You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -76,7 +81,7 @@ This document defines an interoperability profile for implementations of the Sha
76
81
--- middle
77
82
78
83
# Introduction {#introduction}
79
-
SSF and CAEP together enable improved session security outcomes. This specification defines the minimum required features from SSF and CAEP that an implementation MUST offer in order to be considered as an interoperable implementation. This document defines specific use cases. An implementation may support only a subset of the use cases defined herein, and SHALL be considered an interoperable implementation for the specific use-cases it supports. The following use-cases are considered as a part of this specification:
84
+
SSF and CAEP together enable improved session security outcomes. This specification defines the minimum required features from SSF and CAEP that an implementation MUST offer in order to be considered as an interoperable implementation. This document defines specific use cases. An implementation MAY support only a subset of the use cases defined herein, and SHALL be considered an interoperable implementation for the specific use-cases it supports. The following use-cases are considered as a part of this specification:
80
85
81
86
Session Revocation
82
87
: A SSF Transmitter or Receiver is able to respectively generate or respond to the CAEP session-revoked event
@@ -100,10 +105,16 @@ The Transmitter Configuration Metadata MUST include the `delivery_methods_suppor
100
105
The Transmitter Configuration Metadata MUST include the `jwks_uri` field, and its value MUST provide the current signing key of the Transmitter.
The Transmitter Configuration Metadata MUST include the `configuration_endpoint` field. The specified endpoint MUST provide a way to Create a Stream.
108
+
The Transmitter Configuration Metadata MUST include the `configuration_endpoint` field. The specified endpoint MUST support the `POST` method in order to be able to create a stream.
104
109
105
110
### Status Endpoint {#status-endpoint}
106
-
The Transmitter Configuration Metadata MUST include the `status_endpoint` field. The specified endpoint MUST provide a way to Get and Update the Stream Status. The Transmitter MUST be able to pause and restart streams. For streams that are paused, the Transmitter MUST specify (offline) the resource constraints on how many events it can keep, or for how long. The way a Transmitter specifies this information is outside the scope of the SSF spec.
111
+
The Transmitter Configuration Metadata MUST include the `status_endpoint` field. The specified endpoint MUST support the `GET` and `POST` methods in order to get and update the stream status respectively. The Transmitter MUST support the following values in an Update Stream Status request:
112
+
113
+
* `enabled`
114
+
* `paused`
115
+
* `disabled`
116
+
117
+
For streams that are `paused`, the Transmitter MUST specify (offline) the resource constraints on how many events it can keep, or for how long. The way a Transmitter specifies this information is outside the scope of the SSF spec.
The Transmitter Configuration Metadata MUST include the `verification_endpoint` field. The specified endpoint MUST provide a way to request verification events to be sent.
@@ -121,13 +132,12 @@ The Transmitter Configuration Metadata MUST include the `authorization_schemes`
121
132
In all streams created by the Transmitter, the following MUST be true:
122
133
123
134
#### Delivery {#common-delivery}
124
-
The `delivery` field MUST be present in the Configuration of any Stream generated by the Transmitter, and its value MUST include the following:
135
+
A Transmitter MUST be able to accept a Create Stream request that includes either of the following delivery methods:
125
136
126
-
~~~ json
127
-
{
128
-
"method": "urn:ietf:rfc:8935"
129
-
}
130
-
~~~
137
+
* urn:ietf:rfc:8935 (Push)
138
+
* urn:ietf:rfc:8936 (Poll)
139
+
140
+
The `delivery` field MUST be present in the Configuration of any Stream generated by the Transmitter, and its value MUST include one of the two delivery methods listed above.
131
141
132
142
#### Stream Control
133
143
The following Stream Configuration API Methods MUST be supported:
@@ -147,8 +157,8 @@ The following Stream Configuration API Methods MUST be supported:
147
157
## Receivers {#common-receivers}
148
158
Receivers MUST implement the following features:
149
159
150
-
### Push Delivery {#common-receiver-push}
151
-
Receivers MUST be able to accept events using the Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} specification.
160
+
### Delivery Methods {#common-receiver-delivery}
161
+
Receivers MUST be able to accept events using the Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} specification and the Poll-Based Security Event Token (SET) Delivery Using HTTP {{RFC8936}} specification.
0 commit comments