Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extra detail on polling for in-progress receipts #27

Merged
merged 1 commit into from
Aug 20, 2024
Merged

Extra detail on polling for in-progress receipts #27

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 44 additions & 5 deletions draft-ietf-scitt-scrapi.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,7 +264,7 @@ Fresh receipts may be requested through the resource identified in the Location
#### Status 202 - Registration is running

~~~ http-message
HTTP/1.1 202 Ok
HTTP/1.1 202 Accepted

Location: https://transparency.example/receipts\
/urn:ietf:params:scitt:signed-statement\
Expand All @@ -275,7 +275,7 @@ Retry-After: <seconds>

{

"receipt": "urn:ietf:params:scitt:receipt\
"identifier": "urn:ietf:params:scitt:receipt\
:sha-256:base64url:5i6UeRzg1...qnGmr1o",

}
Expand All @@ -284,7 +284,7 @@ Retry-After: <seconds>

The response contains a reference to the receipt which will eventually be available for the Signed Statement.

If 202 is returned, then clients should wait until Registration succeeded or failed by polling the receipt endpoint using the receipt identifier returned in the response.
If 202 is returned, then clients should wait until Registration succeeded or failed by polling the Resolve Receipt endpoint using the identifier returned in the response.

#### Status 400 - Invalid Client Request

Expand Down Expand Up @@ -461,6 +461,8 @@ Accept: application/cose

Response:

#### Status 200

If the Signed Statement requested is already included in the Append-Only Log:

~~~ http-message
Expand All @@ -478,7 +480,9 @@ Payload (in CBOR diagnostic notation)
])
~~~

If the Signed Statement requested is not yet included in the Append-Only Log:
#### Status 202

If registration of the Signed Statement requested is in progress but not yet included in the Append-Only Log:

~~~ http-message
HTTP/1.1 202 Ok
Expand All @@ -492,7 +496,42 @@ Retry-After: <seconds>
}
~~~

Additional eventually consistent operation details MAY be present.
#### Status 404

If the Signed Statement requested is neither registered in the log nor subject to an in-progress registration:

~~~
HTTP/1.1 404 Not Found
Content-Type: application/json

{
"type": "urn:ietf:params:scitt:error\
:receipt:not-found",
"detail": \
"Signed Statement not known to this Transparency Service."
}
~~~

#### Status 429

If a client is polling for an in-progress registration too frequently then the Transparency Service MAY, in addition to implementing rate-limiting, return a 429 response:

~~~
HTTP/1.1 429 Too Many Requests
Content-Type: application/json
Retry-After: <seconds>

{
"type": "urn:ietf:params:scitt:error\
:receipt:too-many-requests",
"detail": \
"Too Many Requests. Only <number> requests per <period> are allowed."
}
~~~

#### Eventual Consistency

For all responses additional eventually consistent operation details MAY be present.
Support for eventually consistent Receipts is implementation specific, and out of scope for this specification.

### Resolve Issuer
Expand Down
Loading