draft-ietf-trade-iotp-v1.0-protocol-06.txt   draft-ietf-trade-iotp-v1.0-protocol-07.txt 
Internet Draft. David Burdett Internet Draft. David Burdett David Burdett
Commerce One Commerce One
Expires: March 2000 Expires: April 2000
Internet Open Trading Protocol - IOTP Internet Open Trading Protocol - IOTP
Version 1.0 Version 1.0
Status of this Memo Status of this Memo
This document, filename draft-ietf-trade-iotp-v1.0-protocol-06.txt, is This document, filename [draft-ietf-trade-iotp-v1.0-protocol-07.txt], is
the main specification of the Internet Open Trading Protocol version 1.0 the main specification of the Internet Open Trading Protocol version 1.0
and is intended to become an Informational RFC. Distribution of this and is intended to become an Informational RFC. Distribution of this
document is unlimited. Comments should be sent to the TRADE working group document is unlimited. Comments should be sent to the TRADE working group
at <ietf-trade@lists.elistx.com>. at <ietf-trade@lists.elistx.com>.
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. Internet-Drafts are working provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, and documents of the Internet Engineering Task Force (IETF), its areas, and
its working groups. Note that other groups may also distribute working its working groups. Note that other groups may also distribute working
documents as Internet-Drafts. documents as Internet-Drafts.
skipping to change at page 1, line 45 skipping to change at page 2, line 5
Abstract Abstract
The Internet Open Trading Protocol (IOTP) provides an interoperable The Internet Open Trading Protocol (IOTP) provides an interoperable
framework for Internet commerce. It is payment system independent and framework for Internet commerce. It is payment system independent and
encapsulates payment systems such as SET, Secure Channel Credit/Debit, encapsulates payment systems such as SET, Secure Channel Credit/Debit,
Mondex, CyberCoin, GeldKarte, etc. IOTP is able to handle cases where Mondex, CyberCoin, GeldKarte, etc. IOTP is able to handle cases where
such merchant roles as the shopping site, the Payment Handler, the such merchant roles as the shopping site, the Payment Handler, the
Delivery Handler of goods or services, and the provider of customer Delivery Handler of goods or services, and the provider of customer
support are performed by different parties or by one party. support are performed by different parties or by one party.
This document obsoletes the previous version of the IOTP specification
(draft-ietf-trade-iotp-v1.0-protocol-04.txt.)
Table of Contents Table of Contents
Status of this Memo ................................................1 Status of this Memo ................................................1
Abstract ...........................................................1 Abstract ...........................................................1
1. Background .....................................................8 1. Background .....................................................7
1.1 Commerce on the Internet, a Different Model .................8 1.1 Commerce on the Internet, a Different Model .................7
1.2 Benefits of IOTP ............................................9 1.2 Benefits of IOTP ............................................8
1.3 Baseline IOTP ..............................................11 1.3 Baseline IOTP ..............................................10
1.4 Objectives of Document .....................................11 1.4 Objectives of Document .....................................10
1.5 Scope of Document ..........................................11 1.5 Scope of Document ..........................................10
1.6 Document Structure .........................................12 1.6 Document Structure .........................................11
1.7 Intended Readership ........................................13 1.7 Intended Readership ........................................12
1.7.1 Reading Guidelines ...................................13 1.7.1 Reading Guidelines ...................................12
2. Introduction ..................................................15 2. Introduction ..................................................14
2.1 Trading Roles ..............................................15 2.1 Trading Roles ..............................................14
2.2 Trading Exchanges ..........................................17 2.2 Trading Exchanges ..........................................16
2.2.1 Offer Exchange .......................................18 2.2.1 Offer Exchange .......................................17
2.2.2 Payment Exchange .....................................20 2.2.2 Payment Exchange .....................................19
2.2.3 Delivery Exchange ....................................22 2.2.3 Delivery Exchange ....................................21
2.2.4 Authentication Exchange ..............................24 2.2.4 Authentication Exchange ..............................23
2.3 Scope of Baseline IOTP .....................................26 2.3 Scope of Baseline IOTP .....................................25
3. Protocol Structure ............................................29 3. Protocol Structure ............................................28
3.1 Overview ...................................................30 3.1 Overview ...................................................29
3.1.1 IOTP Message Structure ...............................30 3.1.1 IOTP Message Structure ...............................29
3.1.2 IOTP Transactions ....................................31 3.1.2 IOTP Transactions ....................................30
3.2 IOTP Message ...............................................32 3.2 IOTP Message ...............................................31
3.2.1 XML Document Prolog ..................................33 3.2.1 XML Document Prolog ..................................32
3.3 Transaction Reference Block ................................34 3.3 Transaction Reference Block ................................33
3.3.1 Transaction Id Component .............................34 3.3.1 Transaction Id Component .............................33
3.3.2 Message Id Component .................................36 3.3.2 Message Id Component .................................35
3.3.3 Related To Component .................................37 3.3.3 Related To Component .................................36
3.4 ID Attributes ..............................................39 3.4 ID Attributes ..............................................38
3.4.1 IOTP Message ID Attribute Definition .................39 3.4.1 IOTP Message ID Attribute Definition .................38
3.4.2 Block and Component ID Attribute Definitions .........40 3.4.2 Block and Component ID Attribute Definitions .........40
3.4.3 Example of use of ID Attributes ......................41 3.4.3 Example of use of ID Attributes ......................40
3.5 Element References .........................................42 3.5 Element References .........................................41
3.6 Extending IOTP .............................................43 3.6 Extending IOTP .............................................42
3.6.1 Extra XML Elements ...................................44 3.6.1 Extra XML Elements ...................................43
3.6.2 Opaque Embedded Data .................................45 3.6.2 Opaque Embedded Data .................................44
3.7 Packaged Content Element ...................................45 3.7 Packaged Content Element ...................................44
3.7.1 Packaging HTML .......................................47 3.7.1 Packaging HTML .......................................46
3.7.2 Packaging XML ........................................48 3.7.2 Packaging XML ........................................47
3.8 Identifying Languages ......................................48 3.8 Identifying Languages ......................................47
3.9 Secure and Insecure Net Locations ..........................49 3.9 Secure and Insecure Net Locations ..........................48
3.10 Cancelled Transactions .....................................49 3.10 Cancelled Transactions .....................................48
3.10.1 Cancelling Transactions ..............................49 3.10.1 Cancelling Transactions ..............................48
3.10.2 Handling Cancelled Transactions ......................50 3.10.2 Handling Cancelled Transactions ......................49
4. IOTP Error Handling ...........................................51 4. IOTP Error Handling ...........................................50
4.1 Technical Errors ...........................................51 4.1 Technical Errors ...........................................50
4.2 Business Errors ............................................52 4.2 Business Errors ............................................51
4.3 Error Depth ................................................52 4.3 Error Depth ................................................51
4.3.1 Transport Level ......................................52 4.3.1 Transport Level ......................................51
4.3.2 Message Level ........................................53 4.3.2 Message Level ........................................52
4.3.3 Block Level ..........................................53 4.3.3 Block Level ..........................................52
4.4 Idempotency, Processing Sequence, and Message Flow .........55 4.4 Idempotency, Processing Sequence, and Message Flow .........54
4.5 Server Role Processing Sequence ............................56 4.5 Server Role Processing Sequence ............................55
4.5.1 Initiating Transactions ..............................56 4.5.1 Initiating Transactions ..............................55
4.5.2 Processing Input Messages ............................56 4.5.2 Processing Input Messages ............................55
4.5.3 Cancelling a Transaction .............................62 4.5.3 Cancelling a Transaction .............................61
4.5.4 Retransmitting Messages ..............................62 4.5.4 Retransmitting Messages ..............................61
4.6 Client Role Processing Sequence ............................63 4.6 Client Role Processing Sequence ............................62
4.6.1 Initiating Transactions ..............................63 4.6.1 Initiating Transactions ..............................62
4.6.2 Processing Input Messages ............................63 4.6.2 Processing Input Messages ............................63
4.6.3 Cancelling a Transaction .............................65 4.6.3 Cancelling a Transaction .............................64
4.6.4 Retransmitting Messages ..............................65 4.6.4 Retransmitting Messages ..............................64
5. Security Considerations .......................................66 5. Security Considerations .......................................65
5.1 Determining whether to use digital signatures ..............66 5.1 Determining whether to use digital signatures ..............65
5.2 Symmetric and Asymmetric Cryptography ......................67 5.2 Symmetric and Asymmetric Cryptography ......................66
5.3 Data Privacy ...............................................68 5.3 Data Privacy ...............................................67
5.4 Payment Protocol Security ..................................68 5.4 Payment Protocol Security ..................................67
6. Digital Signatures and IOTP ...................................69 6. Digital Signatures and IOTP ...................................68
6.1 How IOTP uses Digital Signatures ...........................69 6.1 How IOTP uses Digital Signatures ...........................68
6.1.1 IOTP Signature Example ...............................71 6.1.1 IOTP Signature Example ...............................70
6.1.2 OriginatorInfo and RecipientInfo Elements ............72 6.1.2 OriginatorInfo and RecipientInfo Elements ............71
6.1.3 Using signatures to Prove Actions Complete Successfully73 6.1.3 Using signatures to Prove Actions Complete Successfully72
6.2 Checking a Signature is Correctly Calculated ...............73 6.2 Checking a Signature is Correctly Calculated ...............72
6.3 Checking a Payment or Delivery can occur ...................74 6.3 Checking a Payment or Delivery can occur ...................73
6.3.1 Check Request Block sent Correct Organisation ........75 6.3.1 Check Request Block sent Correct Organisation ........74
6.3.2 Check Correct Components present in Request Block ....78 6.3.2 Check Correct Components present in Request Block ....77
6.3.3 Check an Action is Authorised ........................78 6.3.3 Check an Action is Authorised ........................77
7. Trading Components ............................................80 7. Trading Components ............................................79
7.1 Protocol Options Component .................................81 7.1 Protocol Options Component .................................80
7.2 Authentication Request Component ...........................83 7.2 Authentication Request Component ...........................82
7.3 Authentication Response Component ..........................84 7.3 Authentication Response Component ..........................83
7.4 Trading Role Information Request Component .................85 7.4 Trading Role Information Request Component .................84
7.5 Order Component ............................................85 7.5 Order Component ............................................84
7.5.1 Order Description Content ............................86 7.5.1 Order Description Content ............................85
7.5.2 OkFrom and OkTo Timestamps ...........................87 7.5.2 OkFrom and OkTo Timestamps ...........................86
7.6 Organisation Component .....................................88 7.6 Organisation Component .....................................87
7.6.1 Organisation IDs .....................................89 7.6.1 Organisation IDs .....................................88
7.6.2 Trading Role Element .................................90 7.6.2 Trading Role Element .................................89
7.6.3 Contact Information Element ..........................93 7.6.3 Contact Information Element ..........................92
7.6.4 Person Name Element ..................................93 7.6.4 Person Name Element ..................................92
7.6.5 Postal Address Element ...............................94 7.6.5 Postal Address Element ...............................93
7.7 Brand List Component .......................................95 7.7 Brand List Component .......................................94
7.7.1 Brand Element ........................................97 7.7.1 Brand Element ........................................96
7.7.2 Protocol Brand Element ...............................99 7.7.2 Protocol Brand Element ...............................98
7.7.3 Protocol Amount Element .............................100 7.7.3 Protocol Amount Element ..............................99
7.7.4 Currency Amount Element .............................101 7.7.4 Currency Amount Element .............................100
7.7.5 Pay Protocol Element ................................102 7.7.5 Pay Protocol Element ................................101
7.8 Brand Selection Component .................................103 7.8 Brand Selection Component .................................102
7.8.1 Brand Selection Brand Info Element ..................105 7.8.1 Brand Selection Brand Info Element ..................104
7.8.2 Brand Selection Protocol Amount Info Element ........105 7.11 Payment Receipt Component .................................107
7.8.3 Brand Selection Currency Amount Info Element ........106 7.12 Payment Note Component ....................................109
7.9 Payment Component .........................................106 7.13 Delivery Component ........................................110
7.10 Payment Scheme Component ..................................107 7.13.1 Delivery Data Element ...............................111
7.11 Payment Receipt Component .................................108 7.14 Consumer Delivery Data Component ..........................113
7.12 Payment Note Component ....................................110 7.15 Delivery Note Component ...................................114
7.13 Delivery Component ........................................111 7.16 Status Component ..........................................115
7.13.1 Delivery Data Element ...............................112 7.16.1 Offer Completion Codes ..............................117
7.14 Consumer Delivery Data Component ..........................114 7.16.2 Payment Completion Codes ............................118
7.15 Delivery Note Component ...................................115 7.16.3 Delivery Completion Codes ...........................120
7.16 Status Component ..........................................116 7.16.4 Authentication Completion Codes .....................122
7.16.1 Offer Completion Codes ..............................118 7.16.5 Undefined Completion Codes ..........................123
7.16.2 Payment Completion Codes ............................119 7.16.6 Transaction Inquiry Completion Codes ................124
7.16.3 Delivery Completion Codes ...........................121 7.17 Trading Role Data Component ...............................124
7.16.4 Authentication Completion Codes .....................123 7.17.1 Who Receives a Trading Role Data Component ..........125
7.16.5 Undefined Completion Codes ..........................124 7.18 Inquiry Type Component ....................................125
7.16.6 Transaction Inquiry Completion Codes ................125 7.19 Signature Component .......................................126
7.17 Trading Role Data Component ...............................125 7.19.1 IOTP usage of signature elements and attributes .....127
7.17.1 Who Receives a Trading Role Data Component ..........126 7.19.2 Offer Response Signature Component ..................129
7.18 Inquiry Type Component ....................................126 7.19.3 Payment Receipt Signature Component .................130
7.19 Signature Component .......................................127 7.19.4 Delivery Response Signature Component ...............131
7.19.1 IOTP usage of signature elements and attributes .....128 7.19.5 Authentication Request Signature Component ..........131
7.19.2 Offer Response Signature Component ..................130 7.19.6 Authentication Response Signature Component .........131
7.19.3 Payment Receipt Signature Component .................131 7.19.7 Inquiry Request Signature Component .................132
7.19.4 Delivery Response Signature Component ...............132 7.19.8 Inquiry Response Signature Component ................132
7.19.5 Authentication Request Signature Component ..........132 7.19.9 Ping Request Signature Component ....................132
7.19.6 Authentication Response Signature Component .........132 7.19.10 Ping Response Signature Component...................132
7.19.7 Inquiry Request Signature Component .................133 7.20 Certificate Component .....................................132
7.19.8 Inquiry Response Signature Component ................133 7.20.1 IOTP usage of signature elements and attributes .....133
7.19.9 Ping Request Signature Component ....................133 7.21 Error Component ...........................................133
7.19.10 Ping Response Signature Component...................133 7.21.1 Error Processing Guidelines .........................135
7.20 Certificate Component .....................................133 7.21.2 Error Codes .........................................136
7.20.1 IOTP usage of signature elements and attributes .....134 7.21.3 Error Location Element ..............................140
7.21 Error Component ...........................................134
7.21.1 Error Processing Guidelines .........................136
7.21.2 Error Codes .........................................137
7.21.3 Error Location Element ..............................141
8. Trading Blocks ...............................................143 8. Trading Blocks ...............................................142
8.1 Trading Protocol Options Block ............................145 8.1 Trading Protocol Options Block ............................144
8.2 TPO Selection Block .......................................146 8.2 TPO Selection Block .......................................145
8.3 Offer Response Block ......................................146 8.3 Offer Response Block ......................................145
8.4 Authentication Request Block ..............................147 8.4 Authentication Request Block ..............................146
8.5 Authentication Response Block .............................149 8.5 Authentication Response Block .............................148
8.6 Authentication Status Block ...............................149 8.6 Authentication Status Block ...............................148
8.7 Payment Request Block .....................................150 8.7 Payment Request Block .....................................149
8.8 Payment Exchange Block ....................................151 8.8 Payment Exchange Block ....................................150
8.9 Payment Response Block ....................................152 8.9 Payment Response Block ....................................151
8.10 Delivery Request Block ....................................153 8.10 Delivery Request Block ....................................152
8.11 Delivery Response Block ...................................154 8.11 Delivery Response Block ...................................153
8.12 Inquiry Request Trading Block .............................155 8.12 Inquiry Request Trading Block .............................154
8.13 Inquiry Response Trading Block ............................155 8.13 Inquiry Response Trading Block ............................154
8.14 Ping Request Block ........................................156 8.14 Ping Request Block ........................................155
8.15 Ping Response Block .......................................157 8.15 Ping Response Block .......................................156
8.16 Signature Block ...........................................158 8.16 Signature Block ...........................................157
8.16.1 Signature Block with Offer Response .................159 8.16.1 Signature Block with Offer Response .................158
8.16.2 Signature Block with Payment Request ................159 8.16.2 Signature Block with Payment Request ................158
8.16.3 Signature Block with Payment Response ...............159 8.16.3 Signature Block with Payment Response ...............158
8.16.4 Signature Block with Delivery Request ...............159 8.16.4 Signature Block with Delivery Request ...............158
8.16.5 Signature Block with Delivery Response ..............160 8.16.5 Signature Block with Delivery Response ..............159
8.17 Error Block ...............................................160 8.17 Error Block ...............................................159
8.18 Cancel Block ..............................................161 8.18 Cancel Block ..............................................160
9. Internet Open Trading Protocol Transactions ..................162 9. Internet Open Trading Protocol Transactions ..................161
9.1 Authentication and Payment Related IOTP Transactions ......162 9.1 Authentication and Payment Related IOTP Transactions ......161
9.1.1 Authentication Document Exchange ....................164 9.1.1 Authentication Document Exchange ....................163
9.1.2 Offer Document Exchange .............................169 9.1.2 Offer Document Exchange .............................168
9.1.3 Payment Document Exchange ...........................176 9.1.3 Payment Document Exchange ...........................175
9.1.4 Delivery Document Exchange ..........................181 9.1.4 Delivery Document Exchange ..........................180
9.1.5 Payment and Delivery Document Exchange ..............183 9.1.5 Payment and Delivery Document Exchange ..............182
9.1.6 Baseline Authentication IOTP Transaction ............186 9.1.6 Baseline Authentication IOTP Transaction ............185
9.1.7 Baseline Deposit IOTP Transaction ...................187 9.1.7 Baseline Deposit IOTP Transaction ...................186
9.1.8 Baseline Purchase IOTP Transaction ..................189 9.1.8 Baseline Purchase IOTP Transaction ..................188
9.1.9 Baseline Refund IOTP Transaction ....................190 9.1.9 Baseline Refund IOTP Transaction ....................189
9.1.10 Baseline Withdrawal IOTP Transaction ................192 9.1.10 Baseline Withdrawal IOTP Transaction ................191
9.1.11 Baseline Value Exchange IOTP Transaction ............194 9.1.11 Baseline Value Exchange IOTP Transaction ............193
9.1.12 Valid Combinations of Document Exchanges ............196 9.1.12 Valid Combinations of Document Exchanges ............195
9.1.13 Combining Authentication Transactions with other 9.1.13 Combining Authentication Transactions with other
Transactions ........................................199 Transactions ........................................198
9.2 Infrastructure Transactions ...............................200 9.2 Infrastructure Transactions ...............................199
9.2.1 Baseline Transaction Status Inquiry IOTP Transaction 201 9.2.1 Baseline Transaction Status Inquiry IOTP Transaction 200
9.2.2 Baseline Ping IOTP Transaction ......................205 9.2.2 Baseline Ping IOTP Transaction ......................204
10. Retrieving Logos .............................................209 10. Retrieving Logos .............................................208
10.1 Logo Size .................................................209 10.1 Logo Size .................................................208
10.2 Logo Color Depth ..........................................210 10.2 Logo Color Depth ..........................................209
10.3 Logo Net Location Examples ................................210 10.3 Logo Net Location Examples ................................209
11. Brands .......................................................211 11. Brands .......................................................210
11.1 Brand Definitions and Brand Selection .....................211 11.1 Brand Definitions and Brand Selection .....................210
11.1.1 Definition of Payment Instrument ....................211 11.1.1 Definition of Payment Instrument ....................210
11.1.2 Definition of Brand .................................212 11.1.2 Definition of Brand .................................211
11.1.3 Definition of Dual Brand ............................212 11.1.3 Definition of Dual Brand ............................211
11.1.4 Definition of Promotional Brand .....................213 11.1.4 Definition of Promotional Brand .....................212
11.1.5 Identifying Promotional Brands ......................213 11.1.5 Identifying Promotional Brands ......................212
11.2 Brand List Examples .......................................215 11.2 Brand List Examples .......................................214
11.2.1 Simple Credit Card Based Example ....................216 11.2.1 Simple Credit Card Based Example ....................215
11.2.2 Credit Card Brand List Including Promotional Brands .217 11.2.2 Credit Card Brand List Including Promotional Brands..216
11.2.3 Brand Selection Example .............................218 11.2.3 Brand Selection Example .............................217
11.2.4 Complex Electronic Cash Based Brand List ............218 11.2.4 Complex Electronic Cash Based Brand List ............217
12. IANA Considerations ..........................................222 12. IANA Considerations ..........................................221
12.1 Codes Controlled by IANA ..................................222 12.1 Codes Controlled by IANA ..................................221
12.2 Codes not controlled by IANA ..............................227 12.2 Codes not controlled by IANA ..............................226
13. Internet Open Trading Protocol Data Type Definition ..........228
14. Glossary .....................................................241 13. Internet Open Trading Protocol Data Type Definition ..........227
15. Copyrights ...................................................248 14. Glossary .....................................................240
15. Copyrights ...................................................247
16. References ...................................................249 16. References ...................................................248
17. Author's Address .............................................252 17. Author's Address .............................................251
Table of Figures Table of Figures
Figure 1 IOTP Trading Roles 16 Figure 1 IOTP Trading Roles 15
Figure 2 Offer Exchange 18 Figure 2 Offer Exchange 17
Figure 3 Payment Exchange 21 Figure 3 Payment Exchange 20
Figure 4 Delivery Exchange 23 Figure 4 Delivery Exchange 22
Figure 5 Authentication Exchange 25 Figure 5 Authentication Exchange 24
Figure 6 IOTP Message Structure 30 Figure 6 IOTP Message Structure 29
Figure 7 An IOTP Transaction 31 Figure 7 An IOTP Transaction 30
Figure 8 Example use of ID attributes 42 Figure 8 Example use of ID attributes 41
Figure 9 Element References 43 Figure 9 Element References 42
Figure 10 Signature Digests 70 Figure 10 Signature Digests 69
Figure 11 Example use of Signatures for Baseline Purchase 72 Figure 11 Example use of Signatures for Baseline Purchase 71
Figure 12 Checking a Payment Handler can carry out a Payment 76 Figure 12 Checking a Payment Handler can carry out a Payment 75
Figure 13 Checking a Delivery Handler can carry out a Delivery 78 Figure 13 Checking a Delivery Handler can carry out a Delivery 77
Figure 14 Trading Components 81 Figure 14 Trading Components 80
Figure 15 Brand List Element Relationships 97 Figure 15 Brand List Element Relationships 96
Figure 16 Trading Blocks 144 Figure 16 Trading Blocks 143
Figure 17 Payment and Authentication Message Flow Combinations 164 Figure 17 Payment and Authentication Message Flow Combinations 163
Figure 18 Authentication Document Exchange 166 Figure 18 Authentication Document Exchange 165
Figure 19 Brand Dependent Offer Document Exchange 171 Figure 19 Brand Dependent Offer Document Exchange 170
Figure 20 Brand Independent Offer Exchange 172 Figure 20 Brand Independent Offer Exchange 171
Figure 21 Payment Document Exchange 177 Figure 21 Payment Document Exchange 176
Figure 22 Delivery Document Exchange 182 Figure 22 Delivery Document Exchange 181
Figure 23 Payment and Delivery Document Exchange 184 Figure 23 Payment and Delivery Document Exchange 183
Figure 24 Baseline Authentication IOTP Transaction 187 Figure 24 Baseline Authentication IOTP Transaction 186
Figure 25 Baseline Deposit IOTP Transaction 188 Figure 25 Baseline Deposit IOTP Transaction 187
Figure 26 Baseline Purchase IOTP Transaction 190 Figure 26 Baseline Purchase IOTP Transaction 189
Figure 27 Baseline Refund IOTP Transaction 192 Figure 27 Baseline Refund IOTP Transaction 191
Figure 28 Baseline Withdrawal IOTP Transaction 193 Figure 28 Baseline Withdrawal IOTP Transaction 192
Figure 29 Baseline Value Exchange IOTP Transaction 195 Figure 29 Baseline Value Exchange IOTP Transaction 194
Figure 30 Baseline Value Exchange Signatures 196 Figure 30 Baseline Value Exchange Signatures 195
Figure 31 Valid Combinations of Document Exchanges 197 Figure 31 Valid Combinations of Document Exchanges 196
Figure 32 Baseline Transaction Status Inquiry 203 Figure 32 Baseline Transaction Status Inquiry 202
Figure 33 Baseline Ping Messages 206 Figure 33 Baseline Ping Messages 205
1. Background 1. Background
The Internet Open Trading Protocol (IOTP) provides an interoperable The Internet Open Trading Protocol (IOTP) provides an interoperable
framework for Internet commerce. It is payment system independent and framework for Internet commerce. It is payment system independent and
encapsulates payment systems such as SET, Mondex, CyberCash, DigiCash, encapsulates payment systems such as SET, Mondex, CyberCash, DigiCash,
GeldKarte, etc. IOTP is able to handle cases where such merchant roles as GeldKarte, etc. IOTP is able to handle cases where such merchant roles as
the shopping site, the Payment Handler, the Delivery Handler of goods or the shopping site, the Payment Handler, the Delivery Handler of goods or
services, and the provider of customer support are performed by different services, and the provider of customer support are performed by different
parties or by one party. parties or by one party.
skipping to change at page 15, line 53 skipping to change at page 14, line 53
o a set of Trading Exchanges. Each Trading Exchange involves the exchange o a set of Trading Exchanges. Each Trading Exchange involves the exchange
of data, between Trading Roles, in the form of a set of Trading of data, between Trading Roles, in the form of a set of Trading
Components. Components.
Trading Roles, Trading Exchanges and Trading Components are described Trading Roles, Trading Exchanges and Trading Components are described
below. below.
2.1 Trading Roles 2.1 Trading Roles
The Trading Roles identify the different parts which organisations can The Trading Roles identify the different parts which organisations can
take in a trade. The six Trading Roles used within IOTP are illustrated take in a trade. The five Trading Roles used within IOTP are illustrated
in the diagram below. in the diagram below.
*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+* *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
Merchant Customer Care Provider resolves ---------- Merchant Customer Care Provider resolves ----------
---------------------------------------------->| Merchant | ---------------------------------------------->| Merchant |
| Consumer disputes and problems |Cust.Care.| | Consumer disputes and problems |Cust.Care.|
| | Provider | | | Provider |
| ---------- | ----------
| |
skipping to change at page 33, line 11 skipping to change at page 32, line 11
PayExchBlk | PayExchBlk |
PayReqBlk | PayReqBlk |
PayRespBlk | PayRespBlk |
PingReqBlk | PingReqBlk |
PingRespBlk | PingRespBlk |
TpoBlk | TpoBlk |
TpoSelectionBlk TpoSelectionBlk
)* )*
) > ) >
<!ATTLIST IotpMessage <!ATTLIST IotpMessage
xmlns:iotp CDATA xmlns CDATA
'ietf.org/draft-ietf-trade-iotp-v1.0-protocol-05' > 'iotp:ietf.org/draft-ietf-trade-iotp-v1.0-protocol-07' >
Content: Content:
TransRefBlk This contains information which describes an IOTP TransRefBlk This contains information which describes an IOTP
Message within an IOTP Transaction (see section Message within an IOTP Transaction (see section
3.3 immediately below) 3.3 immediately below)
AuthReqBlk, These are the Trading Blocks. AuthReqBlk, These are the Trading Blocks.
AuthRespBlk, AuthRespBlk,
DeliveryReqBlk, The Trading Blocks present within an IOTP Message, DeliveryReqBlk, The Trading Blocks present within an IOTP Message,
skipping to change at page 33, line 39 skipping to change at page 32, line 39
PayReqBlk, Full definitions of each Trading Block are PayReqBlk, Full definitions of each Trading Block are
PayRespBlk, described in section 8. PayRespBlk, described in section 8.
PingReqBlk, PingReqBlk,
PingRespBlk, PingRespBlk,
SigBlk, SigBlk,
TpoBlk, TpoBlk,
TpoSelectionBlk TpoSelectionBlk
Attributes: Attributes:
xmlns:iotp The [XML Namespace] definition for IOTP messages. xmlns The [XML Namespace] definition for IOTP messages.
3.2.1 XML Document Prolog 3.2.1 XML Document Prolog
The IOTP Message is the root element of the XML document. It therefore The IOTP Message is the root element of the XML document. It therefore
needs to be preceded by an appropriate XML Document Prolog. For example: needs to be preceded by an appropriate XML Document Prolog. For example:
<?XML Version='1.0'?> <?XML Version='1.0'?>
<!DOCTYPE IotpMessage > <!DOCTYPE IotpMessage >
<IotpMessage> <IotpMessage>
... ...
skipping to change at page 40, line 4 skipping to change at page 39, line 4
attributes of IOTP Messages, Blocks and Components. attributes of IOTP Messages, Blocks and Components.
3.4.1 IOTP Message ID Attribute Definition 3.4.1 IOTP Message ID Attribute Definition
The ID attribute of the Message Id Component of an IOTP Message must be The ID attribute of the Message Id Component of an IOTP Message must be
unique within an IOTP Transaction. It's definition is as follows: unique within an IOTP Transaction. It's definition is as follows:
IotpMsgId_value ::= IotpMsgIdPrefix IotpMsgIdSuffix IotpMsgId_value ::= IotpMsgIdPrefix IotpMsgIdSuffix
IotpMsgIdPrefix ::= NameChar (NameChar)* IotpMsgIdPrefix ::= NameChar (NameChar)*
IotpMsgIdSuffix ::= Digit (Digit)* IotpMsgIdSuffix ::= Digit (Digit)*
IotpMsgIdPrefix Apart from messages which contain an Inquiry IotpMsgIdPrefix Apart from messages which contain: an Inquiry
Request Trading Block (see section 8.12), the same Request Trading Block, an Inquiry Response Trading
prefix is used for all messages sent by the Block, a Ping Request Trading Block or a Ping
Merchant or Consumer role as follows: Response Trading Block; then the same prefix is
used for all messages sent by the Merchant or
Consumer role as follows:
o "M" - Merchant o "M" - Merchant
o "C" - Consumer o "C" - Consumer
For messages which contain an Inquiry Request For messages which contain an Inquiry Request
Trading Block, the prefix is set to "I" for Trading Block or a Ping Request Trading Block, the
Inquiry. prefix is set to "I" for Inquiry.
For messages which contain an Inquiry Response
Trading Block or a Ping Response Trading Block,
the prefix is set to "Q".
The prefix for the other roles in a trade is The prefix for the other roles in a trade is
contained within the Organisation Component for contained within the Organisation Component for
the role and are typically set by the Merchant. the role and are typically set by the Merchant.
The following is recommended as a guideline and The following is recommended as a guideline and
must not be relied upon: must not be relied upon:
o "P" - First (only) Payment Handler o "P" - First (only) Payment Handler
o "R" - Second Payment Handler o "R" - Second Payment Handler
o "D" - Delivery Handler o "D" - Delivery Handler
o "C" - Deliver To o "C" - Deliver To
skipping to change at page 59, line 54 skipping to change at page 58, line 54
blocks in earlier messages either sent or received. This includes blocks in earlier messages either sent or received. This includes
checking that the presence of a block is valid for a particular checking that the presence of a block is valid for a particular
transaction type transaction type
If the message contains any encapsulated data, then if possible check the If the message contains any encapsulated data, then if possible check the
encapsulated data for errors using additional software to check the data encapsulated data for errors using additional software to check the data
where appropriate. where appropriate.
4.5.2.4 Check for Errors in Block Sequence 4.5.2.4 Check for Errors in Block Sequence
[Note] For reasons of brevity, the following explanations of how to
check for errors in Block sequence, the phrase "refers to an
IOTP transaction" is interpreted as "is contained in an IOTP
Message where the Trans Ref Block contains an IotpTransId that
refers to". So, for example, " If an Error or Cancel Block
refers to an IOTP transaction that is not recognised then ..."
should be interpreted as " If an Error or Cancel Block is
contained in an IOTP Message where the Trans Ref Block
contains an IotpTransId that refers to an IOTP transaction
that is not recognised then ...
[Note End]
Errors in the sequence that blocks arrive depends on the block. Blocks Errors in the sequence that blocks arrive depends on the block. Blocks
where checking for sequence is required are: where checking for sequence is required are:
o Error and Cancel Blocks. If an Error or Cancel Block refers to an IOTP o Error and Cancel Blocks. If an Error or Cancel Block refers to an IOTP
transaction that is not recognised then it is a Hard Error. Do not transaction that is not recognised then it is a Hard Error. Do not
return an error if Error or Cancel Blocks have been received for the return an error if Error or Cancel Blocks have been received for the
IOTP Transaction before to avoid looping. IOTP Transaction before to avoid looping.
o Inquiry Request and Response Blocks. If an Inquiry Request or an o Inquiry Request and Response Blocks. If an Inquiry Request or an
Inquiry Response Block refers to an IOTP transaction that is not Inquiry Response Block refers to an IOTP transaction that is not
skipping to change at page 60, line 47 skipping to change at page 60, line 4
- if the TPO Selection Block doesn't refer to an IOTP Transaction that - if the TPO Selection Block doesn't refer to an IOTP Transaction that
is recognised then it is a Hard Error, otherwise is recognised then it is a Hard Error, otherwise
- if the TPO Selection Block refers to an IOTP Transaction where a TPO - if the TPO Selection Block refers to an IOTP Transaction where a TPO
Block and Offer Response (in one message) had previously been sent Block and Offer Response (in one message) had previously been sent
then it is a Hard Error, otherwise then it is a Hard Error, otherwise
- if the TPO Selection Block does not refer to an IOTP Transaction - if the TPO Selection Block does not refer to an IOTP Transaction
where a TPO Block only (i.e. without an Offer Response) had where a TPO Block only (i.e. without an Offer Response) had
previously been sent then it is a Hard Error, otherwise previously been sent then it is a Hard Error, otherwise
- if a TPO Selection Block for the same TPO Block has been received - if a TPO Selection Block for the same TPO Block has been received
before then it is a Hard Error before then it is a Hard Error
o Payment Request Block (Payment Handler only). Check as follows: o Payment Request Block (Payment Handler only). Check as follows:
- if the Payment Request Block refers to an IOTP Transaction that is - if the Payment Request Block refers to an IOTP Transaction that is
not recognised then its OK, otherwise not recognised then its OK, otherwise
- if the Payment Request Block refers to IOTP Transaction that was not - if the Payment Request Block refers to IOTP Transaction that was not
for a Payment then it is a Hard Error, otherwise for a Payment then it is a Hard Error, otherwise
- if the previous payment CompletedOk OR failed with a non-recoverable - if there was a previous payment that failed with a non-recoverable
Completion Code then it is a Hard Error, otherwise Completion Code then it is a Hard Error, otherwise
- if the previous payment is still in progress then it is a Hard Error - if a previous payment is still in progress then it is a Hard Error
o Payment Exchange Block (Payment Handler only). Check as follows: o Payment Exchange Block (Payment Handler only). Check as follows:
- if the Payment Exchange Block doesn't refer to an IOTP Transaction - if the Payment Exchange Block doesn't refer to an IOTP Transaction
that is recognised then it is a Hard Error, otherwise that is recognised then it is a Hard Error, otherwise
- if the Payment Exchange doesn't refer to an IOTP Transaction where a - if the Payment Exchange doesn't refer to an IOTP Transaction where a
Payment Exchange had previously been sent then it a Hard Error Payment Exchange had previously been sent then it a Hard Error
o Delivery Request (Delivery Handler Only). If the Delivery Request Block o Delivery Request (Delivery Handler Only). If the Delivery Request Block
refers to an IOTP Transaction that is recognised by the Server then it refers to an IOTP Transaction that is recognised by the Server then it
is a Hard Error is a Hard Error
If any Error Components have been generated then collect them into an If any Error Components have been generated then collect them into an
skipping to change at page 83, line 44 skipping to change at page 82, line 44
ID An identifier which uniquely identifies the ID An identifier which uniquely identifies the
Authentication Request Component within the IOTP Authentication Request Component within the IOTP
Transaction. Transaction.
AuthenticationId An identifier specified by the Authenticator AuthenticationId An identifier specified by the Authenticator
which, if returned by the Organisation that which, if returned by the Organisation that
receives the Authentication Request, will enable receives the Authentication Request, will enable
the Authenticator to identify which Authentication the Authenticator to identify which Authentication
is being referred to. is being referred to.
ContentSoftwareId See section 14. Glossary. ContentSoftwareId See section 14.Glossary
Content: Content:
PackagedContent This contains the challenge data as one or more PackagedContent This contains the challenge data as one or more
Packaged Content (see section 3.7) that is to be Packaged Content (see section 3.7) that is to be
responded to using the Algorithm defined by the responded to using the Algorithm defined by the
Algorithm element. Algorithm element.
Algorithm This contains information which describes the Algorithm This contains information which describes the
Algorithm (see 7.19 Signature Components) that Algorithm (see 7.19 Signature Components) that
skipping to change at page 197, line 41 skipping to change at page 196, line 41
| DELIVERY | | PAYMENT | | | | DELIVERY | | PAYMENT | | |
| | | {second)| | | | | | {second)| | |
---------- --------- | | ---------- --------- | |
| | | v | | | v
----------------------------------------------> STOP ----------------------------------------------> STOP
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Figure 31 Valid Combinations of Document Exchanges Figure 31 Valid Combinations of Document Exchanges
1) 1) If first IOTP Message of an IOTP Transaction contains an Authentication
If first IOTP Message of an IOTP Transaction contains an Authentication
Request then: Request then:
a) IOTP Transaction includes an Authentication Document Exchange (see a) IOTP Transaction includes an Authentication Document Exchange (see
section 9.1.1). (Note 1) section 9.1.1). (Note 1)
b) If the last IOTP Message of the Authentication Document Exchange b) If the last IOTP Message of the Authentication Document Exchange
includes a TPO Block and an Offer Response Block then: includes a TPO Block and an Offer Response Block then:
i) IOTP Transaction includes a Brand Independent Offer Document i) IOTP Transaction includes a Brand Independent Offer Document
Exchange (see section 9.1.2.2). (Note 2) Exchange (see section 9.1.2.2). (Note 2)
skipping to change at page 198, line 15 skipping to change at page 197, line 15
i) IOTP Transaction includes a Brand Dependent Offer Document Exchange i) IOTP Transaction includes a Brand Dependent Offer Document Exchange
(see section 9.1.2.1). (Note 2) (see section 9.1.2.1). (Note 2)
d) Otherwise (Authentication Status IOTP Message of the Authentication d) Otherwise (Authentication Status IOTP Message of the Authentication
Document Exchange contains neither a TPO Block but nor an Offer Document Exchange contains neither a TPO Block but nor an Offer
Response Block) Response Block)
i) IOTP Transaction consists of just an Authentication Document i) IOTP Transaction consists of just an Authentication Document
Exchange. (Note 3) Exchange. (Note 3)
2) 2) Otherwise (no Authentication Request in first IOTP Message):
Otherwise (no Authentication Request in first IOTP Message):
e) IOTP Transaction does not include an Authentication Document Exchange e) IOTP Transaction does not include an Authentication Document Exchange
(Note 2) (Note 2)
f) If first IOTP Message contains an Offer Response Block, then: f) If first IOTP Message contains an Offer Response Block, then:
i) the IOTP Transaction contains a Brand Independent Offer Document i) the IOTP Transaction contains a Brand Independent Offer Document
Exchange (Note 2) Exchange (Note 2)
g) Otherwise (no Offer Response Block in first IOTP Message): g) Otherwise (no Offer Response Block in first IOTP Message):
i) the IOTP Transaction includes a Brand Dependent Offer Document i) the IOTP Transaction includes a Brand Dependent Offer Document
Exchange (Note 2) Exchange (Note 2)
3) 3) If an Offer Response Block exists in any IOTP message then:
If an Offer Response Block exists in any IOTP message then:
h) If the Offer Response Block contains a Delivery Component then: h) If the Offer Response Block contains a Delivery Component then:
i) If the DelivAndPayResp attribute of the Delivery Component is set i) If the DelivAndPayResp attribute of the Delivery Component is set
to True, then: to True, then:
(1) the IOTP Transaction consists of a Payment And Delivery (1) the IOTP Transaction consists of a Payment And Delivery
Document Exchange (see section 9.1.5) (Note 4) Document Exchange (see section 9.1.5) (Note 4)
ii) otherwise (the DelivAndPayResp attribute of the Delivery ii) otherwise (the DelivAndPayResp attribute of the Delivery
skipping to change at page 199, line 5 skipping to change at page 198, line 5
i) if the Offer Response Block contains just one Payment Component, i) if the Offer Response Block contains just one Payment Component,
then: then:
(1) the IOTP Transaction contains just one Payment Document (1) the IOTP Transaction contains just one Payment Document
Exchange (Note 5) Exchange (Note 5)
ii) if the Offer Response Block contains two Payment Components, ii) if the Offer Response Block contains two Payment Components,
then: then:
(1) the IOTP Transaction contains two Payment Document Exchanges. 1) the IOTP Transaction contains two Payment Document Exchanges.
The StartAfter attribute of the Payment Components is used to The StartAfter attribute of the Payment Components is used to
indicate which payment occurs first (Note 6) indicate which payment occurs first (Note 6)
iii) if the Offer Response Block contains no or more than two iii) if the Offer Response Block contains no or more than two
Payment Components, then there is an error Payment Components, then there is an error
4) 4) Otherwise (no Offer Response Block) there is an error.
Otherwise (no Offer Response Block) there is an error.
The following table indicates the types of IOTP Transactions which can The following table indicates the types of IOTP Transactions which can
validly have the conditions indicated above. validly have the conditions indicated above.
Note IOTP Transaction Validity Note IOTP Transaction Validity
1. Any Payment and Authentication IOTP Transaction 1. Any Payment and Authentication IOTP Transaction
2. Any Payment and Authentication IOTP Transaction except Baseline 2. Any Payment and Authentication IOTP Transaction except Baseline
Authentication Authentication
skipping to change at page 203, line 42 skipping to change at page 202, line 42
Figure 32 Baseline Transaction Status Inquiry Figure 32 Baseline Transaction Status Inquiry
The remainder of this sub-section on the Baseline Transaction Status The remainder of this sub-section on the Baseline Transaction Status
Inquiry IOTP Transaction defines the contents of each Trading Block. Note Inquiry IOTP Transaction defines the contents of each Trading Block. Note
that the term "original transaction" is the transaction which a trading that the term "original transaction" is the transaction which a trading
role wants to discover some information about. role wants to discover some information about.
TRANSACTION REFERENCE BLOCK TRANSACTION REFERENCE BLOCK
A Trading Role making an inquiry must use the identical Transaction Id A Trading Role making an inquiry must use a Transaction Id Component (see
Component (see section 3.3.1) that was in the original transaction. The section 3.3.1) where both the IotpTransId and TransTimeStamp attributes
IotpTransId attribute in this component serves as the key in querying the are the same as in the Transaction Id Component of the original
transaction logs maintained at the Trading Role's site. The value of the transaction that is being inquired upon. The IotpTransId attribute in
ID attribute of the Message Id Component should be different from those this component serves as the key in querying the transaction logs
of any in the original transaction (see section 3.4.1). maintained at the Trading Role's site. The value of the ID attribute of
the Message Id Component should be different from those of any in the
original transaction (see section 3.4.1).
If up-to-date status information is required then the MsgId Component, If up-to-date status information is required then the MsgId Component,
and in particular the ID attribute for the MsgId Component must be and in particular the ID attribute for the MsgId Component must be
different from any other IOTP Message that has been sent by the Trading different from any other IOTP Message that has been sent by the Trading
Role. This is required because of the way that Idempotency is handled by Role. This is required because of the way that Idempotency is handled by
IOTP (see section 4.5.2.2 Checking/Handling Duplicate Messages). IOTP (see section 4.5.2.2 Checking/Handling Duplicate Messages).
INQUIRY REQUEST BLOCK INQUIRY REQUEST BLOCK
The Inquiry Request Block (see section 8.12) contains the following The Inquiry Request Block (see section 8.12) contains the following
skipping to change at page 226, line 36 skipping to change at page 225, line 36
New values of the IotpTransType attribute are New values of the IotpTransType attribute are
allocated following: allocated following:
o publication to the IETF Trade mailing list, of o publication to the IETF Trade mailing list, of
an RFC describing the new IOTP Transaction, and an RFC describing the new IOTP Transaction, and
o review of the document on the IETF Trade o review of the document on the IETF Trade
Working Group mailing list and by the Working Group mailing list and by the
Designated Expert. Designated Expert.
Attibute/ Content Attibute/ Content
(see Signature "OfferResponse" (see Signature
"OfferResponse"
Component) "PaymentResponse" Component) "PaymentResponse"
"DeliveryResponse" "DeliveryResponse"
"AuthenticationRequest" "AuthenticationRequest"
"AuthenticationResponse" "AuthenticationResponse"
"PingRequest" "PingRequest"
skipping to change at page 228, line 13 skipping to change at page 227, line 13
recommended although this method cannot be relied upon. recommended although this method cannot be relied upon.
13. Internet Open Trading Protocol Data Type Definition 13. Internet Open Trading Protocol Data Type Definition
This section contains the XML DTD for the Internet Open Trading This section contains the XML DTD for the Internet Open Trading
Protocols. Protocols.
<!-- <!--
****************************************************** ******************************************************
* * * *
* INTERNET OPEN TRADING PROTOCOL DTD VERSION 06 * * INTERNET OPEN TRADING PROTOCOL VERSION 1.0 DTD *
* Filename: iotp-v1.0-protocol-06.dtd * * Filename: ietf.org/rfc/rfcxxxx.dtd *
* * * *
* Changes from version 05 (iotp-v1.0-protocol-05.dtd)* * Changes from version 06 (iotp-v1.0-protocol-06.dtd)*
* 1. Changed NMTOKEN to CDATA in for IotpTransId in * * 1. Corrected definition of encoding attrubute of *
* TransId component. * * the Value element in Dsig *
* 2. Changed NMTOKEN to NMTOKENS in TradingRoleList * * 2. Updated the name space definition on the *
* attribute of TradingRoleInfoReq element as more * * IOTP Message element *
* than one token is allowed *
* 3. Changed StartAfter to StartAfterRefs in Payment *
* Component since they are references to other *
* elements. *
* 4. Changed REQUIRED to IMPLIED on DelivReqNetLocn *
* and SecDelivReqNetLocn on Delivery Data Element *
* as only one of them is mandatory *
* 5. Changed name of "xmlns.iotp" attribute in the *
* IotpMessage element to just "xmlns" *
* 6. Changed default currency code type from"ISO4217"*
* to "ISO4217-A" as must be alphabetical. *
* 7. Replaced Digital signature DTD with DTD from *
* draft-ietf-trade-iotp-v1.0-dsig-03.txt *
* * * *
* Copyright Internet Engineering Task Force 1998,99 * * Copyright Internet Engineering Task Force 1998,99 *
* * * *
****************************************************** ******************************************************
****************************************************** ******************************************************
* IOTP MESSAGE DEFINITION * * IOTP MESSAGE DEFINITION *
****************************************************** ******************************************************
--> -->
skipping to change at page 229, line 15 skipping to change at page 227, line 55
PayReqBlk | PayReqBlk |
PayRespBlk | PayRespBlk |
PingReqBlk | PingReqBlk |
PingRespBlk | PingRespBlk |
TpoBlk | TpoBlk |
TpoSelectionBlk TpoSelectionBlk
)* )*
) > ) >
<!ATTLIST IotpMessage <!ATTLIST IotpMessage
xmlns CDATA xmlns CDATA
'ietf.org/draft-ietf-trade-iotp-v1.0-protocol-06' > 'http://ietf.org/rfc/rfcxxxx.txt' >
<!-- <!--
****************************************************** ******************************************************
* TRANSACTION REFERENCE BLOCK DEFINITION * * TRANSACTION REFERENCE BLOCK DEFINITION *
****************************************************** ******************************************************
--> -->
<!ELEMENT TransRefBlk (TransId, MsgId, RelatedTo*) > <!ELEMENT TransRefBlk (TransId, MsgId, RelatedTo*) >
<!ATTLIST TransRefBlk <!ATTLIST TransRefBlk
ID ID #REQUIRED > ID ID #REQUIRED >
skipping to change at page 240, line 14 skipping to change at page 239, line 5
> >
<!-- <!--
****************************************************** ******************************************************
* IOTP SHARED COMPONENT DEFINITION * * IOTP SHARED COMPONENT DEFINITION *
****************************************************** ******************************************************
--> -->
<!ELEMENT Value ( #PCDATA ) > <!ELEMENT Value ( #PCDATA ) >
<!ATTLIST Value <!ATTLIST Value
ID ID #IMPLIED ID ID #IMPLIED
encoding (base64|none) #IMPLIED 'base64' encoding (base64|none) 'base64'
> >
<!ELEMENT Locator EMPTY> <!ELEMENT Locator EMPTY>
<!ATTLIST Locator <!ATTLIST Locator
xml:link CDATA #FIXED 'simple' xml:link CDATA #FIXED 'simple'
href CDATA #REQUIRED href CDATA #REQUIRED
> >
14. Glossary 14. Glossary
skipping to change at page 249, line 17 skipping to change at page 248, line 17
This section contains references to related documents identified in this This section contains references to related documents identified in this
specification. specification.
[Base64] Base64 Content-Transfer-Encoding. A method of [Base64] Base64 Content-Transfer-Encoding. A method of
transporting binary data defined by MIME. See: RFC 2045: transporting binary data defined by MIME. See: RFC 2045:
Multipurpose Internet Mail Extensions (MIME) Part One: Multipurpose Internet Mail Extensions (MIME) Part One:
Format of Internet Message Bodies. N. Freed & N. Format of Internet Message Bodies. N. Freed & N.
Borenstein. November 1996. Borenstein. November 1996.
[DOM-HASH] A method for generating hashes of all or part of an XML [DOM-HASH] A method for generating hashes of all or part of an XML
tree based on the DOM of that tree. See tree based on the DOM of that tree. See, currently,
http://www.ietf.org/internet-drafts/draft-ietf-trade- http://www.ietf.org/internet-drafts/draft-ietf-trade-
hiroshi-dom-hash-*.txt hiroshi-dom-hash-*.txt
[DNS] See RFC 1034: Domain names - concepts and facilities. [DNS] See RFC 1034: Domain names - concepts and facilities.
P.V. Mockapetris. Nov-01-1987, and RFC 1035: Domain names P.V. Mockapetris. Nov-01-1987, and RFC 1035: Domain names
- implementation and specification. P.V. Mockapetris. - implementation and specification. P.V. Mockapetris.
Nov-01-1987. Nov-01-1987.
[DSA] The Digital Signature Algorithm (DSA) published by the [DSA] The Digital Signature Algorithm (DSA) published by the
National Institute of Standards and Technology (NIST) in National Institute of Standards and Technology (NIST) in
skipping to change at page 250, line 13 skipping to change at page 249, line 13
Lee. January 1997. Lee. January 1997.
[IANA] The Internet Assigned Numbers Authority. The organisation [IANA] The Internet Assigned Numbers Authority. The organisation
responsible for co-ordinating the names and numbers responsible for co-ordinating the names and numbers
associated with the Internet. See http://www.iana.org/. associated with the Internet. See http://www.iana.org/.
[ISO4217] ISO 4217: Codes for the Representation of Currencies. [ISO4217] ISO 4217: Codes for the Representation of Currencies.
Available from ANSI or ISO. Available from ANSI or ISO.
[IOTPDSIG] A document that describes how data contained in IOTP [IOTPDSIG] A document that describes how data contained in IOTP
messages may be digitally signed. See RFC xxxx messages may be digitally signed. See, currently,
http://www.ietf.org/internet-drafts/draft-ietf-trade- http://www.ietf.org/internet-drafts/draft-ietf-trade-
iotp-v1.0-dsig-*.txt. iotp-v1.0-dsig-*.txt.
[MD5] R.L. Rivest. RFC 1321: The MD5 Message-Digest Algorithm. [MD5] R.L. Rivest. RFC 1321: The MD5 Message-Digest Algorithm.
[MIME] Multipurpose Internet Mail Extensions. See RFC822, [MIME] Multipurpose Internet Mail Extensions. See RFC822,
RFC2045, RFC2046, RFC2047, RFC2048 and RFC2049. RFC2045, RFC2046, RFC2047, RFC2048 and RFC2049.
[OPS] Open Profiling Standard. A proposed standard which [OPS] Open Profiling Standard. A proposed standard which
provides a framework with built-in privacy safeguards for provides a framework with built-in privacy safeguards for
skipping to change at page 253, line 20 skipping to change at page 252, line 20
- Mercantec - Mercantec
- Netscape - Netscape
- Nippon Telegraph and Telephone Corporation - Nippon Telegraph and Telephone Corporation
- Oracle Corporation - Oracle Corporation
- Smart Card Integrations Ltd. - Smart Card Integrations Ltd.
- Spyrus - Spyrus
- Verifone - Verifone
- Unisource nv - Unisource nv
- Wells Fargo Bank - Wells Fargo Bank
File name: draft-ietf-trade-iotp-v1.0-protocol-06.txt File name: [draft-ietf-trade-iotp-v1.0-protocol-07.txt]
Expires: March 2000 Expires: April 2000
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/