draft-ietf-trade-iotp-http-05.txt   draft-ietf-trade-iotp-http-06.txt 
INTERNET-DRAFT IOTP HTTP Supplement INTERNET-DRAFT IOTP HTTP Supplement
April 2000 June 2000
Expires October 2000 Expires December 2000
Internet Open Trading Protocol (IOTP) HTTP Supplement Internet Open Trading Protocol (IOTP) HTTP Supplement
-------- ---- ------- -------- ------ ---- ---------- -------- ---- ------- -------- ------ ---- ----------
<draft-ietf-trade-iotp-http-05.txt> <draft-ietf-trade-iotp-http-06.txt>
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Chris J. Smith Chris J. Smith
Status of This Document Status of This Document
This draft is intended to become a Proposed Standard RFC. This draft is intended to become a Proposed Standard RFC.
Distribution of this document is unlimited. Comments should be sent Distribution of this document is unlimited. Comments should be sent
to the TRADE WG mailing list <ietf-trade@eListX.com> or to the to the TRADE WG mailing list <ietf-trade@lists.eListX.com> or to the
authors. authors.
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. Internet-Drafts are working all provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
skipping to change at page 1, line 39 skipping to change at page 1, line 39
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
Internet Open Trading Protocol (IOTP [draft-ietf-trade-iotp-v1.0- Internet Open Trading Protocol (IOTP [RFC 2801]) messages will be
protocol-*.txt]) messages will be carried as XML documents. As such, carried as XML documents. As such, the goal of mapping to the
the goal of mapping to the transport layer is to ensure that the transport layer is to ensure that the underlying XML documents are
underlying XML documents are carried successfully between the various carried successfully between the various parties.
parties.
This documents describes that mapping for the Hyper Text Transport This documents describes that mapping for the Hyper Text Transport
Protocol (HTTP), Versions 1.0 and 1.1. Protocol (HTTP), Versions 1.0 and 1.1.
Table of Contents Table of Contents
Status of This Document....................................1 Status of This Document....................................1
Abstract...................................................1 Abstract...................................................1
Table of Contents..........................................2 Table of Contents..........................................2
skipping to change at page 5, line 20 skipping to change at page 5, line 20
Subsequent IOTP messages (XML documents) will be sent using the POST Subsequent IOTP messages (XML documents) will be sent using the POST
function of HTTP. The HTTP client has to perform full HTTP POST function of HTTP. The HTTP client has to perform full HTTP POST
requests. requests.
The XML documents will be sent in a manner compatible with the The XML documents will be sent in a manner compatible with the
external encodings allowed by the XML [XML] specification. external encodings allowed by the XML [XML] specification.
4.3 Stopping an IOTP Transaction 4.3 Stopping an IOTP Transaction
The following should be read in conjunction with [draft-ietf-trade- The following should be read in conjunction with [RFC 2801].
iotp-v1.0-protocol-*.txt]
An IOTP Transaction is complete when An IOTP Transaction is complete when
-- the IOTP client decides to fail the IOTP Transaction for some -- the IOTP client decides to fail the IOTP Transaction for some
reason either by canceling the transaction or as a result of reason either by canceling the transaction or as a result of
discovering an error in an IOTP message received, or discovering an error in an IOTP message received, or
-- a "time out" occurs or a connection fails, e.g. a response to an -- a "time out" occurs or a connection fails, e.g. a response to an
IOTP Message, has not been received after some user-defined period IOTP Message, has not been received after some user-defined period
of Time (including retransmissions). of Time (including retransmissions).
skipping to change at page 6, line 33 skipping to change at page 6, line 32
Payment Handler and Deliverer IOTP Servers are started by receiving Payment Handler and Deliverer IOTP Servers are started by receiving
an IOTP Message which contains: an IOTP Message which contains:
-- for a Payment handler, a Payment Request Block, and -- for a Payment handler, a Payment Request Block, and
-- for a Delivery Handler, a Delivery Request Block -- for a Delivery Handler, a Delivery Request Block
6. Security Considerations 6. Security Considerations
Security of Internet Open Trade Protocol messages is primarily Security of Internet Open Trade Protocol messages is primarily
dependent on signatures within IOTP as described in [draft-ietf- dependent on signatures within IOTP as described in [RFC 2801] and
trade-iotp-v1.0-protocol-*.txt] and [draft-ietf-trade-iotp-v1.0- [RFC 2802]. Privacy protection for IOTP interactions should be
dsig-*.txt]. Privacy protection for IOTP interactions should be
obtained by using a secure channel for IOTP messages, such as SSL/TLS obtained by using a secure channel for IOTP messages, such as SSL/TLS
[RFC 2246]. [RFC 2246].
Note that the security of payment protocols transported by IOTP is Note that the security of payment protocols transported by IOTP is
the responsibility of those payment protocols, NOT of IOTP. the responsibility of those payment protocols, NOT of IOTP.
7. IANA Considerations 7. IANA Considerations
This specification defines the application/iotp mime type. The This specification defines the application/iotp mime type. The
registration template is as follows [RFC 2048]: registration template is as follows [RFC 2048]:
skipping to change at page 7, line 20 skipping to change at page 7, line 18
Required parameters: (none) Required parameters: (none)
Optional parameters: charset - see RFC 2376 Optional parameters: charset - see RFC 2376
Encoding considerations: Content is XML and may in some cases Encoding considerations: Content is XML and may in some cases
require quoted printable or base64 encoding. However, no encoding require quoted printable or base64 encoding. However, no encoding
is required for HTTP transport which is expected to be common. is required for HTTP transport which is expected to be common.
Security considerations: IOTP includes provisions for digital Security considerations: IOTP includes provisions for digital
authentication but for confidentiality, other mechanisms such as authentication but for confidentiality, other mechanisms such as
TLS should be used. See draft-ietf-trade-iotp-v1.0-protocol- TLS should be used. See RFC 2801 and RFC 2802.
07.txt and draft-ietf-trade-iotp-v1.0-dsig-*.txt in RFC Editor's
queue.
Interoperability considerations: See draft-ietf-trade-iotp-v1.0- Interoperability considerations: See RFC 2801.
protocol-07.txt in RFC Editor's queue.
Published specification: See draft-ietf-trade-iotp-v1.0-protocol- Published specification: See RFC 2801 and RFC 2802.
07.txt and draft-ietf-trade-iotp-v1.0-dsig-*.txt in RFC Editor's
queue.
Applications which use this media type: Internet Open Trading Applications which use this media type: Internet Open Trading
Protocol applications. Protocol applications.
Additional information: (none) Additional information: (none)
Person & email address to contact for further information: Person & email address to contact for further information:
Name: Donald E. Eastlake 3rd Name: Donald E. Eastlake 3rd
Email: Donald.Eastlake@motorola.com Email: Donald.Eastlake@motorola.com
skipping to change at page 8, line 29 skipping to change at page 8, line 29
[RFC 2376] - "XML Media Types", E. Whitehead, M. Murata. July 1998. [RFC 2376] - "XML Media Types", E. Whitehead, M. Murata. July 1998.
[RFC 2396] - "Uniform Resource Identifiers (URI): Generic Syntax", T. [RFC 2396] - "Uniform Resource Identifiers (URI): Generic Syntax", T.
Berners-Lee, R. Fielding, L. Masinter, August 1998. Berners-Lee, R. Fielding, L. Masinter, August 1998.
[RFC 2616] - "Hypertext Transfer Protocol -- HTTP/1.1", R. Fielding, [RFC 2616] - "Hypertext Transfer Protocol -- HTTP/1.1", R. Fielding,
J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners- J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-
Lee, June 1999. Lee, June 1999.
[draft-ietf-trade-iotp-v1.0-protocol-*.txt] - David Burdett [RFC 2801] - "Internet Open Trading Protocol - IOTP Version 1.0", D.
Burdett, April 2000.
[draft-ietf-trade-iotp-v1.0-dsig-*.txt] - Kent Davidson, Yoshiaki [RFC 2802] - "Digital Signatures for the v1.0 Internet Open Trading
Kawatsura Protocol (IOTP)", K. Davidson, Y. Kawatsura, April 2000
[XML] - "Extensible Markup Language (XML) 1.0" [XML] - "Extensible Markup Language (XML) 1.0"
<http://www.w3.org/TR/REC-xml>, Tim Bray, Jean Paoli, C. M. <http://www.w3.org/TR/REC-xml>, Tim Bray, Jean Paoli, C. M.
Sperberg-McQueen, 10 February 1998 Sperberg-McQueen, 10 February 1998
Authors Addresses Authors Addresses
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Motorola Motorola
65 Shindegan Hill Road 140 Forest Avenue
Carmel, NY 10512 USA Hudson, MA 01749 USA
Telephone: +1 914-276-2668(h) Telephone: +1 978-562-2827(h)
+1 508-261-5434(w) +1 508-261-5434(w)
FAX: +1 508-261-4447(w) FAX: +1 508-261-4447(w)
email: Donald.Eastlake@motorola.com email: Donald.Eastlake@motorola.com
Chris J. Smith Chris J. Smith
Royal Bank of Canada Royal Bank of Canada
277 Front Street West 277 Front Street West
Toronto, Ontario M5V 3A4 CANADA Toronto, Ontario M5V 3A4 CANADA
Telephone: +1 416-348-6090 Telephone: +1 416-348-6090
FAX: +1 416-348-2210 FAX: +1 416-348-2210
email: chris.smith@royalbank.com email: chris.smith@royalbank.com
Expiration and File Name Expiration and File Name
This draft expires October 2000. This draft expires December 2000.
Its file name is draft-ietf-trade-iotp-http-05.txt. Its file name is draft-ietf-trade-iotp-http-06.txt.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/