From 298e62bbdd6cb8865e046072f32a38130caa8f96 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue, 9 Mar 2010 01:04:56 -0500
Subject: added website stubs about validation agent

---
 website/validation-agent/protocol.mdwn | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 website/validation-agent/protocol.mdwn

(limited to 'website/validation-agent')

diff --git a/website/validation-agent/protocol.mdwn b/website/validation-agent/protocol.mdwn
new file mode 100644
index 0000000..e816996
--- /dev/null
+++ b/website/validation-agent/protocol.mdwn
@@ -0,0 +1,23 @@
+[[!meta title="Validation Agent Protocol"]]
+
+# Validation Agent Protocol #
+
+In its current form, the validation agent is conceived of as a
+minimalistic HTTP server that accepts two different requests:
+
+ GET /  -- initial contact query, protocol version compatibility.
+  (no query parameters)
+  (returns: protoversion, server, available)
+
+ POST /reviewcert  -- request validation of a certificate
+  (query parameters: uid, context, pkc)
+  (returns: valid, message)
+
+Query parameters are posted as a JSON blob (*not* as
+www-form-encoded).
+
+The variables that are returned are application/json as well.
+
+* PKC means: public key carrier: raw key, OpenPGP cert, or X.509 cert
+* UID means: User ID (like in OpenPGP)
+* context refers to the setting in which the certificate is offered.  For example, "https" means: "this certificate was offered by an HTTPS server"
-- 
cgit v1.2.3