From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc3504.txt | 339 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 339 insertions(+) create mode 100644 doc/rfc/rfc3504.txt (limited to 'doc/rfc/rfc3504.txt') diff --git a/doc/rfc/rfc3504.txt b/doc/rfc/rfc3504.txt new file mode 100644 index 0000000..17236ad --- /dev/null +++ b/doc/rfc/rfc3504.txt @@ -0,0 +1,339 @@ + + + + + + +Network Working Group D. Eastlake +Request for Comments: 3504 Motorola +Category: Informational March 2003 + + + Internet Open Trading Protocol (IOTP) + Version 1, Errata + +Status of this Memo + + This memo provides information for the Internet community. It does + not specify an Internet standard of any kind. Distribution of this + memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2003). All Rights Reserved. + +Abstract + + Since the publication of the RFCs specifying Version 1.0 of the + Internet Open Trading Protocol (IOTP), some errors have been noted. + This informational document lists these errors and provides + corrections for them. + +Table of Contents + + 1. Introduction.................................................... 2 + 2. DTD Errata...................................................... 2 + 2.1 PackagedContent Element..................................... 2 + 2.2 The Element called Attribute................................ 3 + 3. Other Errata.................................................... 3 + 3.1 Re: Combining Authentication Transactions with other + Transactions................................................ 3 + 3.2 Type attribute of Element called Attribute.................. 3 + 4. Security Considerations......................................... 4 + 5. References...................................................... 4 + 6. Acknowledgements................................................ 4 + 7. Author's Address................................................ 5 + 8. Full Copyright Statement........................................ 6 + + + + + + + + + + + +Eastlake Informational [Page 1] + +RFC 3504 IOTP v1 Errata March 2003 + + +1. Introduction + + The Internet Open Trading Protocol (IOTP), Version 1.0, is specified + in [RFC 2801, 2802, 2803]. It provides a payment system independent + framework for Internet commerce oriented to consumer to business + transactions. It provides mechanism for different portions of the + business function, such as fulfillment or payment handling, to be + distributed or outsourced. It does not require a prior relationship + between the consumer and business. + + Several errors have been noted in the IOTP v1.0 specification, + particularly RFC 2801, which was the largest RFC ever issued. These + are listed, with their fix, in this document. + +2. DTD Errata + +2.1 PackagedContent Element + + Attribute types are swapped. + + OLD/INCORRECT: + !ELEMENT PackagedContent (#PCDATA) > + + + NEW/CORRECT: + + + + + + + + + + + + + + + + + + + + +Eastlake Informational [Page 2] + +RFC 3504 IOTP v1 Errata March 2003 + + +2.2 The Element called Attribute + + Incorrect element content specification syntax. + + OLD/INCORRECT: + + + + NEW/CORRECT + + + +3. Other Errata + +3.1 Re: Combining Authentication Transactions with other Transactions + + Section 9.1.13. page 234, restarted->continued: + + OLD/INCORRECT: + if the Authentication transaction is successful, then the original + IOTP Transaction is restarted + + NEW/CORRECT: + if the Authentication transaction is successful, then the original + IOTP Transaction is continued + +3.2 Type attribute of Element called Attribute + + Section 7.19.1, Page 150, insufficient list of signature types: + + OLD/INCORRECT: + There must be one and only one Attribute Element that contains a + Type attribute with a value of IOTP Signature Type and with + content set to either: OfferResponse, PaymentResponse, + DeliveryResponse, AuthenticationRequest, AuthenticationResponse, + PingReq or PingResponse; depending on the type of the signature. + + + + + + + + + +Eastlake Informational [Page 3] + +RFC 3504 IOTP v1 Errata March 2003 + + + NEW/CORRECT: + There must be one and only one Attribute Element that contains a + Type attribute with a value of IOTP Signature Type and with + content set to either: OfferResponse, PaymentResponse, + DeliveryResponse, AuthenticationRequest, AuthenticationResponse, + PingReq, PingResponse, AuthenticationStatus, InquiryRequest, or + InquiryResponse; depending on the type of the signature. + + AND a similar change extending the list of values in Section 12.1, + Page 262. + + And at Section 6.1.2, Page 82, add the following: + + AuthenticationStatus any role + + InquiryRequest any role + + InquiryResponse any role + +4. Security Considerations + + The errata listed herein are not particularly security related. + Never the less, incorrect implementations due to uncorrected errors + in the specification may compromise security. + +5. References + + [RFC 2801] Burdett, D., "Internet Open Trading Protocol - IOTP + Version 1.0", RFC 2801, April 2000. + + [RFC 2802] Davidson, K. and Y. Kawatsura, "Digital Signatures for the + v1.0 Internet Open Trading Protocol (IOTP)", RFC 2802, + April 2000. + + [RFC 2803] Maruyama, H., Tamura, K. and N. Uramoto, "Digest Values + for DOM (DOMHASH)", RFC 2803, April 2000. + +6. Acknowledgements + + Thanks to the following people for reporting or responding to reports + of these errata: + + Harald Barrera Dubois, Yoshiaki Kawatsura, Chun Ouyang + + + + + + + + +Eastlake Informational [Page 4] + +RFC 3504 IOTP v1 Errata March 2003 + + +7. Author's Address + + Donald E. Eastlake 3rd + Motorola + 155 Beaver Street + Milford, MA 01757 USA + + Phone: +1-508-851-8280 (w) + +1-508-634-2066 (h) + EMail: Donald.Eastlake@motorola.com + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Eastlake Informational [Page 5] + +RFC 3504 IOTP v1 Errata March 2003 + + +8. Full Copyright Statement + + Copyright (C) The Internet Society (2003). All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph are + included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + This document and the information contained herein is provided on an + "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING + TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING + BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION + HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF + MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + + + + + + + + + + + + + +Eastlake Informational [Page 6] + -- cgit v1.2.3