diff --git a/spec/requirements.md b/spec/requirements.md index 955fe3e..b9975bc 100644 --- a/spec/requirements.md +++ b/spec/requirements.md @@ -119,45 +119,44 @@ The authoritative technical specifications for the API calls in the ToIP Trust R **Trust registries** implementing this protocol: * [TRQP-1] MUST maintain the service implementing this protocol at the HTTPS URI specified in the _[Trust Registry Service Property](#trust-registry-service-property)_ section. + * [TRQP-2] The system SHOULD support queries that are at a point in time in the past. - * [TRQP-2-1] The parameter for the point in time must be named `queryTime`. - * [TRQP-2-2] The datetime value provided MUST be formatted per [[spec-norm:RFC3339]] using the UTC (i.e. Z for Zulu) zero offset (e.g. "2018-03-20T09:12:28Z". - * [TRQP-2-3] If the system does not support non-current data, and the the `queryTime` parameter is present, the system MUST NOT return entity data and must se http error code 405 (Method not allowed). + - [TRQP-2-1] The parameter for the point in time must be named `queryTime`. + - [TRQP-2-2] The datetime value provided MUST be formatted per [[spec-norm:RFC3339]] using the UTC (i.e. Z for Zulu) zero offset (e.g. "2018-03-20T09:12:28Z". + - [TRQP-2-3] If the system does not support non-current data, and the the `queryTime` parameter is present, the system MUST NOT return entity data and must se http error code 405 (Method not allowed). * [TRQP-3] MUST return responses to queries for the **status value** of a **registry entry** that satisfies one or more of the following sets of query parameters: - - [TRQP-3-1] **Entity Authorization**: Given the `entityDID`, and `authorization` return the status of that registered entity, MUST return exactly one of the following **status values** for a **registry entry** satisfying the query parameters: - - `Not Found` + http code 404 - entry not found. - - `Current` + http code 200 - authorization for the registered entity is current as of the time of query, or as of the time requested. - - `Expired` + http code 200 - authorization has expired (e.g. not renewed after the previous valid registration period) - - `Terminated` + http code 200 - authorization was terminated (e.g. voluntary termination by the **registered entity**) - - `Revoked` + http code 200 - authorization was revoked (e.g. involuntary termination by the **governing authority**) + - `Not Found` + http code 404 - entry not found. + - `Current` + http code 200 - authorization for the registered entity is current as of the time of query, or as of the time requested. + - `Expired` + http code 200 - authorization has expired (e.g. not renewed after the previous valid registration period) + - `Terminated` + http code 200 - authorization was terminated (e.g. voluntary termination by the **registered entity**) + - `Revoked` + http code 200 - authorization was revoked (e.g. involuntary termination by the **governing authority**) - [TRQP-3-2] **Entity Authorizations**: Given only the `entityDID` the system SHOULD return the array of Authorization objects for the entity identified by `entityDID`. - [TRQP-3-3] **Recognized Registry:** Given the entityDID the system SHOULD return the list of [[def:trust registries]] that the entity has indicated it is registered in. - [TRQP-3-3-1] The system MUST NOT return more than one trust registry in the array designated as a [[def: primary registry]]. - ::: TODO: Align VID and/or DID terminology. ::: -[TRQP-4] MUST return responses using the data model specified in the OpenAPI Specification . +* [TRQP-4] MUST return responses using the data model specified in the OpenAPI Specification . -[TRQP-5] For queries returning a **status value** other than `Not Found`, the response MUST return the following values: +* [TRQP-5] For queries returning a **status value** other than `Not Found`, the response MUST return the following values: - [TRQP-5-1] The system must return the parameter values exactly as supplied in the query (so responses can be stateless). - [TRQP-5-2] The system must return the **status value** for the entity (per TRP-3-1). - [TRQP-5-3] The system must return exactly two **datetime values** conforming to the following requirements: - - [TRQP-5-3-1]The value labels MUST be: - - i. `AuthorizationStartDate` - - ii. `AuthorizationEndDate` - - [TRQP-5-3-2] The datetime values MUST be formatted to comply with [[spec-norm:RFC3339]] in the UTC/Z time zone with no offset. - - [TRQP-5-3-3] The `AuthorizationStartDate` MUST be the date that the **registered entity** authorization began. - - [TRQP-5-3-4] The `AuthorizationEndDate` MUST be either: - - [TRQP-5-3-4-1] `Null` for an entry whose **status value** is `Current` at the time of the query. - - [TRQP-5-3-4-2] A specific datetime value if the **registered entity** **status value** is `Expired`, `Terminated` or `Revoked`. - - [TRQP-5-3-5] If a **registered entity** has multiple entries in the system (representing an authorization history), the value that is active at the time indicated must be returned: - - [TRQP-5-3-5-1] when no `queryTime` value is provided the value that is active at time of the query MUST be returned. - - [TRQP-5-3-5-2] when a `queryTime` parameter is provided the entry that is active at that time (i.e. indicted by `queryTime`) MUST be returned. + - [TRQP-5-3-1]The value labels MUST be: + - i. `AuthorizationStartDate` + - ii. `AuthorizationEndDate` + - [TRQP-5-3-2] The datetime values MUST be formatted to comply with [[spec-norm:RFC3339]] in the UTC/Z time zone with no offset. + - [TRQP-5-3-3] The `AuthorizationStartDate` MUST be the date that the **registered entity** authorization began. + - [TRQP-5-3-4] The `AuthorizationEndDate` MUST be either: + - [TRQP-5-3-4-1] `Null` for an entry whose **status value** is `Current` at the time of the query. + - [TRQP-5-3-4-2] A specific datetime value if the **registered entity** **status value** is `Expired`, `Terminated` or `Revoked`. + - [TRQP-5-3-5] If a **registered entity** has multiple entries in the system (representing an authorization history), the value that is active at the time indicated must be returned: + - [TRQP-5-3-5-1] when no `queryTime` value is provided the value that is active at time of the query MUST be returned. + - [TRQP-5-3-5-2] when a `queryTime` parameter is provided the entry that is active at that time (i.e. indicted by `queryTime`) MUST be returned. ### Anti-Requirements