Professional Documents
Culture Documents
Open Peer - Protocol Specification
Open Peer - Protocol Specification
Contents
Abstract ....................................................................................................................................................... 12
Design Considerations ................................................................................................................................ 15
Key Object Concepts ................................................................................................................................... 16
Identity ................................................................................................................................................ 16
Asserted Identity ................................................................................................................................. 16
Identity Lookup Server ........................................................................................................................ 16
Identity Signing Service ....................................................................................................................... 16
Identity Provider ................................................................................................................................. 16
Peer Contact........................................................................................................................................ 16
Peer ..................................................................................................................................................... 16
Peer Location ...................................................................................................................................... 16
Peer URI .............................................................................................................................................. 16
Peer Domain........................................................................................................................................ 17
Peer Finder .......................................................................................................................................... 17
Bootstrapper ....................................................................................................................................... 17
Bootstrapped Network ....................................................................................................................... 17
Public Peer File .................................................................................................................................... 17
Private Peer File .................................................................................................................................. 17
Peer Pair .............................................................................................................................................. 17
Provisioning Service ............................................................................................................................ 17
Peer Service......................................................................................................................................... 17
The "peer:" URI scheme .............................................................................................................................. 18
Syntax: ................................................................................................................................................. 18
Examples: ............................................................................................................................................ 18
Syntax (future extensions): ................................................................................................................. 18
Example future extensions: ................................................................................................................ 18
The "identity:" URI scheme ......................................................................................................................... 19
Syntax: ................................................................................................................................................. 19
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 1
Examples: ............................................................................................................................................ 19
The Makeup of the Public Peer File ............................................................................................................ 20
Section "A" (packaged and signed by identity's private key).............................................................. 20
Section "B" (packaged and signed by identity's private key) .............................................................. 20
Section "C" (packaged and signed by identity's private key) .............................................................. 20
Security Considerations ...................................................................................................................... 21
Example Public Peer File: .................................................................................................................... 21
The Makeup of the Private Peer File........................................................................................................... 24
Section "A" .......................................................................................................................................... 24
Section "B" (encrypted using the method described in Section A) .................................................... 24
Security Considerations ...................................................................................................................... 25
Example Private Peer File.................................................................................................................... 25
Overall Network Architecture ..................................................................................................................... 27
Network Diagram ................................................................................................................................ 27
Network Components ......................................................................................................................... 27
Limitations to Scope of Open Peer Specification ................................................................................ 28
RUDP Protocol............................................................................................................................................. 29
Overall Design Goals ............................................................................................................................... 29
Comparison to Other Protocols .............................................................................................................. 29
DCCP / DTLS ........................................................................................................................................ 29
TCP ...................................................................................................................................................... 30
SCP ...................................................................................................................................................... 30
RUDP Protocol Specification ............................................................................................................... 30
Open Peer Signalling Protocol .................................................................................................................... 38
Non Encrypted JSON Signalling Protocol ................................................................................................ 38
Encrypted JSON Signalling Protocol Using TLS ........................................................................................ 38
Encrypted JSON Signalling Protocol Using Messaging and Not Using TLS .............................................. 38
General Request, Reply, Notify and Result Formation Rules ..................................................................... 42
General Result Error Code Reasons ............................................................................................................ 44
301 Moved Permanently.................................................................................................................. 44
400 Bad Request .............................................................................................................................. 44
401 Unauthorized ............................................................................................................................ 44
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 2
Page 3
Inputs: ................................................................................................................................................. 56
Returns: ............................................................................................................................................... 56
Security Considerations ...................................................................................................................... 57
Example ............................................................................................................................................... 57
Lockbox Identities Update Request ........................................................................................................ 58
Purpose ............................................................................................................................................... 58
Inputs: ................................................................................................................................................. 58
Returns: ............................................................................................................................................... 58
Security Considerations ...................................................................................................................... 59
Example ............................................................................................................................................... 59
Lockbox Permission Grant Inner Frame .................................................................................................. 60
Purpose ............................................................................................................................................... 60
Inputs: ................................................................................................................................................. 60
Returns: ............................................................................................................................................... 60
Security Considerations ...................................................................................................................... 60
Example ............................................................................................................................................... 60
Lockbox Permission Grant Window Notification .................................................................................... 60
Purpose ............................................................................................................................................... 60
Inputs: ................................................................................................................................................. 60
Returns: ............................................................................................................................................... 60
Security Considerations ...................................................................................................................... 60
Example ............................................................................................................................................... 60
Lockbox Permission Grant Notification .................................................................................................. 61
Purpose ............................................................................................................................................... 61
Inputs: ................................................................................................................................................. 61
Returns: ............................................................................................................................................... 61
Security Considerations ...................................................................................................................... 61
Example ............................................................................................................................................... 61
Lockbox Permission Grant Complete Notification .................................................................................. 62
Purpose ............................................................................................................................................... 62
Inputs: ................................................................................................................................................. 62
Returns: ............................................................................................................................................... 62
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 4
Page 5
Page 6
Page 7
Inputs: ................................................................................................................................................. 79
Returns: ............................................................................................................................................... 80
Security Considerations ...................................................................................................................... 80
Example ............................................................................................................................................... 80
Peer Service................................................................................................................................................. 82
Peer Services Get Request ...................................................................................................................... 82
Purpose ............................................................................................................................................... 82
Inputs: ................................................................................................................................................. 82
Returns: ............................................................................................................................................... 82
Security Considerations ...................................................................................................................... 82
Example ............................................................................................................................................... 82
Peer Salt Service Protocol ........................................................................................................................... 84
Signed Salt Get Request .......................................................................................................................... 84
Purpose ............................................................................................................................................... 84
Inputs: ................................................................................................................................................. 84
Returns: ............................................................................................................................................... 84
Security Considerations ...................................................................................................................... 84
Example ............................................................................................................................................... 84
Peer Common Protocol ............................................................................................................................... 86
Peer Publish Request .............................................................................................................................. 86
Purpose ............................................................................................................................................... 86
Inputs .................................................................................................................................................. 86
Outputs ............................................................................................................................................... 87
Security Considerations ...................................................................................................................... 87
Example ............................................................................................................................................... 87
Peer Get Request .................................................................................................................................... 88
Purpose ............................................................................................................................................... 88
Inputs .................................................................................................................................................. 88
Outputs ............................................................................................................................................... 89
Security Considerations ...................................................................................................................... 89
Example ............................................................................................................................................... 89
Peer Delete Request ............................................................................................................................... 90
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 8
Purpose ............................................................................................................................................... 90
Inputs .................................................................................................................................................. 90
Outputs ............................................................................................................................................... 91
Security Considerations ...................................................................................................................... 91
Example ............................................................................................................................................... 91
Peer Subscribe Request .......................................................................................................................... 91
Purpose ............................................................................................................................................... 91
Inputs .................................................................................................................................................. 91
Outputs ............................................................................................................................................... 92
Security Considerations ...................................................................................................................... 92
Example ............................................................................................................................................... 92
Peer Publish Notify.................................................................................................................................. 93
Purpose ............................................................................................................................................... 93
Inputs .................................................................................................................................................. 93
Outputs ............................................................................................................................................... 93
Security Considerations ...................................................................................................................... 93
Example ............................................................................................................................................... 93
Peer Finder Protocol ................................................................................................................................... 95
Session Create Request........................................................................................................................... 95
Purpose ............................................................................................................................................... 95
Inputs .................................................................................................................................................. 95
Outputs ............................................................................................................................................... 95
Security Considerations ...................................................................................................................... 95
Example ............................................................................................................................................... 95
Session Delete Request ........................................................................................................................... 96
Purpose ............................................................................................................................................... 96
Inputs .................................................................................................................................................. 97
Outputs ............................................................................................................................................... 97
Security Considerations ...................................................................................................................... 97
Example ............................................................................................................................................... 97
Session Keep-Alive Request .................................................................................................................... 97
Purpose ............................................................................................................................................... 97
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 9
Inputs .................................................................................................................................................. 97
Outputs ............................................................................................................................................... 98
Security Considerations ...................................................................................................................... 98
Example ............................................................................................................................................... 98
Peer Location Find Request (single point to single point) ...................................................................... 98
Request Flow....................................................................................................................................... 98
Peer Location Find Request (A) ........................................................................................................... 99
Peer Location Find Result (B) ............................................................................................................ 101
Peer Location Find Request (C) ......................................................................................................... 101
Peer Location Find Request (D)......................................................................................................... 102
Peer Location Find Reply (E) ............................................................................................................. 103
Peer Location Find Reply (F) ............................................................................................................. 105
Peer Location Find Reply (G) ............................................................................................................. 106
Peer Location Find Request (single point to multipoint when challenged).......................................... 106
Request Flow..................................................................................................................................... 106
Peer Location Find Request (H)......................................................................................................... 107
Peer Location Find Request (I) .......................................................................................................... 107
Peer Location Find Reply (J) .............................................................................................................. 108
Peer Location Find Reply (K) ............................................................................................................. 109
Peer Location Find Reply (L) .............................................................................................................. 110
Peer To Peer Protocol ............................................................................................................................... 111
Peer Identify Request............................................................................................................................ 111
Purpose ............................................................................................................................................. 111
Inputs ................................................................................................................................................ 111
Outputs ............................................................................................................................................. 111
Security Considerations .................................................................................................................... 111
Example ............................................................................................................................................. 112
Peer Keep-Alive Request ....................................................................................................................... 113
Purpose ............................................................................................................................................. 113
Inputs ................................................................................................................................................ 113
Outputs ............................................................................................................................................. 113
Security Considerations .................................................................................................................... 113
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 10
Page 11
Abstract
The holy grail of communication on the Internet has been to allow peer-to-peer communication without
the requirement of any centralized servers or services. A peer-to-peer approach offers some key
advantages over a centralized server approach:
1) Greater network resilience peers can continue to function independent of servers and can operate
even if servers are down
2) Increased privacy and security peers communicate directly thus the data is not centralized in one
location where it can be spied upon by corporations, governments, 3rd parties or hackers.
3) Decreased cost without the need of servers, the cost to host, administer, store and relay data is
reduced substantially
4) Scalability a peer to peer network doesn't require servers to scale as the peers can operate
amongst themselves
Unfortunately, the goal of peer-to-peer and the reality of peer-to-peer do not match. Centralization of
data into the Internet cloud is prolific and firewalls frequently impede direct peer-to-peer
communication making peer-to-peer connection extremely difficult to setup and challenging to
architect.
What further reduces the proliferation of peer-to-peer is a lack of standardization, openness and
ubiquity of the technology. The standards bodies have been working for years on firewall traversal
techniques and standardization of the approaches and a new joint effort called WebRTC between the
W3C and IETF on how browsers can directly communication between browsers to move media. This
joint effort does not specify how signalling happens between peers so it's not a complete solutions on its
own.
Performing peer-to-peer approach to signalling has been notoriously difficult for a variety of reasons:
1) Without a publicly addressable intermediate 'server' machine to initiate communication, two peers
behind firewalls are never able to communicate with each other. Thus, a peer network almost always
requires some sort of rendezvous and relay servers to initiate contact between peers behind firewalls
(and firewalls tend to be used more frequently than not for end users).
2) Automatically promoting the few publically addressable home machines into rendezvous and relay
servers is not the best option. Average users tend to not want to have their home/work machines to be
automatically promoted to rendezvous and relay servers since it consumes their bandwidth and costs
them to relay traffic for others who "leech" off their bandwidth. This cost factor causes end users to
intentionally shutdown protocols that promote end user machines into servers. Over time, the number
of average users willing to have their machines operate as servers for the benefit of those leeching
decreases relative to the number of those whom leech off those servers until the entire system
collapses with a too great server/leech ratio. As an example, Skype's network collapsed for this very
reason and they were forced to setup their own super nodes to handle the load.
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 12
3) Some peer-to-peer networks require ports to be opened on a firewall to operate. Where possible,
peers will register themselves with UPnP to open the ports when the firewall automatically.
Unfortunately, many firewalls lack the ability to automatically open ports or actively disallow this
feature for fear that this opens the network to security holes. If opening ports automatically is not
possible then users are required to open ports manually. Thus only the technically savvy can perform
this task and such peer networks tend to be limited to those who are technically savvy. This is not a
universal solution since it assumes too much technical ability and responsibility of the end user.
4) Many peer networks rely on mutual peers not behaving in an evil manner. Peers that do not act in an
altruistic fashion can easily disrupt these networks. When all peers behave properly there is no problem
with such a network; however, the moment an 'evil' node or cluster of 'evil' nodes is injected into the
peer network, parts or all of the network can suffer fatal issues and security can be compromised.
Open Peer is peer-to-peer signalling protocol taking advantages of the IETF advances of firewall
penetration techniques for moving media and adds a layer to performs the media signalling in a peer-topeer fashion but does expect that a minimal requirement of rendezvous servers existing. Beyond the
initial rendezvous to get past firewalls, the servers should drop out of the protocol flow and are no
longer required.
Open Peer was designed with these main goals in mind:
1) Openness a protocol is freely available for anyone to implement.
2) Greater network resilience peers can continue to function and interoperate even if servers are
down.
3) Increased privacy and security peers communicate directly in a secure fashion designed to protect
against network ease dropping, forged communication or spying by 3rd parties or being a convenient
data mining target for hackers as the information does not flow through centralized servers.
4) Federation the protocol makes it easy for users on one service to communicate with users on
another independent service offering.
5) Identity protection the ability of users to easily provide proof of their identity using existing social
platforms while protecting these identities from spoofed by others.
6) Decreased cost without the need to continuously relay signalling or media through centralized
servers, the costs to host, administer, relay, replicate, process and store data on servers while providing
5 9s uptime is decreased.
7) webRTC enabling protocol designed to be the engine that allows webRTC to function, supporting
federation of independent websites and services, provide security and online identity protection and
validation, and peer-to-peer signalling bypassing the need for heavy cloud based infrastructure.
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 13
8) Scalability whether starting at 50 users or moving beyond 5,00,000 users, the protocol is designed
to allow for easy scalability by removing the complexity of communications out of the servers.
Page 14
Design Considerations
The Open Peer Protocol has several design considerations to address the realities of the Internet
infrastructure while delivering the functionality required:
Must allow any peer to connect to any other peer (if authorized).
Must understand firewall principles and to offer an architecture which factors that firewalls are
prevalent and within the natural scope of the architecture's basic design.
Must accept that it's not always desirable to have peer machines automatically promoted to
rendezvous servers.
Must allow additional services to be layered onto of the architecture
Must enable peers to find each other using directory services.
Must enable secure peer-to-peer communication without penetration or monitoring by third
parties.
Must allow peers to perform identity validations.
Must allow anonymous peers, i.e. similar to unlisted and non-guessable phone numbers.
Must allow for differing server rendezvous architectures, i.e. anywhere from peer-to-peer selforganized models to centralized network layouts are to be abstracted from the protocol.
Must not require end user signed certificates from a known authority chain for each peers on
the network to establish secure communications.
Must not require end users or administrators to configure firewalls or open ports under normal
circumstances.
Page 15
Page 16
Peer Domain
A Peer is always connected to a Peer Domain and the domain is the organization responsible for
managing the connected peers.
Peer Finder
A Peer Finder is a rendezvous server that keeps track of connected peers at their peer locations since
they are connected in a dispersed fashion through a peer domain. A peer finder will utilize a database
(typically distributed) to facilitation the introduction of peer communication on the same domain or
across domains.
Bootstrapper
A Bootstrapper is the introductory server where peers first go to be introduced to one (or more) Peer
Finders. Peers should attempt to connect to introduced Peer Finders in order to gain entry to the Peer
Domain. Once a Peer is connected to a Bootstrapped Network, the Peer should no longer require
communication back to the Bootstrapper unless access to previously introduced Peer Finders are no
longer accessible.
Bootstrapped Network
A Bootstrapped Network is the representation of the entire peering network that was introduced from a
Bootstrapper.
Public Peer File
A file that contains a cryptography public key for secure conversations, information required to locate
the Peer Contact within a Peer Domain, information to authorize a connection to that Peer by another
Peer and public Identities associated to a peer. Any Peer without the correct Public Peer File for another
Peer Contact will be unable to connect to that peer. A directory service can host and offer these Public
Peer Files between peers but without this file no communication is possible between peers (thus
allowing for "unlisted" peers).
Private Peer File
A file that contains a private key to be the pair of a public key inside the Public Peer file that is used by a
Peer to be used to establish secure communications between Peers. The Private Peer File is encrypted
and can only be decoded with the correct key.
Peer Pair
A file pairing consisting of both a Public Peer File and a Private Peer File.
Provisioning Service
A service that provides account creation and account profile maintenance.
Peer Service
Any additional services offered to peers are done through what is called a Peer Service. Examples of
such services are those that perform identity assertion, TURN or future services like video conferencing
mixers.
Page 17
Page 18
Page 19
Page 20
The public key is used as a way to send the peer privately encrypted data from another source. As long
as the other source has the correct public key it is possible to establish direct secure communication by
exchanging keys using public/private keys as the encryptions method.
The salt is used in Section "A" to establish randomness into the files that is not forgeable or controllable
by the creator of the file this ensuring that hashes are dispersed based on randomness being present.
Asserted identities are used to prove the owner of the peer file is whom they claim to be.
Extension data is arbitrary for future extension of the peer file.
The peer's contact ID is used to prove that Section "B" and Section "C" correlates properly to section "A"
and isn't two or three distinct files being glued together as a forgery.
Security Considerations
The Section "A" bundle must contain salt that has been signed by the salt service whose certificate is still
within the window of validity. Further the Section "A" bundle must be signed by a self-signed certificate
whose certificate is included in the signature of the bundle. This ensures the integrity of the Section "A"
bundle and ensures anyone who has Section "A" knows the public key for the peer.
Section "B" includes a finder secret that other peers will use to find the peer to which the peer file
belongs.
Asserted Identities contained within section "C" can be verified whenever verification is needed.
Verification is dependent on the identity assertion type.
The integrity of Section "B" and Section "C" should be verified by ensuring that the public key contained
in Section "A" signed these sections. The URIs in these sections are not verified as it's up to the client
generating the URIs to generate resources that are accurate to the network and up to other peers to
ensure they are contacting identities they should be contacting.
Only elements contained within the signed sections are ever considered as part of the file. All other
elements are erroneous and should be discarded or ignored and when present. In Section "A",
erroneous elements outside the protection of a signature should never be used as part of the calculation
of the contact ID.
Example Public Peer File:
{
"peer": {
"$version": "1",
"sectionBundle": [
{
"section": {
"$id": "A",
"cipher": "sha256/aes256",
"created": 54593943,
Page 21
"expires": 65439343,
"saltBundle": {
"salt": {
"$id": "cf9c4688b014e13d8bdd2655912ffd3253f53768",
"#text": "Z3nfnDenen29291mfde21n"
},
"signature": {
"reference": "#cf9c4688b014e13d8bdd2655912ffd3253f53768",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "ODMxNmI3Mjd...MzIzYzk5Nzc0ZGY5MQ==",
"digestSigned": "DEfGM~C...0/Ez=",
"key": {
"$id": "db144bb314f8e018303bba7d52e",
"domain": "example.org",
"service": "salt"
}
}
}
},
"signature": {
"reference": "#A",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "OzIyMmI3NG...WJlOTY4NmJiOWQwYzkwZGYwMTI=",
"digestSigned": "G4Fwe...0E/YT=",
"key": { "x509Data": "MIID5jCCA0+gA...lVN" }
}
},
{
"section": {
"$id": "B",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"findSecret": "YjAwOWE2YmU4OWNlOTdkY2QxNzY1NDA5MGYy"
},
"signature": {
"reference": "#B",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "MWU4ODQwM2ZlOTQ...IzNDAyZTE0OWZkYg==",
"digestSigned": "MC0...E~LE=",
"key": { "uri": "peer://example.com/ab43bd44390dabc329192a392bef1" }
}
},
{
"section": {
"$id": "C",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"identities": {
"identityBundle": [
{
"identity": {
"$id": "b5dfaf2d00ca5ef3ed1a2aa7ec23c2db",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"uri": "identity://facebook.com/id48483",
"created": 54593943,
"expires": 65439343
},
"signature": {
"reference": "#b5dfaf2d00ca5ef3ed1a2aa7ec23c2db",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "IUe324koV5/A8Q38Gj45i4jddX=",
"digestSigned": "MDAwMDAwMGJ5dGVzLiBQbGVhc2UsIGQ=",
"key": {
"$id": "b7ef37...4a0d58628d3",
"domain": "hookflash.org",
"service": "identity"
}
}
},
{
"identity": {
Page 22
"$id": "0a9b2290343734118469e36d88276ffa6277d196",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"uri": "identity://twitter.com/booyah",
"created": 54593943,
"expires": 65439343
},
"signature": {
"reference": "#0a9b2290343734118469e36d88276ffa6277d196",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "IUe324koV5/A8Q38Gj45i4jddX=",
"digestSigned": "MDAwMDAwMGJ5dGVzLiBQbGVhc2UsIGQ=",
"key": {
"$id": "cb231aa9a9...eaf43f",
"domain": "twitter.com",
"service": "identity"
}
}
}
]
}
},
"signature": {
"reference": "#C",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "UrXLDLBIta6sk...oV5/A8Q38GEw44=",
"digestSigned": "MC0...E~LE=",
"key": { "uri": "peer://example.com/ab43bd44390dabc329192a392bef1" }
}
}
]
}
}
Page 23
Page 24
The "private peer file secret" proof is used so a server can verify a client does have the correct
information to request download of the Private Peer File. Only a client that knows the "private peer file
secret" would be able to generate the correct key proof in a challenge. The contact ID is combined with
the secret to add extra complexity into the secret to ensure no two users have the same stored secret
resulting hash should the private peer file is published into a database and two users use the same
secret value.
The encrypted private key is the private key pair matching the public key in the Public Peer File.
The encrypted Public Peer File is a complete encryption of the Public Peer File (i.e. all sections), thus
requiring only one file to store both the public and private key.
The encrypted private data is extension data for use for whatever purposes required by a client.
Security Considerations
The contact URI must be the computed hash based on Section "A" of the Public Peer File. The salt must
be cryptographically random. Both sections of the private peer file must be signed to ensure the
contents of the private peer file have not been modified by another entity and must be verified by the
client before the private peer file is used.
All data in this file is considered secure thus all data must be encrypted.
The "private peer file secret" should be a cryptographically random string that is sufficiently long to
protect the sensitive contents it encodes and should not derived from a user's password.
Example Private Peer File
{
"privatePeer": {
"$version": "1",
"sectionBundle": [
{
"section": {
"$id": "A",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"cipher": "sha256/aes256",
"salt": "YzY4NWUxMGU4M2ZjNzVkZWQzZTljYWMyNzUzZDAwNGM4NzE5Yjg1",
"secretProof": "NDlkZWI0MzFhYmUxOWQzNWJkNDkzMWZhMzFmMw=="
},
"signature": {
"reference": "#A",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "j6lw...x3rvEPO0vKtMup4NbeVu8nk=",
"digestSigned": "G4Fwe...0E/YT=",
"key": { "uri": "peer://example.com/ab43bd44390dabc329192a392bef1" }
}
},
{
"section": {
"$id": "B",
"encryptedContact": "cGVlcjo...NDNiZDQ0MzkwZGFiYzMyOTE5MmEzOTJiZWYx",
"encryptedPrivateKey": "jk483n2n~3232n/34nk323j...32fsjdneen2311=",
"encryptedPeer": "43j2332944bfdss323bjfjweke2dewbub3i...22dnnewne321~nn32n3j2/44=",
"encryptedPrivateData": "ZGM0MzQxODBjMTgxMDY2NGQ4MWE...GUwYjMzNmI4Nzk5OWU="
},
"signature": {
"reference": "#B",
Page 25
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "UrXLDLB...Ita6skoV5/A8Q38GEw44=",
"digestSigned": "MC0...E~LE=",
"key": { "uri": "peer://example.com/ab43bd44390dabc329192a392bef1" }
}
}
]
}
}
Page 26
Network Components
Bootstrapper a server that acts as an introductory server to the entire peer network. The Bootstrapper
exclusively talks over HTTPS to clients which must have a certificate issued from a trusted certificate
authority.
Salt Service a server that generates cryptographically strong salt and signs the salt as having come
from the server. This service is useful to ensure cryptographically strong random data has been correctly
used whenever it is critically important and especially when a server can't trust a client will generate
random data that is intentionally or accidently non-cryptographically random. The salt service
exclusively talks HTTPS to clients and the certificate authority as discovered from the Bootstrapper
service will sign the certificate.
Identity Service(s) servers that provide Identity Lookup or Asserted Identities for Identities such as
LinkedIn, Facebook or other 3rd party Identities. The weak form of an Asserted Identity allows a third
party like Hookflash Inc. to assert an Identity is correct when the Identity Provider does not offer an
Identity signing service themselves.
TURN server a server which is used to relay information on an 'as needed' basis when the firewall is of
a type where relaying is required to penetrate the firewall. The TURN service will talk the standard TURN
protocol.
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 27
Finder a server that keeps information about each Peer Contact's Peer Locations and assists Peers in
establishing the initial communication between Peers. The finder may allows a few requests over HTTPS
but most request must be directed over Message/RUDP/UDP or Message/SCP protocol. The requests
allowed over HTTPS are specifically mentioned with each allowed request.
Conference service this is an example service that could be utilized as a relay point when
communicating between peers in a conference scenario that would typically overwhelm a standalone
client's CPU or bandwidth, but no protocol has been yet defined for Open Peer.
Peer a peer is a client that uses the various services in the architecture to help with the establishment
of communication to other Peers. Once peers establish and communicate directly with other peers, they
should not required to utilize server infrastructure to maintain the communication (with the exception
possibly of using a TURN server). Peers use the Message/RUDP/UDP or Message/SCP protocol as their
initial connection and control protocol.
Limitations to Scope of Open Peer Specification
Open Peer defines the communication between the client and the Open Peer services but does not
delegate how the servers in the infrastructure communicate amongst each other. Open Peer does not
define how peer finders are allocated amongst peers. Open Peer allows Peers to treat servers as
potentially untrustworthy from a privacy perspective and thus the protocol was designed to keep
sensitive information from flowing through the servers or the servers having access to the keys to
decrypt the sensitive data. Open Peer does not dictate how the data contained within and between
servers be secured, only that the data must be secure.
Page 28
RUDP Protocol
Overall Design Goals
RUDP was designed to allow bi-direction FIFO (First-In-First-Out) congestion controlled streamed data
between two peers that is modelled after TCP, except that it is highly friendly to firewalls and utilizes
firewall friendly protocols and techniques to connect between peers. The RUDP can be used between
peers or from server to server.
TCP is a great protocol for signalling as it is reliable and messages are always delivered in order to a
report party in a FIFO manner. The major problem with TCP is that it is not firewall friendly for peer-topeer scenarios. TCP works great for peer-to-server where one entity is not located behind a firewall (i.e.
the server). However, TCP between peers using today's marketed firewalls is virtually impossible.
RUDP uses STUN/ICE/TURN as the basis for establishing peer-to-peer connections then uses a UDP
packaging technique to deliver application data. Additionally because RUDP is a FIFO based protocol like
TCP, it can layer protocols such as TLS directly above its transport with little to no change at all being
required (other than pumping the data through an RUDP socket instead of a TCP socket).
RUDP uses ICE to perform connectivity probes between peers and utilizes a STUN extension for
connecting, teardown, and reliable as well as unreliable data acknowledgements.
RUDP supports vector based acknowledgments and XOR bit parities to prevent malicious clients from
being able to pretend a download stream was downloading faster than the server is truly capable of
delivering.
RUDP further supports multiple channels with a single point-to-point connection and multiple connects
on a single port between multiple points. This allows for an existing connectivity probe to be reused for
sending additional streams of data without performing new connectivity checks.
RUDP does not offer security beyond connectivity security offered with STUN and ICE. However, TLS or
other mechanisms can be layered on top of RUDP to provide security and encryption.
RUDP is designed to be firewall friendly with minimal overhead.
Page 29
DCCP is not readably available on all platforms (requiring a layering over UDP on major platforms like
Windows. To utilize DCCP on windows would require manipulating RAW sockets and implementing the
full DCCP protocol from scratch. Alternatively, DCCP would have to run on top of UDP, which is an option
but adds overhead.
As such to utilize DCCP would have required a layer as:
[application level reliability layer] -> DTLS -> DCCP (optionally over UDP)
Further using DCCP would still require utilizing extension protocols to perform peer to peer firewall
probing in a manner like ICE performs.
DCCP was not chosen as the lack of data reliability, overhead and work involved to support all the layers
was not considered viable.
TCP
TCP is very similar to RUDP in capabilities with one exception: the ease to penetrate firewalls between
peers. TCP does not offer an ICE like mechanism to perform connectivity probes like ICE and thus was
not chosen as an acceptable protocol.
SCP
SCP is an alternative TCP like peer-to-peer communication protocol that messages can be relayed over
as an alternative to RUDP protocol should the underlying framework support SCP.
RUDP Protocol Specification
12345678901234567890123456789012345678901234567890123456789012345678901234567890
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Channel Number
|
Data Length
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Flags
|
Lower 24bits of Sequence Number
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Reserved
|
Lower 24bits of GSNR
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/
Options and Padding
/
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
/
Application Data
/
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Channel Number - in the same range as allowed by TURN (0x4000 -> 0x7FFF)
Data Length - how much application data is included in this packet after the
header (0 is a valid length)
Flags - See definition below
Lower 24bits of Sequence Number - lower 24 bits of the 64bit sequence number
Reserved - must be set to "0" on send and ignored upon receipt
Lower 24bits of GSNR - Lower 24bits of the 64bit GSNR (Greatest Sequence
Number Received). If no packets have been received this
should be set to the NEXT-SEQUENCE-NUMBER as received
from the remote party.
Options and padding - If the EQ bit is set to zero in the flags then the
vector/GSNFR is included as part of the header.
Application data - Application data at the length of the data length
Flags are defined as follows
0
Page 30
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
|P|P|X|D|E|E|A|R|
|S|G|P|P|C|Q|R| |
+-+-+-+-+-+-+-+-+
PS = Parity bit of sending packet (this packet)
PG = Parity of the Greatest Sequence Number Received (if no packets have been
received yet then this value is "0")
XP = XOR'd parity of all packets received up-to-and-including the GSNFR (if
no packets have been received then this value is "0")
DP = Duplicate packets have been received since the last ACK packet was sent.
EC = ECN (Explicit Congestions Notification) received on incoming packet
since last packet in sequence sent. If no packets have been received then
this value is set to "0".
EQ = GSNR == GSNFR (Greatest Sequence Number Received equals Greatest
Sequence Number Fully Received). If no packets have been received then
this value is set to "1".
AR = ACK required (must send a STUN "RELIABLE-CHANNEL-ACK"
indication/request or another packet with ACK information (i.e.
header only packet without data is okay).
R = RFFU (Reserved For Future Use). Must be set to "0" on sending and ignored
upon receipt
------------------------------------------------------------------------------This header is present in packet after the header if EQ flag is "0" (and
therefor cannot be present if no packets were received from the remote party
as the EQ value in this case must be "1").
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|P|Vector Length|
Lower 24bits of GSNFR
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/
[0...vector length] vector RLE information
.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.
[padded RLE to next DWORD alignment (if required)] /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
P - XOR'ed parity of all packets marked as received in the vector
(starting at the calculated XORed to-date-up-to-and-including the GSNFR)
Vector Length - Total vector size included after header as expressed in
DWORDs (if the only packet missing is the GSNFR+1 then
vector can be zero)
Lower 24 bits of GSNFR - The lower 24 bits of the 64bit GSNFR (Greatest
Sequence Number Fully Received).
The entire packet including header cannot be over the PMTU or 512 bytes
if not known.
Sender will estimate the receiver's packet window. The sender will only
send packets that are in the sequence number range from the last reported
GSNFR up to the end of the receiver's
estimated packet window, i.e.:
((sequence_number > GSNFR) &&
(sequence_number < (GSNFR + estimated_receivers_window)).
The sender will use a fairness algorithm to estimate the receiver's packet
window and adjust the window up and down according to its own policy on how
much data can be outstanding in the path in at half the RTT. The sender
can verify that the receiver has in fact received packets by way of the XOR'd
bit validation in a way that the receiver can't cheat and lie that it has
received packets when it has not. This prevents the receiver from maliciously
pretending it has received packets where it has not and causing the sender
to over-estimate the capacity of the path or miscalculate RTT by the
receiver acknowledging packets faster than it has actually received them.
The sender will cryptographically randomly choose a parity bit for every
packet is sends over the wire.
The sender will include the parity bit of the packet representing the GSNR
packet. The sender will include the XORed parity-to-date up-to-and-including
Page 31
Page 32
Page 33
Page 34
Page 35
Page 36
"remote" party.
When receiving a request, the remote will apply to the responder
and the local will apply the requester. When receiving a reply
the remote will apply to the requester and the local will apply
to the responder.
RFFU - All bits should be set to "0" and ignored upon receipt.
The second byte is RFFU.
This is a list of unsigned 16bit integers representing the congestions
profile algorithms offered or accepted. The preferred or selected algorithm
must be listed first. The order of the algorithms is assumed to be the
preferred order of the requester or responder. The responder must select an
algorithm within the list offered by the remote party.
Page 37
Message Size [4 bytes in network order] - The length of the raw JSON message about to be
received
JSON data the JSON message data to be receive of exactly the message size specified (no NUL
termination is required or expected).
Encrypted JSON Signalling Protocol Using Messaging and Not Using TLS
Open Peer has one important expectation difference from the typical TLS scenario and thus offers an an
alternative offering to TLS for signalling called "text/x-open-peer-json-mls", where MLS = Message Layer
Security as opposed to TLS which is Transport Layer Security).
TLS is majority used by HTTPS (although not exclusively) under a scenario where an anonymous client
without any public/private key connects to a server that has a public/private key whose identity is
validated from a trusted authority chain, such as VeriSign or Thawte. In such a situation, TLS requires
negotiation to establish a bidirectional channel with known trust chains to verify the servers identity and
prevent man-in-the-middle attacks without ever being able to validate the identity of the client (unless
prearranged private data is exchanged additionally in the application layer).
In the Open Peer case, all peers have a public and private key, without exception, be it peer to peer or
peer to server. In all cases, a peer initiating a connection always knows the public key of the designation
peer in advance (thus avoiding man-in-the-middle attacks) of the connection itself. Trust is established
via the Bootstrapper's introduction to services as well as Identity Providers that provide Asserted
Identities.
Open Peer connections can take advantage of this situation by utilizing the pre-known public key in the
initiating side to simplify the negotiation scenario and offer unidirectional encrypted streams.
Page 38
Encryption key algorithm selection (16 bits network byte order, upper 8 bits reserved and must
be set to "0") When negotiating, each number represents selected keys / algorithm pair for
use by the number chosen but "0" is used to represent a key/algorithm negotiation. Every "0"
key causes a reset of all encryption algorithms in progress to substitute with the values specified
in the "0" package. Each key / algorithm selected is selected from the supported
keys/algorithms offered to the remote party, but can only be select using algorithms the remote
party supports. As such, there is one mandated algorithm to ensure compatibility,
"http://openpeer.org/2012/12/14/jsonmls#aes-cfb-32-16-16-sha1", where the AES (Rijndael128) in CFB mode with a 32 byte key size, 16 byte block size, and a 16 byte feedback size with a
SHA1-HMAC.
32 bit - encrypted data bundle size
Data bundle, consisting of:
o JSON message encrypted using the algorithm/key selected
o hmac of the data encrypted using the algorithm/key selected
The advantage of pre-knowing the public key by the sender allows for unidirectional encryption with
different keys being used in each direction and allows for encryption to begin in both directions in a
single round trip negotiation.
Message level security is not to be used except for this specific scenario and only when the keys are preknown by the initiator of the connection and where both parties have public and private keys. Further,
this is a message centric encryption and not stream level encryption as offered by TLS. Any received
public key and Asserted Identities must be validated at the application layer by exchanging Asserted
Identity information in correlation with Public Peer Files.
The "0" package is sent in plain text in JSON format and the data bundle has a 0 byte size hmac since the
signature as part of the JSON package is used instead.
The "0" package contains the following:
Page 39
For the mandatory "aes-cfb-32-16-16-sha1" algorithm, the following algorithm input information is
used:
When the mandatory key is used, the AES CFB is initialized with these values and will continue to
encrypt payloads using this keying until a new "0" package arrives which would reset the algorithms with
new keying information for subsequent messages in the message stream. The hmac is calculated using
the following algorithm, hmac(<secret-key-string> + ":" + <sequence-number>, <decrypted-message>)),
where the sequence number starts at 1 and increments by 1 each time the same "encryption key
algorithm" is used (and resets back to 1 the next time a new "0" package is received). The sequence
number is appended to prevent the same message repeated from containing the same hmac hash proof
in the result.
Any sensitive data contained in the "0" package must be encrypted using the public key of the receiving
party. The entire package must be signed by the public key of the party sending the "0" package and the
receiver must validate this package's signature before it assumes any of the data sent in the package is
considered valid.
The party receiving the connection request cannot respond until it knows the corresponding public key
of the initiator of the request, which must match and verify the signature used in the initiator's original
"0" package. The "0" package must be the first package sent on the wire in either direction. The party
receiving the connection request must assume all data received via encrypted messages may not be
valid until it can verify the signature in the original "0" package and all subsequent "0" packages. The
public key used in the "0" packages must never change throughout the lifetime of the connection.
All keying information and salts must be generated using cryptographically random algorithms only.
The algorithms used for encrypting must be limited to the algorithms supported by the remote party,
but the mandatory "aes-cfb-32-16-16-sha1" algorithm must always be considered a valid algorithm
available in any minimal implementation.
Example of the "0" package is JSON in place text with the following data in the bundle:
{
"keyingBundle": {
"keying": {
"$id": "f25f588141f7232e40b1529667b8ea626d078d20",
"nonce": "11a9960ebfe2287c1e235aceb912d8d54532be05",
"expires": "348498329",
"algorithms": {
"algorithm": [
"http://openpeer.org/2012/12/14/jsonmls#aes-cfb-32-16-16-sha1",
"http://openpeer.org/2012/12/14/jsonmls#aes-cfb-16-16-16-md5"
]
Page 40
},
"keys": {
"key": [
{
"$id": 1,
"algorithm": "http://openpeer.org/2012/12/14/jsonmls#aes-cfb-32-16-16-sha1",
"inputs": {
"key": "Y21wclpXd...HFjbXgzWlhKbA==",
"iv": "Y21wclpXd...HFjbXgzWlhKbA==",
"hmacSecretKey": "VjFSSmVHUXlUbk5qU...aHVaV3hrYzJGRmRHbFJWREE1"
}
},
{
"$id": 2,
"algorithm": "http://openpeer.org/2012/12/14/jsonmls#aes-cfb-32-16-16-sha1",
"inputs": {
"key": "WTIxd2NscFhkSEZq...YlhneldsaEtiQT09",
"iv": "V1RJeGQyTnNjRmhrTGk...bGhuZWxkc2FFdGlRVDA5",
"hmacSecretKey": "ZmpGU1NtVkhVW...MQ=="
}
},
{
"$id": 3,
"algorithm": "http://openpeer.org/2012/12/14/jsonmls#aes-cfb-16-16-16-md5",
"inputs": {
"key": "Wm1wR1d4Vlltc...mtwWFVrVkZNUT09",
"iv": "V20xd1IxZDRWbGx...dGVnJWa1pOVVQwOQ==",
"hmacSecretKey": "VjIweGQxSXhaRFJX...WUXdPUT09"
}
}
]
}
},
"signature": {
"reference": "#f25f588141f7232e40b1529667b8ea626d078d20",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "OzIyMmI3NG...WJlOTY4NmJiOWQwYzkwZGYwMTI=",
"digestSigned": "G4Fwe...0E/YT=",
"key": { "uri": "peer://example.com/ab43bd44390dabc329192a392bef1" }
}
}
}
Page 41
Page 42
signatures properly. The "$" prefix was chosen specifically because it is a non special variable name in
JavaScript where JSON has been most prominently adopted but yet still denotes a special character for
the sake of JSON/XML conversions.
JSON objects that have member string:value pairs that start with "$" in their string parts are only
allowed to contain string, number, true, false or null values. JSON objects that have a member
string:value pair with the string part equal to "#text" can only have a string as the corresponding value.
This restriction is put into Open Peer to allow for easy JSON/XML conversions.
All base64 encoding/decoding routines must use standard/common encoding scheme, without line
breaks and with padding used for unused bytes.
The client may receive an error complaining that a request has expired if the client's clock was set wrong
(401). Hence in every result, the epoch of the server will be sent for the client to detect potential clock
errors. To reduce issues, the client should use a secure NTP service to set its own clock at some point
before initiating contact to a server or another peer.
The client is responsible for disconnecting at all times from the server. In the case of peer to peer, the
initiating peer is considered the client role and the receiving peer plays the server role.
There are exceptions to this rule. The server will close a connection without warning based on two
inactivity time-outs. The larger timeout is based upon an expiry window when the entity is known or
"registered" to the server. The smaller timeout window of inactivity (chosen and unspecified at the
discretion of the server) is based on not having received any request or notification on a channel within
that defined timeframe. If either of those two timeouts occurs, the server may disconnect which is
typically the responsibility of the client. The server may disconnect any client it sees as likely malicious
behaviour.
If a client disconnects without sending the unregister request, the server should assume the client
disconnected prematurely and will discard any associated sessions.
Other disconnection rules are specified whenever they are exceptions to the rule or the exceptions.
Page 43
The reasons codes closely match the HTTP error code specification for familiarity. Error results may
contain additional information depending on the error and requirements of the error result.
301 Moved Permanently
The requested Peer Contact has changed and is now registering itself under a new Peer Contact. The
client's response should be to resolve again the Identity that pointed to the original Peer Contact in an
attempt to locate the new Peer Contact.
400 Bad Request
The method in the request is not valid.
401 Unauthorized
One of the security checks has failed to pass in the request. The server may issue information on what
exactly failed to authorize to assist debugging the issue.
403 Forbidden
The data specified is invalid and fixing any security check issues will not fix the situation. The server may
issue information on what exactly was the issue with the data to assist debugging the issue.
404 Not Found
This error is returned if the requested Peer Contact, session or other resource is not found. This error is
also returned from any request where the session or Peer Contact was valid but is no longer valid, e.g.
situations where requests have been made to sessions which have already been unregistered yet
unknown to the connected client due to the nature of asynchronous eventing.
A 404 error does not mean the resource never existed or will not exist in the future. The contact may
not be registered at this time and that would cause a 404 error even though in the past it may have
been registered.
409 - Conflict
A conflict has occurred, such as an edit conflict with version numbers.
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 44
Page 45
Page 46
o URI
o Other request specific information
Public key information (optional) used when protocol used is not based on a root certificate
authority
Security Considerations
The client must ensure the server has an HTTPS certificate that was issued by a root certificate authority
and that the certificate offered by the server is still within the X.509 validity date. The certificate
authority for some Bootstrapped Networks may be pre-built into a client application and verified as
accurate and can respond to mismatch as deemed appropriate by the client. The client may issue more
than one certificate per service should an overlap window of X.509 certificate validity be required.
The server does not need to know or verify a client's intentions.
A 302-redirect error response can be returned by this response to allow the request to be redirected to
another server. This allows this service to be easily hosted as needed.
The request nor the response should have an ID associated with the request/response and should not
include an epoch. This is the only request in the system that has this exception. This allows for a hardcoded file to be uploaded on a server as the response to any request on the system to allow for easy
service delegation without installing any server side scripting.
Example
{
"request": {
"$domain": "example.com",
"$handler": "bootstrapper",
"$method": "services-get"
}
}
{
"result": {
"$domain": "example.com",
"$handler": "bootstrapper",
"$method": "services-get",
"$timestamp": 439439493,
"services": {
"service": [
{
"$id": "9bdd14ddad8465b6ee3fdd174b5d5bd2",
"type": "bootstrapper",
"version": "1.0",
"methods": {
"method": {
"name": "services-get",
"uri": "https://bootstrapper.example.com/services-get"
}
}
},
{
"$id": "596c4577a4efb2a13ded43a3851b7e51577ad186",
"type": "bootstrapped-finders",
"version": "1.0",
"methods": {
"method": {
Page 47
"name": "finders-get",
"uri": "https://finders.example.com/finders-get"
}
}
},
{
"$id": "596c4577a4efb2a13ded43a3851b7e51577ad186",
"type": "certificates",
"version": "1.0",
"methods": {
"method": {
"name": "certificates-get",
"uri": "https://certificates.example.com/certificates-get"
}
}
},
{
"$id": "0c16f792d6e0727e0acdd9174ae737d0abedef12",
"type": "identity-lockbox",
"version": "1.0",
"methods": {
"method": [
{
"name": "public-peer-files-get",
"uri": "https://peer-contact.example.com/public-peer-files-get"
},
{
"name": "peer-contact-login",
"uri": "https://peer-contact.example.com/peer-contact-login"
},
{
"name": "private-peer-file-get",
"uri": "https://peer-contact.example.com/private-peer-file-get"
},
{
"name": "private-peer-file-set",
"uri": "https://peer-contact.example.com/private-peer-file-set"
},
{
"name": "peer-contact-identity-associate",
"uri": "https://peer-contact.example.com/peer-contact-identity-associate"
},
{
"name": "peer-contact-identity-association-update",
"uri": "https://peer-contact.ex.com/peer-contact-identity-association-update"
},
{
"name": "peer-contact-services-get",
"uri": "https://peer-contact.example.com/peer-contact-services-get"
}
]
}
},
{
"$id": "d0b528b3f8e66455d154b1deac1e357e",
"type": "identity-lockbox",
"version": "1.0",
"methods": {
"method": [
{
"name": "lockbox-access",
"uri": "https://lockbox.example.com/lockbox-access"
},
{
"name": "lockbox-identities-update",
"uri": "https://lockbox.example.com/lockbox-identities-update"
},
{
"name": "lockbox-permissions-grant-inner-frame",
"uri": "https://lockbox.example.com/lockbox-permissions-grant-inner-frame"
},
Page 48
{
"name": "lockbox-content-get",
"uri": "https://lockbox.example.com/lockbox-content-get"
},
{
"name": "lockbox-content-set",
"uri": "https://lockbox.example.com/lockbox-content-set"
},
{
"name": "lockbox-admin-inner-frame",
"uri": "https://lockbox.example.com/lockbox-admin-inner-frame"
}
]
}
},
{
"$id": "d0b528b3f8e66455d154b1deac1e357e",
"type": "identity-lookup",
"version": "1.0",
"methods": {
"method": [
{
"name": "identity-lookup-check",
"uri": "https://identity-lookup.example.com/identity-check"
},
{
"name": "identity-lookup",
"uri": "https://identity-lookup.example.com/identity-lookup"
}
]
}
},
{
"$id": "f98b4d1ff0f1acf3054fefc560866e61",
"type": "identity",
"version": "1.0",
"methods": {
"method": [
{
"name": "identity-access-inner-frame",
"uri": "https://identity.example.com/identity-access-inner-frame"
},
{
"name": "identity-access-validate",
"uri": "https://identity.example.com/identity-access-validate"
},
{
"name": "identity-lookup-update",
"uri": "https://identity.example.com/identity-lookup-update"
},
{
"name": "identity-sign",
"uri": "https://identity.example.com/identity-sign"
}
]
}
},
{
"$id": "2b24016d58b04f0a3b157a82ddd5f18b44d8912a",
"type": "peer",
"version": "1.0",
"methods": {
"method": {
"name": "peer-services-get",
"uri": "https://peer.example.com/peer-services-get"
}
}
},
{
"$id": "db144bb314f8e018f103033cbba7d52e",
"type": "salt",
"version": "1.0",
Page 49
"methods": {
"method": {
"name": "signed-salt-get",
"uri": "https://salt.example.com/signed-salt-get"
}
}
},
{
"$id": "db144bb314f8e018f103033cbba7d52e",
"type": "example",
"version": "1.0",
"key": {
"$id": "8cd14dda3...d5bd2",
"domain": "example.com",
"service": "something"
},
"methods": {
"method": {
"name": "example-method",
"uri": "peer://example.com/5ff106c7db894b96a1432c35c246f36d8414bbd3"
}
}
}
]
}
}
}
Example (redirect)
{
"request": {
"$domain": "example.com",
"$handler": "bootstrapper",
"$method": "services-get"
}
}
{
"result": {
"$domain": "example.com",
"$handler": "bootstrapper",
"$method": "services-get",
"error": {
"$id": 302,
"#text": "Found",
"location": "http://someserver.com/services-get"
}
}
}
Page 50
Security Considerations
The client must ensure the server has an HTTPS certificate that was issued by a root certificate authority
and that the certificate offered by the server is still within the X.509 validity date. The client should
check the validity of each finder by verifying each finder was signed by a "Finder" service for the same
domain as the requested Bootstrapper. The server does not need to verify a client's intentions.
Page 51
The finder information can be cached and the client can reconnect to the same finder at will in the
future. The finder server is considered transient though and may at any time disappear from offering
service.
Each Finder should have its own X.509 certificate that it generates upon start-up and reports through
whatever secure mechanism to the Bootstrapper Finder Service. This causes each finder to use it's own
keying information which is not shared across finders. However, this is not a hard requirement and the
Finders may use a common key across all Finders.
Example
{
"request": {
"$domain": "example.com",
"$handler": "bootstrapper-finder",
"$method": "finders-get",
"$id": "abd23",
"servers": 2
}
}
{
"result": {
"$domain": "example.com",
"$handler": "bootstrapper-finder",
"$method": "finders-get",
"$id": "abc123",
"$timestamp": 439439493,
"finders": {
"finderBundle": [
{
"finder": {
"$id": "4bf7fff50ef9bb07428af6294ae41434da175538",
"transport": "rudp/udp",
"srv": "finders.example.com",
"key": { "x509Data": "MIIDCCA0+gA...lVN" },
"priority": 1,
"weight": 1,
"region": "1",
"created": 588584945,
"expires": 675754754
},
"signature": {
"reference": "#4bf7fff50ef9bb07428af6294ae41434da175538",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "jeirjLr...ta6skoV5/A8Q38Gj4j323=",
"digestSigned": "DE...fGM~C0/Ez=",
"key": {
"$id": "9bdd14dda3f...dd174b5d5bd2",
"domain": "example.org",
"service": "finder"
}
}
},
{
"finder": {
"$id": "a7f0c5df6d118ee2a16309bc8110bce009f7e318",
"transport": "rudp/udp",
"srv": "100.200.100.1:4032,5.6.7.8:4032",
"key": { "x509Data": "MIID5A0+gA...lVN" },
"priority": 10,
"weight": 0,
"region": 1
Page 52
},
"signature": {
"reference": "#a7f0c5df6d118ee2a16309bc8110bce009f7e318",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "YTdmMGM1ZGY2Z...DExOGVlMmExNjMwJjZTAwOWY3ZTMxOA==",
"digestSigned": "OjY2OjZl...OjZhOjcyOjY2OjcyOjcyIChsZW5ndGg9OSk=",
"key": {
"$id": "9bdd14dda3f...dd174b5d5bd2",
"domain": "example.org",
"service": "finder"
}
}
}
]
}
}
}
Page 53
Certificate ID
Service name
Expiry
X.509 public key certificate
Security Considerations
The client must ensure the server has an HTTPS certificate that was issued by a root certificate authority
and that the certificate offered by the server is still within the X.509 validity date. The server does not
need to verify a client's intentions. The client should verify that each key was signed correctly from the
Bootstrapper service key. This allows the clients to cache the certificate bundles while avoiding potential
tampering.
Example
{
"request": {
"$domain": "example.com",
"$id": "abd23",
"$handler": "certificates",
"$method": "certificates-get"
}
}
{
"result": {
"$domain": "example.com",
"$id": "abc123",
"$handler": "certificates",
"$method": "certificates-get",
"$timestamp": 439439493,
"certificates": {
"certificateBundle": [
{
"certificate": {
"$id": "4bf7fff50ef9bb07428af6294ae41434da175538",
"service": "finder",
"expires": 48348383,
"key": { "x509Data": "MIIDCCA0+gA...lVN" }
},
Page 54
"signature": {
"reference": "#4bf7fff50ef9bb07428af6294ae41434da175538",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "jeirjLrta6skoV5/A8Q38Gj4j323=",
"digestSigned": "DEf...GM~C0/Ez=",
"key": {
"$id": "9bdd14...dda3fddd5bd2",
"domain": "example.com",
"service": "boostrapper"
}
}
},
{
"certificate": {
"$id": "9bdd14...dda3fddd5bd2",
"service": "bootstrapper",
"expires": 48348383,
"key": { "x509Data": "OWJkZD...GQ1YmQy=" }
},
"signature": {
"reference": "#9bdd14...dda3fddd5bd2",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "amVpcmpMcn...RhNnNrb1Y1L0E4UTM4R2o0ajMyMz0=",
"digestSigned": "YW1WcGNtcE1jb...lJoTm5OcmIxWTFMMEU0VVRNNFIybzBhak15TXowPQ==",
"key": {
"$id": "9bdd14...dda3fddd5bd2",
"domain": "example.com",
"service": "boostrapper"
}
}
},
{ ... }
]
}
}
}
Page 55
Page 56
Lockbox key "server half" this is server side base-64 encoded XORed portion of the
lockbox key that must be combined with the client side portion of the key to create the
full lockbox key.
Grant
o ID ID as passed into the request
o List of permission URLs previously granted to the grant ID
Security Considerations
Access to the lockbox does not grant access to the contents of the lockbox. The lockbox key must be
obtained through an alternative method.
The server will validate the identity login via the identity service.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abd23",
"$handler": "lockbox",
"$method": "lockbox-access",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
"uri": "identity://domain.com/alice",
"provider": "domain.com"
},
"grant": {
"$id": "de0c8c10d692bc91c1a551f57a50d2f97ef67543"
},
"agent": {
"product": "hookflash/1.0.1001a (iOS/iPad)",
"name": "hookflash",
"image": "https://hookflash.com/brandsquare.png",
},
"lockbox": {
"domain": "example.com",
"key": "Wm1SellXWmtabVJoWm1wcmFuSmlhMnB5WW1WbWEycHlaV3ByY21ZPQ==",
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "lockbox",
"$method": "lockbox-access",
"$timestamp": 439439493,
"lockbox": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecret": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretExpires": 8483943493,
"domain": "example.com",
Page 57
"key": "Wm1SellXWmtabVJoWm1wcmFuSmlhMnB5WW1WbWEycHlaV3ByY21ZPQ=="
},
"grant": {
"$id": "de0c8c10d692bc91c1a551f57a50d2f97ef67543",
"permissions": {
"permission": [
"https://domain.com/pemissionname",
"https://other.com/pemissionname"
]
}
}
}
}
Page 58
o
o
Security Considerations
If all the identities associated to the lockbox are removed then the lockbox account is considered
deleted.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abd23",
"$handler": "lockbox",
"$method": "lockbox-identities-update",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"lockbox": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
}
"identities": {
"identity": [
{
"$disposition": "update",
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
"uri": "identity://domain.com/alice",
"provider": "domain.com"
},
{
"$disposition": "remove",
"uri": "identity:phone:16135551212",
"provider": "example.com"
}
]
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "lockbox",
"$method": "lockbox-identities-update",
"$timestamp": 439439493
"identities": {
"identity": [
{
"uri": "identity://domain.com/alice",
"provider": "domain.com"
},
{
"uri": "identity:phone:16045551212",
"provider": "example.com"
}
]
Page 59
}
}
}
Page 60
}
}
Page 61
}
"grant": {
"$id": "de0c8c10d692bc91c1a551f57a50d2f97ef67543",
"permissions": {
"permission": [
"https://domain.com/pemissionname",
"https://other.com/pemissionname"
]
}
}
}
}
Page 62
Page 63
},
{
"$id": "https://other.com/pemissionname"
}
]
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "lockbox",
"$method": "lockbox-content-get",
"$timestamp": 439439493,
"content": {
"data": [
{
"$id": "https://domain.com/pemissionname",
"value1": "ZmRzbmZranNkbmF...a2pkc2tqZnNkbmtkc2puZmRhZnNzDQo=",
"value2": "Zmpza2xham...Zsa2RzamxmYXNmYXNzZmRzYWZk"
},
{
"$id": "https://other.com/pemissionname",
"what1": "ZmRzbmllZmJocmViaX...JmcXJicg0Kc2RmYQ0KZHNmYQ0Kcw0KZg==",
"what2": "Wm1SemJtbG...ljZzBLYzJSbVlRMEtaSE5tWVEwS2N3MEtaZz09"
}
]
}
}
}
Page 64
Page 65
Page 66
Page 67
Page 68
Returns:
List of resulting identities that resolve in the order requested as follows:
Security Considerations
Example
{
"request": {
"$domain": "test.com",
"$id": "abd23",
"$handler": "identity-lookup",
"$method": "identity-lookup-check",
"providers": {
"provider": [
{
"base": "identity://domain.com/",
"separator": ",",
"identities": "alice,bob,fred"
},
{
"base": "identity:phone:",
"separator": ";",
"identities": "16045551212;3814445551212"
},
{...}
]
Page 69
}
}
}
{
"result": {
"$domain": "test.com",
"$id": "abc123",
"$handler": "identity-lookup",
"$method": "identity-lookup-check",
"$timestamp": 439439493,
"identities": {
"identity": [
{
"uri": "identity://domain.com/alice",
"updated": 5949594
},
{...},
{
"uri": "identity:phone:16045551212",
"provider": "example.com",
"updated": 5849594
},
{...},
{
"uri": "identity:email:alice@domain.com",
"provider": "provider.com",
"updated": 574443
}
]
}
}
}
Returns:
List of resulting identities that resolve in the order requested as follows:
Page 70
Security Considerations
Example
{
"request": {
"$domain": "test.com",
"$id": "abd23",
"$handler": "identity-lookup",
"$method": "identity-lookup",
"providers": {
"provider": [
{
"base": "identity://domain.com/",
"separator": ",",
"identities": "alice,bob,fred"
},
{
"base": "identity:phone:",
"separator": ";",
"identities": "16045551212;3814445551212"
},
{...}
]
}
}
}
{
"result": {
"$domain": "test.com",
"$id": "abc123",
"$handler": "identity-lookup",
"$method": "identity-lookup",
"$timestamp": 439439493,
Page 71
"identities": {
"identity": [
{
"uri": "identity://domain.com/alice",
"provider": "domain.com",
"contactUserID": "123456",
"peer": {...},
"priority": 5,
"weight": 1,
"updated": 5949594,
"expires": 58843493,
"name": "Alice Applegate",
"profile": "http://domain.com/user/alice/profile",
"vprofile": "http://domain.com/user/alice/vcard",
"feed": "http://domain.com/user/alice/feed",
"avatars": {
"avatar": { "url": "http://domain.com/user/alice/p" }
}
},
{...},
{
"uri": "identity:phone:16045551212",
"provider": "example.com",
"contactUserID": "123456",
"peer": {...},
"priority": 1,
"weight": 1,
"updated": 5849594,
"expires": 58843493
},
{...},
{
"uri": "identity:email:alice@domain.com",
"provider": "provider.com",
"contactUserID": "78312",
"peer": {...},
"priority": 1,
"weight": 1,
"updated": 574443,
"expires": 58843493,
"profile": "http://www.gravatar.com/205e460b479e2e5b48aec07710c08d50",
"avatars": {
"avatar": [
{
"name": "1",
"url": "http://www.gravatar.com/avatar/205e460b479e2e5b48aec07710c08d50?size=1",
"width": 100,
"height": 100
},
{
"name": "1",
"url": "http://www.gravatar.com/avatar/205e460b479e2e5b48aec07710c08d50?size=2",
"width": 200,
"height": 200
}
]
}
}
]
}
}
}
Page 72
Page 73
"notify": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-access-window",
"browser": {
"ready": true,
"visibility": true,
}
}
}
Page 74
"identity": {
"base": "identity://provider.com/"
},
"browser": { "visibility": "visible-on-demand" }
}
}
Page 75
By using information not stored on a server, this ensures that should the server be hacked that the
servers do not contain the correct information to decrypt the lockbox key. The downside is that should
the password change the encryption key will need to be decrypted with the existing user password then
re-encrypted using the new password. Further, if the old password is lost then the lockbox key is also
lost.
Example
{
"notify": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-access-complete",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecret": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretExpires": 8483943493,
"uri": "identity://domain.com/alice",
"provider": "domain.com"
},
"lockbox": {
"domain": "domain.com",
"key": "V20x...IbGFWM0J5WTIxWlBRPT0="
}
}
}
Page 76
Lockbox key "client half" this is client side base-64 encoded XORed portion of the
lockbox key that must be combined with the server side portion of the key to create the
full lockbox key.
Returns:
Success or failure.
Security Considerations
The lockbox key should be encrypted locally in JavaScript before being sent a server. This ensures the
server does not contain the correct information to be able to decrypt the lockbox key. See "Identity
Access Complete"
Example
{
"request": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-access-lockbox-update",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934
},
"lockbox": {
"domain": "domain.com",
"key": "V20x...IbGFWM0J5WTIxWlBRPT0="
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$method": "identity-access-lockbox-update",
"$timestamp": 439439493
}
}
Page 77
o
o
o
o
o
Identity access token as returned from the "identity access complete" request
Proof of 'identity access secret' proof required to validate that the 'identity access
secret' is known, proof = hmac(<identity-access-secret>, "identity-access-validate:" +
<identity> + ":" + <client-nonce> + ":" + <expires> + ":" + <identity-access-token> + ":" +
<purpose>)
Expiry of the proof for the 'identity access secret' a window in which access secret
proof is considered valid
Original identity URI
Identity provider (optional, required if identity does not include domain or if domain
providing identity service is different)
Returns:
Success or failure.
Security Considerations
Example
{
"request": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-access-validate",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"purpose": "whatever",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
"uri": "identity://domain.com/alice"
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$method": "identity-access-validate",
"$timestamp": 439439493
}
}
Page 78
Proof of 'identity access secret' proof required to validate that the 'identity access secret' is
known, proof = hmac(<identity-access-secret>, "identity-access-validate:" + <identity> + ":" +
<client-nonce> + ":" + <expires> + ":" + <identity-access-token> + ":identity-lookup-update")
Expiry of the proof for the 'identity access secret' a window in which access secret proof is
considered valid
Peer Contact User ID the stable ID assigned by the contact service that is associated to the
domain of the peer contact URI
Public peer file the public peer file associated with the contact ID
Priority / weight SRV like priority and weighting system to gauge which identity discovered to
be associated to the same peer contact have highest priority
Returns:
Success or failure.
Security Considerations
Example
{
"request": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-lookup-update",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
"contactUserID": "123456",
"peer": {...},
"priority": 5,
"weight": 1
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$method": "identity-lookup-update",
"$timestamp": 439439493
}
}
Page 79
Returns:
Signed identity bundle by the identity service.
Security Considerations
Example
{
"request": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-sign",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
"uri": "identity://domain.com/alice"
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "identity",
"$method": "identity-sign",
"$timestamp": 439439493,
"identityBundle": {
"identity": {
"$id": "b5dfaf2d00ca5ef3ed1a2aa7ec23c2db",
"contact": "peer://example.com/ab43bd44390dabc329192a392bef1",
"uri": "identity://domain.com/alice",
"created": 54593943,
"expires": 65439343
},
"signature": {
"reference": "#b5dfaf2d00ca5ef3ed1a2aa7ec23c2db",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "IUe324k...oV5/A8Q38Gj45i4jddX=",
"digestSigned": "MDAwMDAw...MGJ5dGVzLiBQbGVhc2UsIGQ=",
"key": {
"$id": "b7ef37...4a0d58628d3",
"domain": "provider.com",
"service": "identity"
}
}
}
}
}
Page 80
Page 81
Peer Service
Peer Services Get Request
Purpose
This request retrieves gets a list of peer contact services available to the peer contact.
Inputs:
Client nonce - a onetime use nonce, i.e. cryptographically random string
Identity information
o Identity access token as returned from the "identity access complete" request
o Proof of 'identity access secret' proof required to validate that the 'identity access
secret' is known, proof = hmac(<identity-access-secret>, "identity-access-validate:" +
<identity> + ":" + <client-nonce> + ":" + <expires> + ":" + <identity-access-token> +
":peer-services-access")
o Expiry of the proof for the 'identity access secret' a window in which access secret
proof is considered valid
o Original identity URI
o Identity provider (optional, required if identity does not include domain or if domain
providing identity service is different)
Returns:
List of services available to peer contact services, containing:
Service type
Version
Expires when the service must be refreshed because it's no longer considered valid
List of requests methods, which includes
o Method name
o URI
o Other request specific information
Security Considerations
Example
{
"request": {
"$domain": "domain.com",
"$id": "abd23",
"$handler": "peer",
"$method": "peer-services-get",
"clientNonce": "ed585021eec72de8634ed1a5e24c66c2",
"identity": {
"accessToken": "a913c2c3314ce71aee554986204a349b",
"accessSecretProof": "b7277a5e49b3f5ffa9a8cb1feb86125f75511988",
"accessSecretProofExpires": 43843298934,
Page 82
"uri": "identity://domain.com/alice",
"provider": "domain.com"
}
}
}
{
"result": {
"$domain": "provider.com",
"$id": "abd23",
"$handler": "peer",
"$method": "peer-services-get",
"$timestamp": 439439493,
"services": {
"service": [
{
"$id": "4e6a9ca60d92dfa5e872537f408066d02bdb55f2",
"type": "turn",
"version": "RFC5766",
"expires": 493943,
"methods": {
"method": {
"name": "turn",
"uri": "service.com"
"username": "id39392",
"password": "bdaaba26fa8ccac7807a786156b1f0fc87b2e28a"
}
}
},
{
"$id": "5e6a9ca60d92dfa5e872537f408066d02bdb55f8",
"type": "stun",
"version": "RFC5389",
"expires": 493943,
"methods": {
"method": {
"name": "stun",
"uri": "service.com"
"username": "id39392",
"password": "bdaaba26fa8ccac7807a786156b1f0fc87b2e28a"
}
}
}
]
}
}
}
Page 83
Page 84
"$id": "db144bb314103033cbba7d52e",
"domain": "example.com",
"service": "salt"
}
}
},
{
"salt": {
"$id": "35959a33d4eafac97b9d068cba32a8c6c6fd463a",
"#text": "prfd+dsE243lfkXEnek..8rz=="
},
"signature": {
"reference": "#35959a33d4eafac97b9d068cba32a8c6c6fd463a",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "4Jee4kfd/oV5Af8Q3g48Gjg4n5iw4jzd8k=",
"digestSigned": "Ttzf...eky5D/GM~C0=",
"key": {
"$id": "db144bb314103033cbba7d52e",
"domain": "example.com",
"service": "salt"
}
}
}
]
}
}
}
Page 85
Page 86
Outputs
The document meta information as passed into the publish without the data itself, including an updated
lineage should the server replace the lineage for version 1 documents.
Security Considerations
The lineage value can only be changed and must be changed after a previous document of the same
name has been deleted. The server must verify the lineage is identical to the current lineage for versions
other than version 1 chunk 1. For version 1 chunk 1 documents, the server can replace the proposed
lineage with its own value that must be used in subsequent updates of the document. The lineage value
must increase in value from the previous value when the lineage changes.
Clients and servers should consider the document "newer" if it has a greater lineage value regardless if
the version number is smaller.
The server must delete the document at the end of the lifetime.
When the client is delivering multiple chunks, the chunks must arrive in sequence. Any other document
requests mid update will fail with error code 409 until the entire document has been delivered.
If using the json or json-diff scheme, the document chunks are post-pended together into a single
document until all chunks are delivered and then processed as a whole. If using binary-base64 then the
documents are merged together with white space removed and then decoded to binary when all chunks
have arrived.
The "all" or "some" permissions for relationships that allow a contact to receive the published
documents takes precedence over the "none" or implied "deny" if they the listed contact is not
contained within the "some" list.
Example
{
"request": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-publish",
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1...c0cc9b7ff528e83470e/883fa7...9533609131",
"version": 12,
"baseVersion": 10,
"lineage": 5849943,
"chunk": "1/12",
"scope": "location",
"contact": "peer://example.com/97a9f246018a491d14cee267dceedf8a4ce0367c",
"location": "5cd9f6d9bff930edcc590a62625ba7695b4f805e",
"lifetime": "session",
"expires": 447837433,
"mime": "text/json",
"encoding": "json"
},
"publishToRelationships": {
"relationships": [
{
"$name": "/hookflash.com/authorization-list/1.0/whitelist",
"$allow": "all"
},
Page 87
{
"$name": "/hookflash.com/authorization-list/1.0/adhoc",
"$allow": "all"
},
{
"$name": "/hookflash.com/shared-groups/1.0/foobar",
"$allow": "all"
}
]
},
"data": {...}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-publish",
"$timestamp": 13494934,
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1d...cc9b7ff528e83470e/883fa7...9533609131",
"version": 12,
"lineage": 5849943,
"chunk": "1/12",
"scope": "location",
"lifetime": "session",
"expires": 4839543,
"mime": "text/json",
"encoding": "json"
},
"publishToRelationships": {
"relationships": [
{
"$name": "/hookflash.com/authorization-list/1.0/whitelist",
"$allow": "all"
},
{
"$name": "/hookflash.com/authorization-list/1.0/adhoc",
"$allow": "all"
},
{
"$name": "/hookflash.com/shared-groups/1.0/foobar",
"$allow": "all"
}
]
}
}
}
}
Page 88
Outputs
Previously published document split into chunks when appropriate.
Security Considerations
The server must ensure the document is published to the contact that is requesting the document
otherwise the server must return a 403 Forbidden.
The server can return any version and lineage greater than the cached version. If the latest version is
equal to the cached version, the document result will contain the document meta information without
the data.
The server will return any version number it choses equal or greater to the request version number but
must adhere to the "json-diff" mechanism and give only the differences between the versions or "json"
to give the latest version only without performing the differences.
The server will ignore the chunking denominator for chunk requested for the "1/1" chunk and require
the denominator to be a value it expects instead for all other chunks requested.
If using the "json" or "json-diff" scheme, the document chunks are post-pended together into a single
document until all chunks are delivered and then processed as a whole. If using binary-base64 then the
documents are merged together with white space removed and then decoded to binary when all chunks
have arrived.
The "publish to relationships" section is only returned if the contact requesting the document is the
publisher of the document.
Example
{
"request": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-get",
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1dbaa...9b7ff528e83470e/883fa7...9533609131",
"version": 12,
"lineage": 39239392,
Page 89
"scope": "location",
"contact": "peer://example.ecom/ea00ede4405c99be9ae45739ebfe57d5",
"location": "524e609f337663bdbf54f7ef47d23ca9",
"chunk": "1/1"
}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-get",
"$timestamp": 13494934,
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1...c0cc9b7ff528e83470e/883fa7...9533609131",
"version": 12,
"lineage": 39239392,
"chunk": "1/10",
"scope": "location",
"contact": "peer://example.com/ea00ede4405c99be9ae45739ebfe57d5",
"location": "524e609f337663bdbf54f7ef47d23ca9",
"lifetime": "session",
"expires": 45747885743,
"mime": "text/json",
"encoding": "json"
},
"publishToRelationships": {
"relationships": [
{
"$name": "/hookflash.com/authorization-list/1.0/whitelist",
"$allow": "all"
},
{
"$name": "/hookflash.com/authorization-list/1.0/adhoc",
"$allow": "all"
},
{
"$name": "/hookflash.com/shared-groups/1.0/foobar",
"$allow": "all"
}
]
},
"data": "..."
}
}
}
Page 90
Scope of where the document resides associated to "location", or "contact"; the "location"
scope is a private namespace only readable from the current session location; the "contact"
scope is a namespace shared by all locations for the same contact; the "global" namespace is
shared by all contacts on the system globally
Outputs
Success or failure.
Security Considerations
The contact owner of the document is the only entity allowed to delete the document.
If the document version or lineage is specified then the document version and lineage must match the
last published version or the request is rejected with a 409 Conflict error.
Example
{
"request": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-delete",
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1db...b7ff528e83470e/883fa7...9533609131",
"version": 12,
"lineage": 39239392,
"scope": "location"
}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-delete",
"$timestamp": 13494934
}
}
Page 91
Outputs
Returns the resulting merged active subscription.
Security Considerations
The server only allows subscriptions where permissions allow.
Example
{
"request": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-subscribe",
"document": {
"name": "/hookflash.com/presence/1.0/",
"subscribeToRelationships": {
"relationships": [
{
"$name": "/hookflash.com/authorization-list/1.0/whitelist",
"$subscribe": "all"
},
{
"$name": "/hookflash.com/authorization-list/1.0/adhoc",
"$subscribe": "add",
"contact": "peer://example.com/bd520f1dbaa13c0cc9b7ff528e83470e"
},
{
"$name": "/hookflash.com/shared-groups/1.0/foobar",
"$subscribe": "all"
}
]
}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "peer-subscribe",
"$timestamp": 13494934,
"document": {
"name": "/hookflash.com/presence/1.0/",
"subscribeToRelationships": {
"relationships": [
{
"$name": "/hookflash.com/authorization-list/1.0/whitelist",
"$subscribe": "all"
},
{
"$name": "/hookflash.com/authorization-list/1.0/adhoc",
"$subscribe": "some",
"contact": [
"peer://example.com/bd520f1dbaa13c0cc9b7ff528e83470e",
"peer://example.com/8d17a88e8d42ffbd138f3895ec45375c"
]
},
Page 92
{
"$name": "/hookflash.com/shared-groups/1.0/foobar",
"$subscribe": "all"
}
]
}
}
}
}
Page 93
"documents": {
"document": {
"details": {
"name": "/hookflash.com/presence/1.0/bd520f1d...9b7ff528e83470e/883fa7...9533609131",
"version": 12,
"lineage": 43493943,
"scope": "location",
"contact": "peer://example.com/ea00ede4405c99be9ae45739ebfe57d5",
"location": "524e609f337663bdbf54f7ef47d23ca9",
"lifetime": "session",
"expires": 44241421,
"mime": "text/json",
"encoding": "json"
}
},
"data": {...}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "peer-common",
"$method": "document-publish-notify",
"$timestamp": 13494934
}
}
Page 94
Page 95
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-create",
"sessionProofBundle": {
"sessionProof": {
"$id": "6fc5c4ea068698ab31b6b6f75666808f",
"finder": { "$id": "a7f0c5df6d118ee2a16309bc8110bce009f7e318" },
"clientNonce": "09b11ed79d531a2ccd2756a2104abbbf77da10d6",
"expires": 4848343494,
"location": {
"$id": "5a693555913da634c0b03139ec198bb8bad485ee",
"contact": "peer://domain.com/920bd1d88e4cc3ba0f95e24ea9168e272ff03b3b",
"details": {
"device": { "$id": "e31fcab6582823b862b646980e2b5f4efad75c69" },
"ip": "28.123.121.12",
"userAgent": "hookflash/1.0.1001a (iOS/iPad)",
"os": "iOS v4.3.5",
"system": "iPad v2",
"host": "foobar"
}
},
"peer": {
"$version": "1",
"sectionBundle": {
"section": {
"$id": "A",
...
}
}
}
},
"signature": {
"reference": "#6fc5c4ea068698ab31b6b6f75666808f",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "IUe324k...oV5/A8Q38Gj45i4jddX=",
"digestSigned": "MDAwMDAw...MGJ5dGVzLiBQbGVhc2UsIGQ=",
"key": { "uri": "peer://example.com/920bd1d88e4cc3ba0f95e24ea9168e272ff03b3b" }
}
}
}
}
{
"result": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-create",
"$timestamp": 13494934,
"server": "hooflash/1.0 (centos)"
"expires": 483949923
}
}
Page 96
Inputs
Locations (optional), if specified without any sub location ID elements, then all locations
including this will be unregistered (i.e. a complete system wide unregister), if the location
element is missing then the current location associated with the session is unregistered
o Location ID (optional), for each location to unregister
Outputs
The list of locations which were in fact unregistered, each listed by location ID
Security Considerations
The client must have an established session to issue this request.
If the client is done with the current session it may immediately disconnect after receiving the response.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-delete",
"locations": {
"location": [
{ "$id": "99609d8b1eb4c413813cbeb7c15137837d4037e9" },
{ "$id": "c8062df29e62d42a3dad60e57d9e84ba38e5ba47" }
]
}
}
}
{
"result": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-delete",
"$timestamp": 13494934,
"locations": {
"location": [
{ "$id": "99609d8b1eb4c413813cbeb7c15137837d4037e9" },
{ "$id": "c8062df29e62d42a3dad60e57d9e84ba38e5ba47" }
]
}
}
}
Page 97
Outputs
Expiry epoch (when next a keep alive must be sent by)
Security Considerations
The client must have an established session to issue this request.
Since the client and server are the only entities that know the session ID, the session can only be kept
alive between machines without additional security. The Session Keep-Alive Request must arrive on the
same Internet connection as the initial Session Create Request.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-keep-alive"
}
}
{
"result": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "session-keep-alive",
"$timestamp": 13494934,
"expires": 483949923
}
}
Page 98
Security Considerations
The server must verify the server find secret proof is correct according to the information provided in
the public peer file of the registered peer being contacted. At this point the one time key should be
verified that it has only been seen this one time.
The "peer secret encrypted" is encrypted using the public key of the peer being contacted. Any
information encrypted using this key can only be considered valid to/from the requesting peer only if
the signature on the proof bundle has been validated by the peer being contacted. Otherwise, it's
possible a compromised server could have compromised the "peer secret encrypted" by substituting
another encrypted key in its place.
Since the peer being contact doesn't necessarily know the public key of the requesting peer in advanced,
the information that is encrypted must be limited to the candidate passwords returned, which at worse
can cause the peer being contacted to connect with a malicious peer. However, once the "Peer Identify
Request" completes, the contacted peer can validate the requesting peer's find proof bundle at that
time.
The peer being contacted will use the "peer secret encrypted" to decrypt the requesting peer's
candidate's "password encrypted" and encrypt candidate's passwords in return but cannot assume any
channel formed is in fact going to the correct peer until verified.
2011-2013 Hookflash Inc. All rights reserved | Confidential. V0.9.999.008
Page 99
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"findProofBundle" : {
"findProof": {
"$id": "d53255d06a17778b88501f570301e7621c5a7bc4",
"clientNonce": "7a95ff1f51923ae6e18cdb07aee14f9136afcb9c",
"find": "peer://domain.com/900c9cb1aeb816da4bdf58a972693fce20e",
"findSecretProof": "85d2f8f2b20e55de0f9642d3f14483567c1971d3",
"findSecretProofExpires": 9484848,
"peerSecretEncrypted": "ODVkMmY4ZjJiMjBlNTVkZ...0MmQzZjE0NDgzNTY3YzE5NzFkMw==",
"location": {
"$id": "5a693555913da634c0b03139ec198bb8bad485ee",
"contact": "peer://domain.com/541244886de66987ba30cf8d19544b7a12754042",
"details": {
"device": { "$id": "e31fcab6582823b862b646980e2b5f4efad75c69" },
"ip": "28.123.121.12",
"userAgent": "hookflash/1.0.1001a (iOS/iPad)",
"os": "iOS v4.3.5",
"system": "iPad v2",
"host": "foobar"
},
"candidates": {
"candidate": [
{
"transport": "rudp/udp",
"ip": "100.200.10.20",
"port": 9549,
"usernameFrag": "7475bd88ec76c0f791fde51e56770f0d",
"passwordEncrypted": "ZWJiOGM1ZTll...TY0ODRkYzZiZTg0YWZmYWExNDQ4OWMxZTU1Nw==",
"priority": 43843
},
{
"transport": "rudp/udp",
"ip": "192.168.10.10",
"port": 19597,
"usernameFrag": "398ee0fca8badd89927efc52f0db0f2",
"passwordEncrypted": "ZDJkNWY1YjU...OWZkOGE2MTM2MWM4NzJmOWQ3YzJjMDgxZTU3Nw==",
"priority": 32932
}
]
}
}
},
"signature": {
"reference": "#d53255d06a17778b88501f570301e7621c5a7bc4",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "ZDUzMjU1ZDA2YTE...NjIxYzVhN2JjNA==",
"digestSigned": "WkRVek...TNelZoTjJKak5BPT0=",
"key": { "uri": "peer://domain.com/541244886de66987ba30cf8d19544b7a12754042" }
}
},
"exclude": {
"locations": {
"location": [
{ "$id": "c52591f27deab5cd48bc515e61a3df4d" },
{ "$id": "59d090f7fdd43a2a59beb2018609e2f2" }
]
}
}
}
Page 100
Page 101
Security Considerations
The server attaches a route message to know which peer connection to send any reply back. The route
identifier for the peer connection should be cryptographically random.
In theory, a malicious peer later responding the Peer Location Find Request could change the route in
the Peer Location Find Reply and cause the message to erroneously be delivered to the wrong peer
attached to a finder. However, even if the malicious peer managed to misdirect to the wrong peer the
reply would get dropped since request never matched any request previously sent out by that peer. The
worst-case scenario is a malicious client could waste the bandwidth and processing power of another
finder. Since the only way to possibly know this route in advance is by the malicious peer having
established communication with targeted peer previously, the offending malicious peer already could
waste the processing power and bandwidth of the targeted peer by sending bogus Peer Location Find
Requests. Hence adding protection against this attack does not achieve any lessening in vulnerability.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"findProofBundle" : {
...
},
"routes": {
"route": { "$id": "27f2e2cfc87d1f77d44afde730bfa15a" }
}
}
}
Page 102
Protecting against this attack is not worthwhile since a malicious peer could waste the peer's bandwidth
and CPU by sending requests to the attacked peer finder directly.
A peer finder should keep track of the request to response ratio (i.e. the number of Peer Location Find
Requests sent to a peer versus the number of Peer Location Find Replies received from a peer) within
windows in which requests were sent. If Peer Location Find Replies are received outside the normal
boundaries or outside the window of Peer Location Find Requests, this could be a peer attempting to
attack another peer finder using a its peer finder as a proxy by sending bogus Peer Location Find Replies
that never had requests.
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"findProofBundle" : {
...
},
"routes": {
"route": [
{ "$id": "27f2e2cfc87d1f77d44afde730bfa15a" },
{ "$id": "79434b37a8bb8408fca8c16b89e4faca" }
]
}
}
}
Page 103
o Candidate priority
Signed by replying peer
Route(s) given in request (stack of routes for reversing the request)
Security Considerations
The contacted peer will decrypt the "peer secret encrypted" using its private key and use the "peer
secret" to encrypt its candidate passwords in the reply. Since these usernames and passwords are used
exclusively for the sake of discovering contactable addresses between peers in an ICE fashion, the worse
a compromised finder could do would be to misdirect a peer to contact a wrong address. Since a
malicious finder could already misdirect peers there is no additional protection provided by securing
these credentials further.
In theory a compromised finder could respond to the Peer Location Find Request attempting to direct
the original requesting peer initiating a connection to malicious host. However, since the compromised
finder cannot know the "peer secret", the misdirection attempt will fail.
However, a compromised finder could misdirect the contacted peer by substituting the request's "peer
secret" and candidates with its own candidates. While the channel will be opened to the misdirected
peer, the peer will fail to communicate as the original requesting peer must prove itself by issuing the
"Peer Identity Request".
Example
{
"reply": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"$timestamp": 4344333232,
"findProofBundle" : {
"findProof": {
"requestfindProofBundleDigestValue": "ZDUzMjU1ZDA2YTE...NjIxYzVhN2JjNA==",
"location": {
"$id": "1f77425b06b33bfc1d9932a0716f3f2c92ec0e5",
"contact": "peer://domain.com/541244886de66987ba30cf8d19544b7a12754042",
"details": {
"device": { "$id": "e31fcab6582823b862b646980e2b5f4efad75c69" },
"ip": "100.200.10.20",
"userAgent": "hookflash/1.0.1001a (iOS/iPad)",
"os": "iOS v4.3.5",
"system": "iPad v2",
"host": "smartie"
},
"candidates": {
"candidate": [
{
"transport": "rudp/udp",
"ip": "100.200.10.20",
"port": 9549,
"usernameFrag": "7475bd88ec76c0f791fde51e56770f0d",
"passwordEncrypted": "MmY4MzgzMz...NWFkN2E1NDM0OTk2YzYwMDU2YjhkYzA2MmYxZA==",
"priority": 4388438
},
{
"transport": "rudp/udp",
"ip": "192.168.10.10",
"port": 19597,
Page 104
"username": "398ee0fca8badd89927efc52f0db0f2",
"passwordEncrypted": "ZDg4MDNhM...dlYmEzYmFiNmE0YzNhMGQ1OGQ1MzMxZWFmNWJmYg==",
"priority": 43923293
}
]
}
}
},
"signature": {
"reference": "#d53255d06a17778b88501f570301e7621c5a7bc4",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "ZDUzMjU1ZDA2YTE...NjIxYzVhN2JjNA==",
"digestSigned": "WkRVek...TNelZoTjJKak5BPT0=",
"key": { "uri": "peer://domain.com/541244886de66987ba30cf8d19544b7a12754042" }
}
},
"routes": {
"route": [
{ "$id": "27f2e2cfc87d1f77d44afde730bfa15a" },
{ "$id": "79434b37a8bb8408fca8c16b89e4faca" }
]
}
}
}
Page 105
Page 106
The request is identical to "single point to single point" except the request would fork to the two Finders
responsible for the two different locations of "bob@bar.com". While above shows one request fork
completing before the other request fork begins, in reality the requests would fork simultaneously.
Given that another location exists for "bob@bar.com", the request start out identical but the routes
would diverge and the resulting reply would be complete different.
For the sake of simplicity, Peer Location Find Request/Reply A-H are not repeated.
Peer Location Find Request (H)
Purpose
This is the forked forwarded request to the finder responsible for the secondary location of contacted
peer.
Inputs
Same information as Peer Location Find Request (A)
Routes (stack of routes for reversing the request) the route would probably have same
identifiers as Peer Location Find Request (C) as the contacting peer exists at the same routable
location.
Security Considerations
Same as Peer Location Find Request (C)
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"findProofBundle" : {
...
},
"routes": {
"route": { "$id": "27f2e2cfc87d1f77d44afde730bfa15a" }
}
}
}
Page 107
Security Considerations
Same as Peer Location Find Request (D)
Example
{
"request": {
"$domain": "domain.com",
"$id": "abc123",
"$handler": "peer-finder",
"$method": "peer-location-find",
"findProofBundle" : {
...
},
"routes": {
"route": [
{ "$id": "27f2e2cfc87d1f77d44afde730bfa15a" },
{ "$id": "c173cc0e1653a64f31b0bf12a1f72d1d" }
]
}
}
}
Page 108
"host": "foobie"
},
"candidates": {
"candidate": [
{
"transport": "rudp/udp",
"ip": "75.43.32.12",
"port": 43432,
"usernameFrag": "5158a221a95f9d1f57763f8373875807732992b0",
"passwordEncrypted": "NTg1MjFjZmUyMDc...NzhjMDcxYzZlZDY2NDQzNDNiZGIwNmQ4Nw==",
"priority": 39932
},
{
"transport": "rudp/udp",
"ip": "192.168.10.200",
"port": 20574,
"usernameFrag": "643fce25e69fd1023abb02af48e90446d7add1be",
"passwordEncrypted": "NmU5Zj...NTAzZWNlOTc4YWQ4Njc5ZTcwNGUzNzA1Yzg5NjNiNw==",
"priority": 488323
}
]
}
}
},
"signature": {
"reference": "#d53255d06a17778b88501f570301e7621c5a7bc4",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "ZDUzMjU1ZDA2YTE...NjIxYzVhN2JjNA==",
"digestSigned": "WkRVek...TNelZoTjJKak5BPT0=",
"key": { "uri": "peer://domain.com/541244886de66987ba30cf8d19544b7a12754042" }
}
},
"routes": {
"route": [
{ "$id": "27f2e2cfc87d1f77d44afde730bfa15a" },
{ "$id": "c173cc0e1653a64f31b0bf12a1f72d1d" }
]
}
}
}
Page 109
...
},
"routes": {
"route": { "$id": "27f2e2cfc87d1f77d44afde730bfa15a" }
}
}
}
Page 110
Page 111
contacted peer must verify the find secret matches the find secret in its own Section "B" of its public
peer file (to insure this was not a replay of a request sent to a different peer file).
The contacted peer must verify the request has not expired and should verify the one time key has not
been used before. The signature on the bundle must be verified to ensure the requesting peer signed it.
Example
{
"request": {
"$id": "abc123",
"$handler": "p2p",
"$method": "peer-identify",
"peerIdentityProofBundle": {
"peerIdentityProof": {
"$id": "ec065f4b46a22872f85f6ba5addf1e2",
"clientNonce": "759cef14b626c9bacc9a52253fd68da29d5b6491",
"expires": 574732832,
"findSecret": "YjAwOWE2YmU4OWNlOTdkY2QxNzY1NDA5MGYy",
"location": {
"$id": "5c5fdfab4bbf8cc8345555172914b9733b2034a4"
"contact": "peer://domain.com/db9e3a737c690e7cdcfbacc29e4a54dfa5356b63",
"details": {
"device": { "$id": "105f38b84d01e6d4bc60d1123c62c957" },
"ip": "28.123.121.12",
"userAgent": "hookflash/1.0.1001a (iOS/iPad)",
"os": "iOS v4.3.5",
"system": "iPad v2",
"host": "foobar"
},
},
"peer": {
"sectionBundle": {
"section": {
"$id": "A",
...
},
...
}
}
},
"signature": {
"reference": "#ec065f4b46a22872f85f6ba5addf1e2",
"algorithm": "http://openpeer.org/2012/12/14/jsonsig#rsa-sha1",
"digestValue": "ZGZrbnNua2...pmZXdraiBlYnJlcnJmZXJl",
"digestSigned": "WkdacmJuTnVhMnBtWlhkcmFpQmxZbkpsY25KbVpYSmw=",
"key": { "uri": "peer://example.com/db9e3a737c690e7cdcfbacc29e4a54dfa5356b63" }
}
}
}
}
{
"result": {
"$id": "abc123",
"$handler": "p2p",
"$method": "peer-identify",
"$timestamp": 43848328432,
"location": {
"$id": "9e02827c0f43c511c30bd410bacf9a83",
"contact": "peer://domain.com/8da6e36f8a86ba4210c008e0f0d1ba76",
"details": {
Page 112
Page 113
Document Specifications
The published document specifications are outside the scope of this particular document. Please refer to
the "Open Peer Conversation Thread Specification" as a proposal for multiparty peer hosted
conversations for chat, audio and video (and other media).
Page 114