Skip to content

Commit

Permalink
WIP on requirements
Browse files Browse the repository at this point in the history 
Signed-off-by: Darrell O'Donnell <[email protected]>
  • Loading branch information
@darrellodonnell
darrellodonnell committed Feb 15, 2024
1 parent 6681415 commit af57865
Showing 1 changed file with 24 additions and 19 deletions.
43 changes: 24 additions & 19 deletions spec/requirements.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,22 +99,27 @@ The authoritative technical specifications for the API calls in the ToIP Trust R
**Trust registries** implementing this protocol:

* [TRP-1] MUST maintain the service implementing this protocol at the HTTPS URI specified in the _[Trust Registry Service Property](#trust-registry-service-property)_ section.
* [TRP-2] MUST return responses to queries for the **status value** of a **registry entry** that satisfies one or more of the following sets of query parameters:

* Entity
* The entity authorization that is being validated.
* Registry


- i. **Entity Authorization**: entityDID, authorization
- ii. **Recognized Registry:** entityDID
3. MUST return responses using the data model specified in the _[Data Model](#data-model)_ section.
4. MUST return exactly one of the following **status values** for a **registry entry** satisfying the query parameters:
- i. `Not found` (http 404)
- ii. `Current`
- iii. `Expired` (not renewed after the previous valid registration period)
- iv. `Terminated` (voluntary termination by the **registered party**)
- v. `Revoked` (involuntary termination by the **governing authority**)
* [TRP-2] SHOULD support queries that are at a point in time in the past.
* [TRP-2-1] The datetime value provided MUST be formatted per [[spec-norm:RFC3339]] using the UTC (Zulu) null offset (e.g. "2018-03-20T09:12:28Z".
* [TRP-2-2] If the system does NOT support non-current data the system MUST return and http 405 (Method not allowed.) error.
* [TRP-3] MUST return responses to queries for the **status value** of a **registry entry** that satisfies one or more of the following sets of query parameters:

- [TRP-3-1] **Entity Authorization**: Given the `entityDID`, and `authorization` return the status of that registered entity, MUST return exactly one of the following **status values** for a **registry entry** satisfying the query parameters:
- `Not found` (http 404)
- `Current` - authorization for the registered entity is current as of the time of query, or as of the time requested.
- `Expired` (not renewed after the previous valid registration period)
- `Terminated` (voluntary termination by the **registered entity**)
- `Revoked` (involuntary termination by the **governing authority**)
- [TRP-3-2] **Entity Authorizations**: Given only the `entityDID` the system SHOULD return the array of Authorization strings for the entity identified by `entityDID`.
- ii. [TRP-3-2] **Recognized Registry:** Given the entityDID the system SHOULD return the list of [[def:trust registries]] that the entity has indicated it is registered in.
- [TRP-3-2-1] The system MUST NOT return more than one trust registry in the array designated as a [[def: primary registry]].

::: TODO:
CREATE TrustRegistryType and TrustRegistryListType in OAS.
:::

3. MUST return responses using the data model specified in the OpenAPI Specification .

5. For queries returning a **status value** other than `Not Found`, the response MUST return the following values:
- i. The parameter values exactly as supplied in the query (so responses can be stateless).
- ii. The **status value**.
Expand All @@ -123,11 +128,11 @@ The authoritative technical specifications for the API calls in the ToIP Trust R
- i. `AuthorizationStartDate`
- ii. `AuthorizationEndDate`
- b. The values MUST be formatted to comply with [[spec-norm:RFC3339]] in the UTC/Z time zone with no offset.
- c. The `AuthorizationStartDate` MUST be the date that the **registered party’s** authorization began.
- c. The `AuthorizationStartDate` MUST be the date that the **registered entity** authorization began.
- d. The `AuthorizationEndDate` MUST be either:
- i. `Null` for an entry whose **status value** is `Current` at the time of the query.
- ii. A specific date value if the **registered party’s** **status value** is `Expired`, `Terminated` or `Revoked.`
- e. If a **registered party** has multiple entries (representing an authorization history), the most recent value MUST be returned.
- ii. A specific date value if the **registered entity** **status value** is `Expired`, `Terminated` or `Revoked.`
- e. If a **registered entity** has multiple entries (representing an authorization history), the most recent value MUST be returned.

### Anti-Requirements

Expand Down

0 comments on commit af57865

Please sign in to comment.