more clarification w/r/t sender|from

This commit is contained in:
Friendika 2011-08-31 21:23:40 -07:00
parent 344f12c8c4
commit 3cd8ee7161

12
zot.txt
View File

@ -30,7 +30,7 @@ resolvable addresses containing both salmon and zot endpoints.
<zot:key>((key))</zot:key>
<zot:iv>((iv))</zot:iv>
<zot:env>((envelope))</zot:env>
<zot:sig key_id="xxx">((envelope signature))</zot:sig>
<zot:sig key_id="xxx">((sender signature))</zot:sig>
<zot:alg>AES-256-CBC</zot:alg>
<zot:data type='application/magic-envelope+xml'>((salmon))</zot:data>
</zot:msg>
@ -78,10 +78,12 @@ be sent to any additional addresses in the recipient list. The original author
MUST send the reply to all known recipients of the original message, with
their webfinger identity as Sender, and the comment/reply author as From.
Receiving agents MUST validate the From identity as the signer of the salmon
magic envelope, and MAY reject it. They MAY also reject the message if the
Sender is not allowed in their "friend list", or if they do not have a
suitable relationship with the Sender.
Receiving agents SHOULD validate the From identity as the signer of the salmon
magic envelope, and MAY reject it. They SHOULD also verify the Sender signature
of the zot packet if it is different than the salmon signature. They MAY
reject the message if the Sender is not allowed in their "friend list", or if
they do not have a suitable relationship with the Sender, or if either
signature fails to validate.
To: *