+ Status/ Offer
+ StatusType
+ Payment
+
+
+
+Burdett Informational [Page 260]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Delivery
+
+ Authentication
+
+ Unidentified
+
+ New values of the Status Type attribute are
+ allocated following:
+ o publication to the IETF Trade Working Group,
+ of an RFC describing the Trading Exchange,
+ Trading Roles and associated components that
+ relate to the Status, and
+ o review of the document on the IETF Trade
+ mailing list and by the Designated Expert.
+
+ Note: The document describing new values for the Status Type
+ attribute may be combined with documents that describe new Trading
+ Roles and types of signatures (see below).
+
+ TradingRole/ "Consumer"
+ TradingRole
+ "Merchant"
+
+ "PaymentHandler"
+
+ "DeliveryHandler"
+
+ "DelivTo"
+
+ "CustCare"
+
+ New values of the Trading Role attribute are
+ allocated following:
+ o publication to the IETF Trade Working Group,
+ of an RFC describing the Trading Exchange,
+ Trading Roles and associated components that
+ relate to the Trading Role, and
+ o review of the document on the IETF Trade
+ mailing list and by the Designated Expert.
+
+ Note: The document describing new values for the Trading Role
+ attribute may be
+
+ Element Type/ Attribute Values
+ Attribute Name
+ combined with documents that describe
+ new Status Types (see above) and
+ types of signatures (see below).
+
+
+
+Burdett Informational [Page 261]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ TransId/ "BaselineAuthentication"
+ IotpTransType
+ "BaselineDeposit"
+
+ "BaselinePurchase"
+
+ "BaselineRefund"
+
+ "BaselineWithdrawal"
+
+ "BaselineValueExchange"
+
+ "BaselineInquiry"
+
+ "BaselinePing"
+
+ New values of the IotpTransType attribute are
+ allocated following:
+ o publication to the IETF Trade mailing list, of
+ an RFC describing the new IOTP Transaction, and
+ o review of the document on the IETF Trade
+ Working Group mailing list and by the
+ Designated Expert.
+
+ Attribute/ Content
+ (see Signature
+ "OfferResponse"
+ Component) "PaymentResponse"
+
+ "DeliveryResponse"
+
+ "AuthenticationRequest"
+
+ "AuthenticationResponse"
+
+ "PingRequest"
+
+ "PingResponse"
+
+ New values of the code that define the type of a
+ signature are allocated following:
+ o publication to the IETF Trade Working Group,
+ of an RFC describing the Trading Exchange where
+ the signature is being used, and
+ o review of the document on the IETF Trade
+ mailing list and by the Designated Expert.
+
+
+
+
+
+Burdett Informational [Page 262]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Element Type/ Attribute Values
+ Attribute Name
+
+ Note: The document describing new values for the types of signatures
+ may be combined with documents that describe new Status Types and
+ Trading Roles (see above).
+
+12.2 Codes not controlled by IANA
+
+ In addition to the formal development and registration of codes as
+ described above, there is still a need for developers to experiment
+ using new IOTP codes. For this reason, "user defined codes" may be
+ used to identify additional values for the codes contained within
+ this specification without the need for them to be registered with
+ IANA.
+
+ The definition of a user defined code is as follows:
+
+ user_defined_code ::= ( "x-" | "X-" ) NameChar (NameChar)*
+
+ NameChar NameChar has the same definition as the [XML]
+ definition of NameChar
+
+ Use of domain names (see [DNS]) to make user defined codes unique is
+ recommended although this method cannot be relied upon.
+
+13. Internet Open Trading Protocol Data Type Definition
+
+ This section contains the XML DTD for the Internet Open Trading
+ Protocols.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 263]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!--
+ ******************************************************
+ * *
+ * INTERNET OPEN TRADING PROTOCOL VERSION 1.0 DTD *
+ * Filename: ietf.org/rfc/rfc2801.dtd *
+ * *
+ * Changes from version 07 (iotp-v1.0-protocol-07.dtd)*
+ * - NO CHANGES *
+ * *
+ * *
+ * *
+ * *
+ * Copyright Internet Engineering Task Force 1998-2000*
+ * *
+ ******************************************************
+
+ ******************************************************
+ * IOTP MESSAGE DEFINITION *
+ ******************************************************
+ -->
+
+ <!ELEMENT IotpMessage
+ ( TransRefBlk,
+ IotpSignatures?,
+ ErrorBlk?,
+ ( AuthReqBlk |
+ AuthRespBlk |
+ AuthStatusBlk |
+ CancelBlk |
+ DeliveryReqBlk |
+ DeliveryRespBlk |
+ InquiryReqBlk |
+ InquiryRespBlk |
+ OfferRespBlk |
+ PayExchBlk |
+ PayReqBlk |
+ PayRespBlk |
+ PingReqBlk |
+ PingRespBlk |
+ TpoBlk |
+ TpoSelectionBlk
+ )*
+ ) >
+ <!ATTLIST IotpMessage
+ xmlns CDATA
+ 'iotp:ietf.org/iotp-v1.0' >
+
+
+
+
+
+Burdett Informational [Page 264]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!--
+ ******************************************************
+ * TRANSACTION REFERENCE BLOCK DEFINITION *
+ ******************************************************
+ -->
+
+ <!ELEMENT TransRefBlk (TransId, MsgId, RelatedTo*) >
+ <!ATTLIST TransRefBlk
+ ID ID #REQUIRED >
+
+
+ <!ELEMENT TransId EMPTY >
+ <!ATTLIST TransId
+ ID ID #REQUIRED
+ Version NMTOKEN #FIXED '1.0'
+ IotpTransId CDATA #REQUIRED
+ IotpTransType CDATA #REQUIRED
+ TransTimeStamp CDATA #REQUIRED >
+
+
+ <!ELEMENT MsgId EMPTY >
+ <!ATTLIST MsgId
+ ID ID #REQUIRED
+ RespIotpMsg NMTOKEN #IMPLIED
+ xml:lang NMTOKEN #REQUIRED
+ LangPrefList NMTOKENS #IMPLIED
+ CharSetPrefList NMTOKENS #IMPLIED
+ SenderTradingRoleRef NMTOKEN #IMPLIED
+ SoftwareId CDATA #REQUIRED
+ TimeStamp CDATA #IMPLIED >
+
+
+ <!ELEMENT RelatedTo (PackagedContent) >
+ <!ATTLIST RelatedTo
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ RelationshipType NMTOKEN #REQUIRED
+ Relation CDATA #REQUIRED
+ RelnKeyWords NMTOKENS #IMPLIED >
+
+
+
+ <!--
+ ******************************************************
+ * Packaged Content Common Element *
+ ******************************************************
+ -->
+
+
+
+
+Burdett Informational [Page 265]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT PackagedContent (#PCDATA) >
+ <!ATTLIST PackagedContent
+ Name CDATA #IMPLIED
+ Content NMTOKEN "PCDATA"
+ Transform (NONE|BASE64) "NONE" >
+
+ <!--
+ ******************************************************
+ * TRADING COMPONENTS *
+ ******************************************************
+ -->
+ <!-- PROTOCOL OPTIONS COMPONENT -->
+ <!ELEMENT ProtocolOptions EMPTY >
+ <!ATTLIST ProtocolOptions
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ SenderNetLocn CDATA #IMPLIED
+ SecureSenderNetLocn CDATA #IMPLIED
+ SuccessNetLocn CDATA #REQUIRED >
+
+
+ <!-- AUTHENTICATION DATA COMPONENT -->
+ <!ELEMENT AuthReq (Algorithm, PackagedContent*)>
+ <!ATTLIST AuthReq
+ ID ID #REQUIRED
+ AuthenticationId CDATA #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- AUTHENTICATION RESPONSE COMPONENT -->
+ <!ELEMENT AuthResp (PackagedContent*) >
+ <!ATTLIST AuthResp
+ ID ID #REQUIRED
+ AuthenticationId CDATA #REQUIRED
+ SelectedAlgorithmRef NMTOKEN #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!-- TRADING ROLE INFO REQUEST COMPONENT -->
+ <!ELEMENT TradingRoleInfoReq EMPTY>
+ <!ATTLIST TradingRoleInfoReq
+ ID ID #REQUIRED
+ TradingRoleList NMTOKENS #REQUIRED >
+
+ <!-- ORDER COMPONENT -->
+ <!ELEMENT Order (PackagedContent*) >
+ <!ATTLIST Order
+ ID ID #REQUIRED
+
+
+
+Burdett Informational [Page 266]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ xml:lang NMTOKEN #REQUIRED
+ OrderIdentifier CDATA #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ ApplicableLaw CDATA #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!-- ORGANISATION COMPONENT -->
+ <!ELEMENT Org (TradingRole+, ContactInfo?,
+ PersonName?, PostalAddress?)>
+ <!ATTLIST Org
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ OrgId CDATA #REQUIRED
+ LegalName CDATA #IMPLIED
+ ShortDesc CDATA #IMPLIED
+ LogoNetLocn CDATA #IMPLIED >
+
+
+ <!ELEMENT TradingRole EMPTY >
+ <!ATTLIST TradingRole
+ ID ID#REQUIRED
+ TradingRole NMTOKEN #REQUIRED
+ IotpMsgIdPrefix NMTOKEN #REQUIRED
+ CancelNetLocn CDATA #IMPLIED
+ ErrorNetLocn CDATA #IMPLIED
+ ErrorLogNetLocn CDATA #IMPLIED >
+
+
+ <!ELEMENT ContactInfo EMPTY >
+ <!ATTLIST ContactInfo
+ xml:lang NMTOKEN #IMPLIED
+ Tel CDATA #IMPLIED
+ Fax CDATA #IMPLIED
+ Email CDATA #IMPLIED
+ NetLocn CDATA #IMPLIED >
+
+
+ <!ELEMENT PersonName EMPTY >
+ <!ATTLIST PersonName
+ xml:lang NMTOKEN #IMPLIED
+ Title CDATA #IMPLIED
+ GivenName CDATA #IMPLIED
+ Initials CDATA #IMPLIED
+ FamilyName CDATA #IMPLIED >
+
+
+
+
+
+Burdett Informational [Page 267]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT PostalAddress EMPTY >
+ <!ATTLIST PostalAddress
+ xml:lang NMTOKEN #IMPLIED
+ AddressLine1 CDATA #IMPLIED
+ AddressLine2 CDATA #IMPLIED
+ CityOrTown CDATA #IMPLIED
+ StateOrRegion CDATA #IMPLIED
+ PostalCode CDATA #IMPLIED
+ Country CDATA #IMPLIED
+ LegalLocation (True | False) 'False' >
+
+
+ <!-- BRAND LIST COMPONENT -->
+ <!ELEMENT BrandList (Brand+, ProtocolAmount+,
+ CurrencyAmount+, PayProtocol+) >
+ <!ATTLIST BrandList
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ShortDesc CDATA #REQUIRED
+ PayDirection (Debit | Credit) #REQUIRED >
+
+ <!ELEMENT Brand (ProtocolBrand*, PackagedContent*) >
+ <!ATTLIST Brand
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #IMPLIED
+ BrandId CDATA #REQUIRED
+ BrandName CDATA #REQUIRED
+ BrandLogoNetLocn CDATA #REQUIRED
+ BrandNarrative CDATA #IMPLIED
+ ProtocolAmountRefs IDREFS #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!ELEMENT ProtocolBrand (PackagedContent*) >
+ <!ATTLIST ProtocolBrand
+ ProtocolId CDATA #REQUIRED
+ ProtocolBrandId CDATA #REQUIRED >
+
+ <!ELEMENT ProtocolAmount (PackagedContent*) >
+ <!ATTLIST ProtocolAmount
+ ID ID #REQUIRED
+ PayProtocolRef IDREF #REQUIRED
+ CurrencyAmountRefs IDREFS #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!ELEMENT CurrencyAmount EMPTY >
+ <!ATTLIST CurrencyAmount
+ ID ID #REQUIRED
+ Amount CDATA #REQUIRED
+
+
+
+Burdett Informational [Page 268]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ CurrCodeType NMTOKEN 'ISO4217-A'
+ CurrCode CDATA #REQUIRED >
+
+ <!ELEMENT PayProtocol (PackagedContent*) >
+ <!ATTLIST PayProtocol
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #IMPLIED
+ ProtocolId NMTOKEN #REQUIRED
+ ProtocolName CDATA #REQUIRED
+ ActionOrgRef NMTOKEN #REQUIRED
+ PayReqNetLocn CDATA #IMPLIED
+ SecPayReqNetLocn CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- BRAND SELECTION COMPONENT -->
+ <!ELEMENT BrandSelection (BrandSelBrandInfo?,
+ BrandSelProtocolAmountInfo?,
+ BrandSelCurrencyAmountInfo?) >
+ <!ATTLIST BrandSelection
+ ID ID #REQUIRED
+ BrandListRef NMTOKEN #REQUIRED
+ BrandRef NMTOKEN #REQUIRED
+ ProtocolAmountRef NMTOKEN #REQUIRED
+ CurrencyAmountRef NMTOKEN #REQUIRED >
+
+ <!ELEMENT BrandSelBrandInfo (PackagedContent+) >
+ <!ATTLIST BrandSelBrandInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!ELEMENT BrandSelProtocolAmountInfo (PackagedContent+) >
+ <!ATTLIST BrandSelProtocolAmountInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!ELEMENT BrandSelCurrencyAmountInfo (PackagedContent+) >
+ <!ATTLIST BrandSelCurrencyAmountInfo
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+ <!-- PAYMENT COMPONENT -->
+ <!ELEMENT Payment EMPTY >
+ <!ATTLIST Payment
+ ID ID #REQUIRED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ BrandListRef NMTOKEN #REQUIRED
+
+
+
+Burdett Informational [Page 269]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ SignedPayReceipt (True | False) #REQUIRED
+ StartAfterRefs NMTOKENS #IMPLIED >
+
+
+ <!-- PAYMENT SCHEME COMPONENT -->
+ <!ELEMENT PaySchemeData (PackagedContent+) >
+ <!ATTLIST PaySchemeData
+ ID ID #REQUIRED
+ PaymentRef NMTOKEN #IMPLIED
+ ConsumerPaymentId CDATA #IMPLIED
+ PaymentHandlerPayId CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- PAYMENT RECEIPT COMPONENT -->
+ <!ELEMENT PayReceipt (PackagedContent*) >
+ <!ATTLIST PayReceipt
+ ID ID #REQUIRED
+ PaymentRef NMTOKEN #REQUIRED
+ PayReceiptNameRefs NMTOKENS #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- PAYMENT NOTE COMPONENT -->
+ <!ELEMENT PaymentNote (PackagedContent+) >
+ <!ATTLIST PaymentNote
+ ID ID #REQUIRED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- DELIVERY COMPONENT -->
+ <!ELEMENT Delivery (DeliveryData?, PackagedContent*) >
+ <!ATTLIST Delivery
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ DelivExch (True | False) #REQUIRED
+ DelivAndPayResp (True | False) #REQUIRED
+ ActionOrgRef NMTOKEN #IMPLIED >
+
+ <!ELEMENT DeliveryData (PackagedContent*) >
+ <!ATTLIST DeliveryData
+ xml:lang NMTOKEN #IMPLIED
+ OkFrom CDATA #REQUIRED
+ OkTo CDATA #REQUIRED
+ DelivMethod NMTOKEN #REQUIRED
+ DelivToRef NMTOKEN #REQUIRED
+ DelivReqNetLocn CDATA #IMPLIED
+ SecDelivReqNetLocn CDATA #IMPLIED
+
+
+
+Burdett Informational [Page 270]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- CONSUMER DELIVERY DATA COMPONENT -->
+ <!ELEMENT ConsumerDeliveryData EMPTY >
+ <!ATTLIST ConsumerDeliveryData
+ ID ID #REQUIRED
+ ConsumerDeliveryId CDATA #REQUIRED >
+
+
+ <!-- DELIVERY NOTE COMPONENT -->
+ <!ELEMENT DeliveryNote (PackagedContent+) >
+ <!ATTLIST DeliveryNote
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ DelivHandlerDelivId CDATA #IMPLIED
+ ContentSoftwareId CDATA #IMPLIED >
+
+
+ <!-- STATUS COMPONENT -->
+ <!ELEMENT Status EMPTY >
+ <!ATTLIST Status
+ ID ID #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ StatusType NMTOKEN #REQUIRED
+ ElRef NMTOKEN #IMPLIED
+ ProcessState (NotYetStarted | InProgress |
+ CompletedOk | Failed | ProcessError) #REQUIRED
+ CompletionCode NMTOKEN #IMPLIED
+ ProcessReference CDATA #IMPLIED
+ StatusDesc CDATA #IMPLIED >
+
+ <!-- TRADING ROLE DATA COMPONENT -->
+ <!ELEMENT TradingRoleData (PackagedContent+) >
+ <!ATTLIST TradingRoleData
+ ID ID #REQUIRED
+ OriginatorElRef NMTOKEN #REQUIRED
+ DestinationElRefs NMTOKENS #REQUIRED >
+
+ <!-- INQUIRY TYPE COMPONENT -->
+ <!ELEMENT InquiryType EMPTY >
+ <!ATTLIST InquiryType
+ ID ID #REQUIRED
+ Type NMTOKEN #REQUIRED
+ ElRef NMTOKEN #IMPLIED
+ ProcessReference CDATA #IMPLIED >
+
+
+
+
+
+Burdett Informational [Page 271]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!-- ERROR COMPONENT -->
+ <!ELEMENT ErrorComp (ErrorLocation+, PackagedContent*) >
+ <!ATTLIST ErrorComp
+ ID NMTOKEN #REQUIRED
+ xml:lang NMTOKEN #REQUIRED
+ ErrorCode NMTOKEN #REQUIRED
+ ErrorDesc CDATA #REQUIRED
+ Severity (Warning|TransientError|HardError) #REQUIRED
+ MinRetrySecs CDATA #IMPLIED
+ SwVendorErrorRef CDATA #IMPLIED >
+
+
+ <!ELEMENT ErrorLocation EMPTY >
+ <!ATTLIST ErrorLocation
+ ElementType NMTOKEN #REQUIRED
+ IotpMsgRef NMTOKEN #IMPLIED
+ BlkRef NMTOKEN #IMPLIED
+ CompRef NMTOKEN #IMPLIED
+ ElementRef NMTOKEN #IMPLIED
+ AttName NMTOKEN #IMPLIED >
+
+
+
+ <!--
+ ******************************************************
+ * TRADING BLOCKS *
+ ******************************************************
+ -->
+
+ <!-- TRADING PROTOCOL OPTIONS BLOCK -->
+ <!ELEMENT TpoBlk ( ProtocolOptions, BrandList*, Org* ) >
+ <!ATTLIST TpoBlk
+ ID ID #REQUIRED >
+
+
+ <!-- TPO SELECTION BLOCK -->
+ <!ELEMENT TpoSelectionBlk (BrandSelection+) >
+ <!ATTLIST TpoSelectionBlk
+ ID ID #REQUIRED >
+
+
+ <!-- OFFER RESPONSE BLOCK -->
+ <!ELEMENT OfferRespBlk (Status, Order?, Payment*,
+ Delivery?, TradingRoleData*) >
+ <!ATTLIST OfferRespBlk
+ ID ID #REQUIRED >
+
+
+
+
+
+Burdett Informational [Page 272]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!-- AUTHENTICATION REQUEST BLOCK -->
+ <!ELEMENT AuthReqBlk (AuthReq*, TradingRoleInfoReq?) >
+ <!ATTLIST AuthReqBlk
+ ID ID #REQUIRED >
+
+
+ <!-- AUTHENTICATION RESPONSE BLOCK -->
+ <!ELEMENT AuthRespBlk (AuthResp?, Org*) >
+ <!ATTLIST AuthRespBlk
+ ID ID #REQUIRED >
+
+
+ <!-- AUTHENTICATION STATUS BLOCK -->
+ <!ELEMENT AuthStatusBlk (Status) >
+ <!ATTLIST AuthStatusBlk
+ ID ID #REQUIRED >
+
+
+ <!-- PAYMENT REQUEST BLOCK -->
+ <!ELEMENT PayReqBlk (Status+, BrandList, BrandSelection,
+ Payment, PaySchemeData?, Org*, TradingRoleData*) >
+ <!ATTLIST PayReqBlk
+ ID ID #REQUIRED >
+
+
+ <!-- PAYMENT EXCHANGE BLOCK -->
+ <!ELEMENT PayExchBlk (PaySchemeData) >
+ <!ATTLIST PayExchBlk
+ ID ID #REQUIRED >
+
+
+ <!-- PAYMENT RESPONSE BLOCK -->
+ <!ELEMENT PayRespBlk (Status, PayReceipt?, PaySchemeData?,
+ PaymentNote?, TradingRoleData*) >
+ <!ATTLIST PayRespBlk
+ ID ID #REQUIRED >
+ <!-- DELIVERY REQUEST BLOCK -->
+ <!ELEMENT DeliveryReqBlk (Status+, Order, Org*, Delivery,
+ ConsumerDeliveryData?, TradingRoleData*) >
+ <!ATTLIST DeliveryReqBlk
+ ID ID #REQUIRED >
+
+
+ <!-- DELIVERY RESPONSE BLOCK -->
+ <!ELEMENT DeliveryRespBlk (Status, DeliveryNote) >
+ <!ATTLIST DeliveryRespBlk
+ ID ID #REQUIRED >
+
+
+
+
+Burdett Informational [Page 273]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!-- INQUIRY REQUEST BLOCK -->
+ <!ELEMENT InquiryReqBlk ( InquiryType, PaySchemeData? ) >
+ <!ATTLIST InquiryReqBlk
+ ID ID #REQUIRED >
+
+
+ <!-- INQUIRY RESPONSE BLOCK -->
+ <!ELEMENT InquiryRespBlk (Status, PaySchemeData?) >
+ <!ATTLIST InquiryRespBlk
+ ID ID #REQUIRED
+ LastReceivedIotpMsgRef NMTOKEN #IMPLIED
+ LastSentIotpMsgRef NMTOKEN #IMPLIED >
+
+
+ <!-- PING REQUEST BLOCK -->
+ <!ELEMENT PingReqBlk (Org*)>
+ <!ATTLIST PingReqBlk
+ ID ID #REQUIRED>
+
+
+ <!-- PING RESPONSE BLOCK -->
+ <!ELEMENT PingRespBlk (Org+)>
+ <!ATTLIST PingRespBlk
+ ID ID #REQUIRED
+ PingStatusCode (Ok | Busy | Down) #REQUIRED
+ SigVerifyStatusCode (Ok | NotSupported | Fail) #IMPLIED
+ xml:lang NMTOKEN #IMPLIED
+ PingStatusDesc CDATA #IMPLIED>
+
+
+ <!-- ERROR BLOCK -->
+ <!ELEMENT ErrorBlk (ErrorComp+, PaySchemeData*) >
+ <!ATTLIST ErrorBlk
+ ID ID #REQUIRED >
+
+
+ <!-- CANCEL BLOCK -->
+ <!ELEMENT CancelBlk (Status) >
+ <!ATTLIST CancelBlk
+ ID ID #REQUIRED >
+
+
+ <!--
+ ******************************************************
+ * IOTP SIGNATURES BLOCK DEFINITION *
+ ******************************************************
+ -->
+
+
+
+
+Burdett Informational [Page 274]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ELEMENT IotpSignatures (Signature+ ,Certificate*) >
+ <!ATTLIST IotpSignatures
+ ID ID #IMPLIED
+ >
+
+ <!--
+ ******************************************************
+ * IOTP SIGNATURE COMPONENT DEFINITION *
+ ******************************************************
+ -->
+
+ <!ELEMENT Signature (Manifest, Value+) >
+ <!ATTLIST Signature
+ ID ID #IMPLIED
+ >
+
+ <!ELEMENT Manifest
+ ( Algorithm+,
+ Digest+,
+ Attribute*,
+ OriginatorInfo,
+ RecipientInfo+
+ )
+ >
+
+ <!ATTLIST Manifest
+ LocatorHRefBase CDATA #IMPLIED
+ >
+
+ <!ELEMENT Algorithm (Parameter*) >
+ <!ATTLIST Algorithm
+ ID ID #REQUIRED
+ type (digest|signature) #IMPLIED
+ name NMTOKEN #REQUIRED
+ >
+
+ <!ELEMENT Digest (Locator, Value) >
+ <!ATTLIST Digest
+ DigestAlgorithmRef IDREF #REQUIRED
+ >
+
+ <!ELEMENT Attribute ( ANY ) >
+ <!ATTLIST Attribute
+ type NMTOKEN #REQUIRED
+ critical ( true | false ) #REQUIRED
+ >
+
+ <!ELEMENT OriginatorInfo ANY >
+
+
+
+Burdett Informational [Page 275]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ <!ATTLIST OriginatorInfo
+ OriginatorRef NMTOKEN #IMPLIED
+ >
+
+ <!ELEMENT RecipientInfo ANY >
+ <!ATTLIST RecipientInfo
+ SignatureAlgorithmRef IDREF #REQUIRED
+ SignatureValueRef IDREF #IMPLIED
+ SignatureCertRef IDREF #IMPLIED
+ RecipientRefs NMTOKENS #IMPLIED
+ >
+
+ <!ELEMENT KeyIdentifier EMPTY>
+ <!ATTLIST KeyIdentifier
+ value CDATA #REQUIRED
+ >
+
+ <!ELEMENT Parameter ANY >
+ <!ATTLIST Parameter
+ type CDATA #REQUIRED
+ >
+
+
+ <!--
+ ******************************************************
+ * IOTP CERTIFICATE COMPONENT DEFINITION *
+ ******************************************************
+ -->
+
+ <!ELEMENT Certificate
+ ( IssuerAndSerialNumber, ( Value | Locator ) )
+ >
+
+ <!ATTLIST Certificate
+ ID ID #IMPLIED
+ type NMTOKEN #REQUIRED
+ >
+
+ <!ELEMENT IssuerAndSerialNumber EMPTY >
+ <!ATTLIST IssuerAndSerialNumber
+ issuer CDATA #REQUIRED
+ number CDATA #REQUIRED
+ >
+
+ <!--
+ ******************************************************
+ * IOTP SHARED COMPONENT DEFINITION *
+ ******************************************************
+
+
+
+Burdett Informational [Page 276]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ -->
+ <!ELEMENT Value ( #PCDATA ) >
+ <!ATTLIST Value
+ ID ID #IMPLIED
+ encoding (base64|none) 'base64'
+ >
+
+ <!ELEMENT Locator EMPTY>
+ <!ATTLIST Locator
+ xml:link CDATA #FIXED 'simple'
+ href CDATA #REQUIRED
+ >
+
+14. Glossary
+
+ This section contains a glossary of some of the terms used within
+ this specification in alphabetical order.
+
+ NAME DESCRIPTION
+
+ Authenticator The Organisation which is requesting the
+ authentication of another Organisation, and
+
+ Authenticatee The Organisation being authenticated by an
+ Authenticator
+
+ Business Error See Status Component.
+
+ Brand A Brand is the mark which identifies a particular
+ type of Payment Instrument. A list of Brands are
+ the payment options which are presented by the
+ Merchant to the Consumer and from which the
+ Consumer makes a selection. Each Brand may have a
+ different Payment Handler. Examples of Brands
+ include:
+ o payment association and proprietary Brands,
+ for example MasterCard, Visa, American Express,
+ Diners Club, American Express, Mondex,
+ GeldKarte, CyberCash, etc.
+ o Promotional Brands (see below). These include:
+ o store Brands, where the Payment Instrument is
+ issued to a Consumer by a particular Merchant,
+ for example Walmart, Sears, or Marks and
+ Spencer (UK)
+ o coBrands, for example American Advantage Visa,
+ where an a company uses their own Brand in
+ conjunction with, typically, a payment
+ association Brand.
+
+
+
+Burdett Informational [Page 277]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Consumer The Organisation which is to receive the benefit
+ of and typically pay for the goods or services.
+
+ ContentSoftwareId This contains information which identifies the
+ software which generated the content of the
+ element. Its purpose is to help resolve
+ interoperability problems that might occur as a
+ result of incompatibilities between messages
+ produced by different software. It is a single
+ text string in the language defined by xml:lang.
+ It must contain, as a minimum:
+ o the name of the software manufacturer
+ o the name of the software
+ o the version of the software, and
+ o the build of the software
+
+ It is recommended that this attribute is included
+ whenever the software which generated the content
+ cannot be identified from the SoftwareId attribute
+ on the Message Id Component (see section 3.3.2)
+
+ Customer Care An Organisation that is providing customer care
+ Provider typically on behalf of a Merchant. Examples of
+ customer care include, responding to problems
+ raised by a Consumer arising from an IOTP
+ Transaction that the Consumer took part in.
+
+ Delivery Handler The Organisation that directly delivers the goods
+ or services to the Consumer on behalf of the
+ Merchant. Delivery can be in the form of either
+ digital goods (e.g., a [MIME] message), or
+ physically delivered using the post or a courier.
+
+ Document Exchange A Document Exchange consists of a set of IOTP
+ Messages exchanged between two parties that
+ implement part or all of two Trading Exchanges
+ simultaneously in order to minimise the number of
+ actual IOTP Messages which must be sent over the
+ Internet.
+
+ Document Exchanges are combined together in
+ sequence to implement a particular IOTP
+ Transaction.
+
+ Dual Brand A Dual Brand means that a single Payment
+ Instrument may be used as if it were two separate
+ Brands. For example there could be a single
+ Japanese "UC" MasterCard which can be used as
+
+
+
+Burdett Informational [Page 278]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ either a UC card or a regular MasterCard. The UC
+ card Brand and the MasterCard Brand could each
+ have their own separate Payment Handlers. This
+ means that:
+ o the Merchant treats, for example "UC" and
+ "MasterCard" as two separate Brands when
+ offering a list of Brands to the Consumer,
+ o the Consumer chooses a Brand, for example
+ either "UC" or "MasterCard,
+ o the Consumer IOTP aware application determines
+ which Payment Instrument(s) match the chosen
+ Brand, and selects, perhaps with user
+ assistance, the correct Payment Instrument to
+ use.
+
+ Error Block An Error Block reports that a Technical Error was
+ found in an IOTP Message that was previously
+ received. Typically Technical Errors are caused by
+ errors in the XML which has been received or some
+ technical failure of the processing of the IOTP
+ Message. Frequently the generation or receipt of
+ an Error Block will result in failure of the IOTP
+ Transaction. They are distinct from Business
+ Errors, reported in a Status Component, which can
+ also cause failure of an IOTP Transaction.
+
+ Exchange Block An Exchange Block is sent between the two Trading
+ Roles involved in a Trading Exchange. It contains
+ one or more Trading Components. Exchange Blocks
+ are always sent after a Request Block and before a
+ Response Block in a Trading Exchange. The content
+ of an Exchange Block is dependent on the type of
+ Trading Exchange being carried out.
+
+ IOTP Message An IOTP Message is the outermost wrapper for the
+ document(s) which are sent between Trading Roles
+ that are taking part in a trade. It is a well
+ formed XML document. The documents it contains
+ consist of:
+ o a Transaction Reference Block to uniquely
+ identify the IOTP Transaction of which the IOTP
+ Message is part,
+ o an optional Signature Block to digitally sign
+ the Trading Blocks or Trading Components
+ associated with the IOTP Transaction
+ o an optional Error Block to report on technical
+ errors contained in a previously received IOTP
+ Message, and
+
+
+
+Burdett Informational [Page 279]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ o a collection of IOTP Trading Blocks which
+ carries the data required to carry out an IOTP
+ Transaction.
+
+ IOTP Transaction An instance of an Internet Open Trading Protocol
+ Transaction consists of a set of IOTP Messages
+ transferred between Trading Roles. The rules for
+ what may be contained in the IOTP Messages is
+ defined by the Transaction Type of the IOTP
+ Transaction.
+
+ IOTP Transaction A Transaction Type identifies the type an of IOTP
+ Type Transaction. Examples of Transaction Type include:
+ Purchase, Refund, Authentication, Withdrawal,
+ Deposit (of electronic cash). The Transaction Type
+ specifies for an IOTP Transaction:
+ o the Trading Exchanges which may be included in
+ the transaction,
+ o how those Trading Exchanges may be combined to
+ meet the business needs of the transaction
+ o which Trading Blocks may be included in the
+ IOTP Messages that make up the transaction
+ o Consult this specification for the rules that
+ apply for each Transaction Type.
+
+ Merchant The Organisation from whom the service or goods
+ are being obtained, who is legally responsible for
+ providing the goods or services and receives the
+ benefit of any payment made
+
+ Merchant Customer The Organisation that is involved with customer
+ Care Provider dispute negotiation and resolution on behalf of
+ the Merchant
+
+ Organisation A company or individual that takes part in a Trade
+ as a Trading Role. The Organisations may take one
+ or more of the roles involved in the Trade
+
+ Payment Handler The Organisation that physically receives the
+ payment from the Consumer on behalf of the
+ Merchant
+
+ Payment A Payment Instrument is the means by which
+ Instrument Consumer pays for goods or services offered by a
+ Merchant. It can be, for example:
+ o a credit card such as MasterCard or Visa;
+ o a debit card such as MasterCard's Maestro;
+ o a smart card based electronic cash Payment
+
+
+
+Burdett Informational [Page 280]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Instrument such as a Mondex Card, a GeldKarte
+ card or a Visa Cash card
+ o a software based electronic payment account
+ such as a CyberCash's CyberCoin or DigiCash
+ account.
+
+ All Payment Instruments have a number, typically
+ an account number, by which the Payment Instrument
+ can be identified.
+
+ Promotional Brand A Promotional Brand means that, if the Consumer
+ pays with that Brand, then the Consumer will
+ receive some additional benefit which can be
+ received in two ways:
+ o at the time of purchase. For example if a
+ Consumer pays with a "Walmart MasterCard" at a
+ Walmart web site, then a 5% discount might
+ apply, which means the Consumer actually pays
+ less,
+ o from their Payment Instrument (card) issuer
+ when the payment appears on their statement.
+ For example loyalty points in a frequent flyer
+ scheme could be awarded based on the total
+ payments made with the Payment Instrument since
+ the last statement was issued.
+
+ Each Promotional Brand should be identified as a
+ separate Brand in the list of Brands offered by
+ the Merchant.
+
+ Receipt Component A Receipt Component is a record of the successful
+ completion of a Trading Exchange. Examples of
+ Receipt Components include: Payment Receipts, and
+ Delivery Notes. It's content may dependent on the
+ technology used to perform the Trading Exchange.
+ For example a Secure Electronic Transaction (SET)
+ payment receipt consists of SET payment messages
+ which record the result of the payment.
+
+ Request Block A Request Block is Trading Block that contains a
+ request for a Trading Exchange to start. The
+ Trading Components in a Request Block may be
+ signed by a Signature Block so that their
+ authenticity may be checked and to determine that
+ the Trading Exchange being requested is
+ authorised. Authorisation for a Trading Exchange
+ to start can be provided by the signatures
+ contained on Receipt Components contained in
+
+
+
+Burdett Informational [Page 281]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Response Blocks resulting from previously
+ completed Trading Exchanges. Examples of Request
+ Blocks are Payment Request and Delivery Request
+
+ Response Block A Response Block is a Trading Block that indicates
+ that a Trading Exchange is complete. It is sent by
+ the Trading Role that received a Request Block to
+ the Trading Role that sent the Request Block. The
+ Response Block contains a Status Component that
+ contains information about the completion of the
+ Trading Exchange, for example it indicates whether
+ or not the Trading Exchange completed
+ successfully. For some Trading Exchanges the
+ Response Block contains a Receipt Component that
+ forms a record of the Trading Exchange. Receipt
+ Components may be digitally signed using a
+ Signature Block to make completion non-refutable.
+ Examples of Response Blocks include Offer
+ Response, Payment Response and Delivery Response.
+
+ Signature Block A Signature Block is a Trading Block that contains
+ one or more digital signatures in the form of
+ Signature Components. A Signature Component may
+ digitally sign any Block or Component in any IOTP
+ Message in the same IOTP Transaction.
+
+ Status Component A Status Component contains information that
+ describes the state of a Trading Exchange.
+
+ Before the Trading Exchange is complete the Status
+ Component can indicate information about how the
+ Trading Exchange is progressing.
+
+ Once a Trading Exchange is complete the Status
+ Component can only indicate the success of the
+ Trading Exchange or that a Business Error has
+ occurred.
+
+ A Business Error indicates that continuation with
+ the Trading Exchange was not possible because of
+ some business rule or logic, for example,
+ "insufficient funds available", rather than any
+ Technical Error associated with the content or
+ format of the IOTP Messages in the IOTP
+ Transaction.
+
+ Technical Error See Error Block.
+
+
+
+
+Burdett Informational [Page 282]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Trading Block A Trading Block consists of one or more Trading
+ Components. One or more Trading Blocks may be
+ contained within the IOTP Messages which are
+ physically sent in the form of [XML] documents
+ between the different Trading Roles that are
+ taking part in a trade. Trading Blocks are of
+ three main types:
+ o a Request Block,
+ o an Exchange Block, or a
+ o a Response Block
+
+ Trading Component A Trading Component is a collection of XML
+ elements and attributes. Trading Components are
+ the child elements of the Trading Blocks. Examples
+ of Trading Components are: Offer, Brand List,
+ Payment Receipt, Delivery [information], Payment
+ Amount [information]
+
+ Trading Exchange A Trading Exchange consists of the exchange,
+ between two Trading Roles, of a sequence of
+ documents. The documents may be in the form of
+ Trading Blocks or they may be transferred by some
+ other means, for example through entering data
+ into a web page. Each Trading Exchange consists of
+ three main parts:
+ o the sending of a Request Block by one Trading
+ Role (the initiator) to another Trading Role
+ (the recipient),
+ o the optional exchange of one or more Exchange
+ Blocks between the recipient and the initiator,
+ until eventually,
+ o the Trading Role that received the Request
+ Block sends a Response Block to the initiator.
+
+ A Trading Exchange is designed to implement a
+ useful service of some kind. Examples of Trading
+ Exchanges/services are:
+ o Offer, which results in a Consumer receiving
+ an offer from a Merchant to carry out a
+ business transaction of some kind,
+ o Payment, where a Consumer makes a payment to a
+ Payment Handler,
+ o Delivery, where a Consumer requests, and
+ optionally obtains, delivery of goods or
+ services from a Delivery Handler, and
+ o Authentication, where any Trading Role may
+ request and receive information about another
+ Trading Role.
+
+
+
+Burdett Informational [Page 283]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ Trading Role A Trading Role identifies the different ways in
+ which Organisations can participate in a trade.
+ There are five Trading Roles: Consumer, Merchant,
+ Payment Handler, Delivery Handler, and Merchant
+ Customer Care Provider.
+
+ Transaction A Transaction Reference Block identifies an IOTP
+ Reference Block Transaction. It contains data that identifies:
+ o the Transaction Type,
+ o the IOTP Transaction uniquely, through a
+ globally unique transaction identifier
+ o the IOTP Message uniquely within the IOTP
+ Transaction, through a message identifier
+
+ The Transaction Reference Block may also contain
+ references to other transactions which may or may
+ not be IOTP Transactions
+
+15. References
+
+ This section contains references to related documents identified in
+ this specification.
+
+ [Base64] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part One: Format of Internet Message
+ Bodies", RFC 2045, November 1996.
+
+ [DOM-HASH] Maruyama, H., Tamura, K. and N. Uramoto, "Digest Values
+ for DOM (DOMHASH)", RFC 2803, April 2000.
+
+ [DNS] Mockapetris, P., "Domain names - concepts and
+ facilities", STD 13, RFC 1034, November 1987.
+
+ [DNS] Mockapetris, P., "Domain names - implementation and
+ specification", STD 13, RFC 1035, November 1987.
+
+ [DSA] The Digital Signature Algorithm (DSA) published by the
+ National Institute of Standards and Technology (NIST) in
+ the Digital Signature Standard (DSS), which is a part of
+ the US government's Capstone project.
+
+ [ECCDSA] Elliptic Curve Cryptosystems Digital Signature Algorithm
+ (ECCDSA). Elliptic curve cryptosystems are analogues of
+ public-key cryptosystems such as RSA in which modular
+ multiplication is replaced by the elliptic curve addition
+ operation. See: V. S. Miller. Use of elliptic curves in
+ cryptography. In Advances in Cryptology - Crypto '85,
+ pages 417-426, Springer-Verlag, 1986.
+
+
+
+Burdett Informational [Page 284]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ [HMAC] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
+ Hashing for Message Authentication", RFC 2104, February
+ 1997.
+
+ [HTML] Berners-Lee, T. and D. Connolly, "Hypertext Markup
+ Language - 2.0", RFC 1866, November 1995.
+
+ [HTML] Hyper Text Mark Up Language. The Hypertext Mark-up
+ Language (HTML) is a simple mark-up language used to
+ create hypertext documents that are platform independent.
+ See the World Wide Web (W3C) consortium web site at:
+ http://www.w3.org/MarkUp/
+
+ [HTTP] Berners-Lee, T., Fielding, R. and H. Frystyk, "Hypertext
+ Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996.
+
+ [HTTP] Fielding, R., Gettys, J., Mogul, J., Frystyk, T. and T.
+ Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1.",
+ RFC 2616, June 1999.
+
+ [IANA] The Internet Assigned Numbers Authority. The organisation
+ responsible for co-ordinating the names and numbers
+ associated with the Internet. See http://www.iana.org/
+
+ [ISO4217] ISO 4217: Codes for the Representation of Currencies.
+ Available from ANSI or ISO.
+
+ [IOTPDSIG] Davidson, K. and Y. Kawatsura, "Digital Signatures for
+ the v1.0 Internet Open Trading Protocol (IOTP)", RFC
+ 2802, April 2000.
+
+ [MD5] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
+ April 1992.
+
+ [MIME] Crocker, D., "Standard for the Format of ARPA Internet
+ Text Messages", STD 11, RFC 822, August 1982.
+
+ [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part One: Format of Internet Message
+ Bodies", RFC 2045, November 1996.
+
+ [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part Two: Media Types", RFC 2046,
+ November 1996.
+
+ [MIME] Moore, K., "MIME (Multipurpose Internet Mail Extensions)
+ Part Three: Message Header Extensions for Non-ASCII Text"
+ RFC 2047, November 1996.
+
+
+
+Burdett Informational [Page 285]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ [MIME] Freed, N., Klensin, J. and J. Postel, "Multipurpose
+ Internet Mail Extensions (MIME) Part Four: Registration
+ Procedures", RFC 2048, November 1996.
+
+ [MIME] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part Five: Conformance Criteria and
+ Examples" RFC 2049, November 1996.
+
+ [OPS] Open Profiling Standard. A proposed standard which
+ provides a framework with built-in privacy safeguards for
+ the trusted exchange of profile information between
+ individuals and web sites. Being developed by Netscape
+ and Microsoft amongst others.
+
+ [RFC1738] Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform
+ Resource Locators (URL)", RFC 1738, December 1994.
+
+ [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
+ IANA Considerations Section in RFCs", BCP 26, RFC 2434,
+ October 1998.
+
+ [RSA] RSA is a public-key cryptosystem for both encryption and
+ authentication supported by RSA Data Security Inc. See:
+ R. L. Rivest, A. Shamir, and L.M. Adleman. A method for
+ obtaining digital signatures and public-key
+ cryptosystems. Communications of the ACM, 21(2): 120-126,
+ February 1978.
+
+ [SCCD] Secure Channel Credit Debit. A method of conducting a
+ credit or debit card payment where unauthorised access to
+ account information is prevented through use of secure
+ channel transport mechanisms such as SSL/TLS. An IOTP
+ supplement describing how SCCD works is under
+ development.
+
+ [SET] Secure Electronic Transaction Specification, Version 1.0,
+ May 31, 1997. Supports credit and debit card payments
+ using certificates at the Consumer and Merchant to help
+ ensure authenticity. Download from:
+ <http://www.setco.org>.
+
+ [SSL/TLS] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
+ RFC 2246, January 1999.
+
+ [SHA1] [FIPS-180-1]"Secure Hash Standard", National Institute of
+ Standards and Technology, US Department Of Commerce,
+ April 1995. Also known as: 59 Fed Reg. 35317 (1994). See
+ http://www.itl.nist.gov/div897/pubs/fip180-1.htm
+
+
+
+Burdett Informational [Page 286]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ [UTC] Universal Time Co-ordinated. A method of defining time
+ absolutely relative to Greenwich Mean Time (GMT).
+ Typically of the form: "CCYY-MM-DDTHH:MM:SS.sssZ+n"
+ where the "+n" defines the number of hours from GMT. See
+ ISO DIS8601.
+
+ [UTF16] The Unicode Standard, Version 2.0. The Unicode
+ Consortium, Reading, Massachusetts. See ISO/IEC 10646 1
+ Proposed Draft Amendment 1
+
+ [X.509] ITU Recommendation X.509 1993 | ISO/IEC 9594-8: 1995,
+ Including Draft Amendment 1: Certificate Extensions
+ (Version 3 Certificate)
+
+ [XML Recommendation for Namespaces in XML, World Wide Web
+ Namespace] Consortium, 14 January 1999, "http://www.w3.org/TR/REC-
+ xml-names"
+
+ [XML] Extensible Mark Up Language. A W3C recommendation. See
+ http://www.w3.org/TR/1998/REC-xml-19980210 for the 10
+ February 1998 version.
+
+16. Author's Address
+
+ The author of this document is:
+
+ David Burdett
+ Commerce One
+ 4440 Rosewood Drive, Bldg 4
+ Pleasanton
+ California 94588
+ USA
+
+ Phone: +1 (925) 520 4422
+ EMail: david.burdett@commerceone.com
+
+ The author of this document particularly wants to thank Mondex
+ International Limited (www.mondex.com) for the tremendous support
+ provided in the formative stages of the development of this
+ specification.
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 287]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ In addition the author appreciates the following contributors to this
+ protocol (in alphabetic order of company) without which it could not
+ have been developed.
+
+ - Phillip Mullarkey, British Telecom plc
+
+ - Andrew Marchewka, Canadian Imperial Bank of Commerce
+
+ - Brian Boesch, CyberCash Inc.
+
+ - Tom Arnold, CyberSource
+
+ - Terry Allen, Commerce One (formally Veo Systems)
+
+ - Richard Brown, GlobeSet Inc.
+
+ - Peter Chang, Hewlett Packard
+
+ - Masaaki Hiroya, Hitachi Ltd
+
+ - Yoshiaki Kawatsura, Hitachi Ltd
+
+ - Mark Linehan, International Business Machines
+
+ - Jonathan Sowler, JCP Computer Services Ltd
+
+ - John Wankmueller, MasterCard International
+
+ - Steve Fabes, Mondex International Ltd
+
+ - Donald Eastlake 3rd, Motorola Inc (formerly International
+ Business Machines Inc)
+
+ - Surendra Reddy, Oracle Corporation
+
+ - Akihiro Nakano, Plat Home, Inc. (ex Hitachi Ltd)
+
+ - Chris Smith, Royal Bank of Canada
+
+ - Hans Bernhard-Beykirch, SIZ (IT Development and Coordination
+
+ Centre of the German Savings Banks Organisation)
+
+ - W. Reid Carlisle, Spyrus (ex Citibank Universal Card Services,
+ formally AT&T Universal Card Services)
+
+ - Efrem Lipkin, Sun Microsystems
+
+
+
+
+Burdett Informational [Page 288]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+ - Tony Lewis, Visa International
+
+ The author would also like to thank the following organisations for
+ their support:
+
+ - Amino Communications
+
+ - DigiCash
+
+ - Fujitsu
+
+ - General Information Systems
+
+ - Globe Id Software
+
+ - Hyperion
+
+ - InterTrader
+
+ - Nobil I T Corp
+
+ - Mercantec
+
+ - Netscape
+
+ - Nippon Telegraph and Telephone Corporation
+
+ - Oracle Corporation
+
+ - Smart Card Integrations Ltd.
+
+ - Spyrus
+
+ - Verifone
+
+ - Unisource nv
+
+ - Wells Fargo Bank
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 289]
+
+RFC 2801 IOTP/1.0 April 2000
+
+
+17. Full Copyright Statement
+
+ Copyright (C) The Internet Society (2000). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Burdett Informational [Page 290]
+