Permalink
Browse files

reviewed and modified : 2nd Half of the spec

  • Loading branch information...
1 parent 0b0d04d commit 442e4afdc77c4b294e471ed7f96b3a8f624e7601 hdknr committed Oct 22, 2010
@@ -1,6 +1,6 @@
<section title="Accepting OpenID Artifact Binding Request">
-<t>When an End User request a OpenID Artifact Binding request, the OP SHOULD check if that request includes extensions named "cx".
+<t>When an End User request a OpenID Artifact Binding request, the Signatory as OP SHOULD check if that request includes extensions named "cx".
</t>
</section>
@@ -9,25 +9,25 @@
<section title="Verify Proposal">
<t>
-If the End User is authenticated properly and OpenID request file containes "cx" extension,the CX Proposal Token signature MUST be verified in the way described in {{ xref.JSON_SIMPLE_SIGN_1_0 }}.
+If the End User is authenticated properly and OpenID request file containes "cx" extension,the Proposal Token signature MUST be verified in the way described in {{ xref.JSON_SIMPLE_SIGN_1_0 }}.
</t>
<t>
-All CX Reqeust Tokens in "reqs" array MUST be verified.
+All Reqeust Tokens in "reqs" array MUST be verified.
</t>
</section>
<section title="Grants from End User">
<t>
-If CX Proposal and CX Requests in it are valid, OP MUST display "template" and what exactly each party requests to the End User. To compose a contract, the End User MUST agree the content displayed by OP.
+If Proposal and all Requests in it are valid, the Signatory MUST display "template" and what exactly each Party requests to the End User. To compose a Contract, the End User MUST agree the content displayed by Signatory.
</t>
</section>
<section title="Compose Acceptance for Each Request">
<t>
-If the End User agree, OP creates two CX Acceptance JSON objects for each CX Request, one for data requesting party and the other for data responding party.
+If End User agrees, Signatory creates two Acceptance JSON objects for each Request, one for Client and the other for Server.
Privacy parameter MAY be different from each other.
</t>
@@ -37,16 +37,16 @@ Privacy parameter MAY be different from each other.
<section title="Compose Contracts">
<t>
-OP provides CX Contract JSON objects for all binding parties. Each Contract shares unique URI for "contract_id" member of it.
-All CX Acceptance JSON objects are stored in "acceptances" array member of that JSON object.
+Signatory provides Contract Part JSON objects for all Parties. Each Contract Part shares unique URI, Contract Identifier, as "contract_id" member of it.
+All Acceptance JSON objects are stored in "acceptances" array member of that JSON object.
</t>
<t>
-The original CX Proposal MUST be refered as "proposal_id" with its identifier. The digest of the Prooposal content MUST be appended as URI fragment.
+The original Proposal MUST be refered as "proposal_id" with its identifier. The digest segment of the Proposal Token MUST be appended as URI fragment.
</t>
<t>
-OP MUST publish the contract in exchange for "contract_id" and "party_id" from a party in the form of CX Contract Token which is the product of {{ xref.JSON_SIMPLE_ENC_1_0 }}.
+Signatory MUST publish Contract Part in exchange for "contract_id" and "party_id" from a Party in the form of Contract Token which is the product of {{ xref.JSON_SIMPLE_ENC_1_0 }}.
</t>
</section>
@@ -1,5 +1,5 @@
<t>
-Every data endpoint MUST provide access log record if it is requested by bound party.
+Every data endpoint MUST provide access log record if it is requested by Signatory.
Access log records MUST be also encrypted in {{ xref.JSON_SIMPLE_ENC_1_0 }}.
</t>
<t>
@@ -37,7 +37,7 @@ Default "log" parameter is an array of arrays in which following data are contai
</t>
<t>
-The following is a non-normative sample of CX Acesss Log.
+The following is a non-normative sample of acesss log.
</t>
<figure>
<artwork><![CDATA[
@@ -1,7 +1,7 @@
* type
* OPTIONAL,string(URI)
- * This can be negotiable with this parameter between bound parties, but default is http://specs.openid.net/cx/1.0/#access_log
+ * This can be negotiable with this parameter between Parities, but default is http://specs.openid.net/cx/1.0/#access_log
* logs
@@ -21,7 +21,7 @@
* proposal_id
* string(URI)
- * Identifier to original Proposal. Fragment(#) MUST be appended to the end of the original Proposal URI. The value of the fragment is the digest of the Propsal itself after optional digesting prefix separated colon(":"). Default digesting algorithm is SHA-256, so default prefix is "sha256:" if it is not specified.
+ * Identifier to original Proposal. The signature segment of the original Proposal Token MUST be appended to the end of the original Proposal URI as URI fragment.
* acceptances
@@ -1,10 +1,10 @@
* party_id
- * REQUIRED Value: An identfier of a party bound to the CX Contract. The data responding party MUST encrypt the data ith the public key of this party in the way defined in {{ xref.JSON_SIMPLE_ENC_1_0 }} .
+ * REQUIRED Value: An identfier of Party. Server MUST encrypt Privacy Data with the public key of Client in the way defined in {{ xref.JSON_SIMPLE_ENC_1_0 }} .
* contract_id
- * REQUIRED for the obligation endpoint. Value: CX Contract identfier including the obligation.
+ * REQUIRED. Value: Contract identfier.
* log
@@ -2,13 +2,14 @@
<section title="Endpoint">
<t>
-A party bound to a CX Contract MAY request data from a endpoint exposed by the other party bound to the same CX Contract. The endpoint of End User's privacy data is specified "endpoint" parameter of CX Request and Acceptance JSON.
+Client MAY request data from a endpoint exposed by Server bound to the same Contract.
+The endpoint of End User's Privacy Data is specified "endpoint" parameter of Request and Acceptance JSON.
</t>
<t>
Access log records MAY be requested in the same endpoint when "log" parameter is set to "true".
</t>
<t>
-Also bound parties MAY request CX Contract dicrectly. The endpoint URL is "contract_id" itself.
+Also Party MAY request its Contract Part Token dicrectly to Signagory. The endpoint URL for Contract Part Token is "contract_id" itself.
</t>
</section>
@@ -31,7 +32,7 @@ Also bound parties MAY request CX Contract dicrectly. The endpoint URL is "contr
<section title="Encrypted Response">
<t>
-Data response MUST be formed in {{ xref.JSON_SIMPLE_ENC_1_0 }} and encrypted for "party" in the request. Privacy data, CX Contract Token and CX access log MUST be returned in {{ xref.JSON_SIMPLE_ENC_1_0 }} with using valid public key of specified party.
+Data response MUST be formed in {{ xref.JSON_SIMPLE_ENC_1_0 }} and encrypted for "party" in the request. Privacy data, Contract Part Token and access log MUST be returned in {{ xref.JSON_SIMPLE_ENC_1_0 }} with using valid public key of specified party.
</t>
</section>
@@ -1,8 +1,8 @@
<t>
-OP and other bound party MAY send the status of the CX Contract to the endpoint specified by "notify" member of CX Proposal or CX Request.
-"status" query parameter MUST be a CX Status JSON object.
+Signatory and other Party MAY send the status of Contract to the endpoint specified by "notify" member of Proposal or Request.
+"status" query parameter MUST be a Status JSON object.
</t>
<t>
-RP and other bound party MAY request the CX Contract using Data Request mechanism.
+Signatory and Party MAY request their Contract Party Token using Data Request mechanism.
</t>
@@ -1,21 +1,21 @@
<section title="Responding a CX Contract in OpenID Assertion">
<t>
-If a RP request OpenID Artifact Binding assertion request and there is a CX Signed Contract to be bound to that, the OP MUST return it as a "cx" member of the assertion JSON object.
+If Proposer as RP request OpenID Artifact Binding assertion request and there is a Contract Part Token to be bound to that, the OP as Signatory MUST return it as a "cx" member of the assertion JSON object.
</t>
<figure>
<artwork><![CDATA[
{
...( OPENID ARTIFACT BINDING ASSERTION JSON MEMBERS ) ...,
- "cx" : "crypto_segment_of_cx_contract_token.claim_segment_of_cx_contract_token",
+ "cx" : "crypto_segment_of_cx_contract_part_token.claim_segment_of_cx_contract_part_token",
}
]]></artwork>
</figure>
<t>
-But if no CX Signed Contract is available at the time when RP requests the assertion, OP MUST return CX Status JSON object as "cx" member of assertion JSON object.
+But if no Contract Part is available at the time when RP requests the assertion, OP MUST return Status JSON object as "cx" member of assertion JSON object.
</t>
@@ -36,16 +36,16 @@ But if no CX Signed Contract is available at the time when RP requests the asser
<section title="Verifying Contract">
<t>
-If the "cx" member of assertion JSON object is a CX Contract Token string , RP MUST verify the signature of {{ xref.JSON_SIMPLE_SIGN_1_0 }} first. RP MUST store the CX Contract Token if it is valid {{ xref.JSON_SIMPLE_SIGN_1_0 }}.
+If the "cx" member of assertion JSON object is a Contract Part Token string , Proposer MUST verify the signature of {{ xref.JSON_SIMPLE_SIGN_1_0 }} first. Proposer MUST store the Contract Part Token if it is valid {{ xref.JSON_SIMPLE_SIGN_1_0 }}.
</t>
<t>
-RP SHOULD explain to the End User that a CX Contract has been successfully created and now RP is ready to request data according to the contract.
+Proposer SHOULD explain to the End User that a Contract has been successfully created and now Proposer or Cleints is ready to request data according to the Contract.
</t>
<t>
-If the "cx" member is a CX Status JSON object, RP SHOULD explain to the End User that a CX Contract has not been created yet at OP and the reason by "status" member of the CX Status JSON object. RP MAY be notified later that a CX Contract is created by the OP.
+If the "cx" member is a Status JSON object, Proposer SHOULD explain to the End User that a Contract has not been created yet at Signagory and the reason by "status" member of Status JSON object. Signatory MAY be notified later that the Contract is created by the Signatory.
</t>
</section>
@@ -1,27 +1,28 @@
<section title="Advertising Service">
-<t>Before advertising CX Service, a RP MUST collect all CX Request token related to that service. Some CX Request token MAY be provided by any party other than the RP itself.</t>
+<t>Before advertising CX Service, Proposer MUST collect all Request token related to that Service.
+Some Request token MAY be provided by any party other than the Proposeritself.</t>
<t>
-A RP SHOULD provide an user interface like image button for End Users to click to go the CX service and the RP starts providing CX Proposal.
+Proposer SHOULD provide an user interface like image button for End Users to click to go to the Service and Proposer starts providing Proposal and CX process.
</t>
</section>
<section title="Providing CX Proposal">
<t>
-When an End User visits the particular CX Service at the RP, the RP firstly composes the CX Proposal for the End User.
-All CX Request token to be bound to the CX Contract MUST be included in "reqs" member of CX Proposal JSON object.
-CX Proposal JSON MUST be finally singed into a CX Proposal Token.
+When an End User visits the particular CX Service at the Proposer, the Proposer firstly composes a Proposal for the End User.
+All Request Token to be bound to the Contract MUST be included in "reqs" member of Proposal JSON object.
+Proposal JSON MUST be finally singed into a Proposal Token.
</t>
</section>
<section title="Start OpenID Artifact Binding Session">
<t>
-A CX Proposal is a extension of OpenID Artifact Binding. It SHOULD be a member of Artifact Binding Request file JSON object like in the following sample JSON:
+A Proposal Token is a extension of OpenID Artifact Binding. It SHOULD be a member of Artifact Binding Request file JSON object like in the following sample JSON:
</t>
@@ -35,6 +36,6 @@ A CX Proposal is a extension of OpenID Artifact Binding. It SHOULD be a member o
</figure>
<t>
-OpenID authentication request session MUST be started to the OP specified by the End User at the RP's CX service page.
+OpenID authentication request session MUST be started to the Signatory specified by the End User at the Proposer's CX Service page.
</t>
</section>
@@ -47,6 +47,10 @@
* Document which compose Contract and hold a couple of Acceptance and securely distributed to specific Party.
+* Token
+
+ * Signed JSON object which serialized into a formated string. Format is defined i n{{ xref.JSON_SIMPLE_SIGN_1_0 }}.
+
* Service
* Data or experience provided by Proposer to End User. Some Services consist of couple of End User's Privacy Data which are provided by Server and used by Client. Parties MUST fulfill Contract to collaborate to provide Service.
Oops, something went wrong.

0 comments on commit 442e4af

Please sign in to comment.