Network Working Group                                        D. Eastlake
Request for Comments: 3504                                      Motorola
Category: Informational                                       March 2003
        
Network Working Group                                        D. Eastlake
Request for Comments: 3504                                      Motorola
Category: Informational                                       March 2003
        

Internet Open Trading Protocol (IOTP) Version 1, Errata

互联网开放交易协议(IOTP)第1版,勘误表

Status of this Memo

本备忘录的状况

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。

Copyright Notice

版权公告

Copyright (C) The Internet Society (2003). All Rights Reserved.

版权所有(C)互联网协会(2003年)。版权所有。

Abstract

摘要

Since the publication of the RFCs specifying Version 1.0 of the Internet Open Trading Protocol (IOTP), some errors have been noted. This informational document lists these errors and provides corrections for them.

自发布指定互联网开放交易协议(IOTP)1.0版的RFC以来,发现了一些错误。此信息性文档列出了这些错误并提供了更正。

Table of Contents

目录

   1. Introduction.................................................... 2
   2. DTD Errata...................................................... 2
      2.1 PackagedContent Element..................................... 2
      2.2 The Element called Attribute................................ 3
   3. Other Errata.................................................... 3
      3.1 Re: Combining Authentication Transactions with other
          Transactions................................................ 3
      3.2 Type attribute of Element called Attribute.................. 3
   4. Security Considerations......................................... 4
   5. References...................................................... 4
   6. Acknowledgements................................................ 4
   7. Author's Address................................................ 5
   8. Full Copyright Statement........................................ 6
        
   1. Introduction.................................................... 2
   2. DTD Errata...................................................... 2
      2.1 PackagedContent Element..................................... 2
      2.2 The Element called Attribute................................ 3
   3. Other Errata.................................................... 3
      3.1 Re: Combining Authentication Transactions with other
          Transactions................................................ 3
      3.2 Type attribute of Element called Attribute.................. 3
   4. Security Considerations......................................... 4
   5. References...................................................... 4
   6. Acknowledgements................................................ 4
   7. Author's Address................................................ 5
   8. Full Copyright Statement........................................ 6
        
1. Introduction
1. 介绍

The Internet Open Trading Protocol (IOTP), Version 1.0, is specified in [RFC 2801, 2802, 2803]. It provides a payment system independent framework for Internet commerce oriented to consumer to business transactions. It provides mechanism for different portions of the business function, such as fulfillment or payment handling, to be distributed or outsourced. It does not require a prior relationship between the consumer and business.

[RFC 2801、2802、2803]中规定了1.0版互联网开放交易协议(IOTP)。它为面向消费者对企业交易的互联网商务提供了一个独立于支付系统的框架。它为业务功能的不同部分(如履行或支付处理)提供了分发或外包的机制。它不需要消费者和企业之间的事先关系。

Several errors have been noted in the IOTP v1.0 specification, particularly RFC 2801, which was the largest RFC ever issued. These are listed, with their fix, in this document.

IOTP v1.0规范中注意到了几个错误,特别是RFC 2801,它是迄今为止发布的最大RFC。本文档中列出了这些问题及其解决方案。

2. DTD Errata
2. DTD勘误表
2.1 PackagedContent Element
2.1 PackagedContent元素

Attribute types are swapped.

属性类型被交换。

   OLD/INCORRECT:
      !ELEMENT PackagedContent (#PCDATA) >
      <!ATTLIST PackagedContent
               Name             CDATA     #IMPLIED
               Content          NMTOKEN   "PCDATA"
               Transform   (NONE|BASE64)  "NONE" >
        
   OLD/INCORRECT:
      !ELEMENT PackagedContent (#PCDATA) >
      <!ATTLIST PackagedContent
               Name             CDATA     #IMPLIED
               Content          NMTOKEN   "PCDATA"
               Transform   (NONE|BASE64)  "NONE" >
        
   NEW/CORRECT:
      <!ELEMENT PackagedContent (#PCDATA) >
      <!ATTLIST PackagedContent
                Name           NMTOKEN     #IMPLIED
                Content        CDATA       "PCDATA"
                Transform   (NONE|BASE64)  "NONE" >
        
   NEW/CORRECT:
      <!ELEMENT PackagedContent (#PCDATA) >
      <!ATTLIST PackagedContent
                Name           NMTOKEN     #IMPLIED
                Content        CDATA       "PCDATA"
                Transform   (NONE|BASE64)  "NONE" >
        
2.2 The Element called Attribute
2.2 元素名为Attribute

Incorrect element content specification syntax.

元素内容规范语法不正确。

   OLD/INCORRECT:
      <!ELEMENT Attribute ( ANY ) >
      <!ATTLIST Attribute
                type                NMTOKEN            #REQUIRED
                critical        ( true | false )       #REQUIRED
      >
        
   OLD/INCORRECT:
      <!ELEMENT Attribute ( ANY ) >
      <!ATTLIST Attribute
                type                NMTOKEN            #REQUIRED
                critical        ( true | false )       #REQUIRED
      >
        
   NEW/CORRECT
      <!ELEMENT Attribute ANY >
      <!ATTLIST Attribute
                type                NMTOKEN            #REQUIRED
                critical        ( true | false )       #REQUIRED
      >
        
   NEW/CORRECT
      <!ELEMENT Attribute ANY >
      <!ATTLIST Attribute
                type                NMTOKEN            #REQUIRED
                critical        ( true | false )       #REQUIRED
      >
        
3. Other Errata
3. 其他勘误表
3.1 Re: Combining Authentication Transactions with other Transactions
3.1 回复:将身份验证事务与其他事务相结合

Section 9.1.13. page 234, restarted->continued:

第9.1.13节。第234页,重新启动->继续:

OLD/INCORRECT: if the Authentication transaction is successful, then the original IOTP Transaction is restarted

旧/不正确:如果身份验证事务成功,则重新启动原始IOTP事务

NEW/CORRECT: if the Authentication transaction is successful, then the original IOTP Transaction is continued

新建/更正:如果身份验证事务成功,则继续原始IOTP事务

3.2 Type attribute of Element called Attribute
3.2 名为attribute的元素的Type属性

Section 7.19.1, Page 150, insufficient list of signature types:

第150页第7.19.1节,签名类型列表不足:

OLD/INCORRECT: There must be one and only one Attribute Element that contains a Type attribute with a value of IOTP Signature Type and with content set to either: OfferResponse, PaymentResponse, DeliveryResponse, AuthenticationRequest, AuthenticationResponse, PingReq or PingResponse; depending on the type of the signature.

旧/不正确:必须有且只有一个属性元素包含值为IOTP Signature Type且内容设置为以下任一项的类型属性:OfferResponse、PaymentResponse、DeliveryResponse、AuthenticationRequest、AuthenticationResponse、PingReq或PingResponse;取决于签名的类型。

NEW/CORRECT: There must be one and only one Attribute Element that contains a Type attribute with a value of IOTP Signature Type and with content set to either: OfferResponse, PaymentResponse, DeliveryResponse, AuthenticationRequest, AuthenticationResponse, PingReq, PingResponse, AuthenticationStatus, InquiryRequest, or InquiryResponse; depending on the type of the signature.

新建/更正:必须有且只有一个属性元素包含值为IOTP Signature Type且内容设置为以下任一项的类型属性:OfferResponse、PaymentResponse、DeliveryResponse、AuthenticationRequest、AuthenticationResponse、PingReq、PingResponse、AuthenticationStatus、InquiryRequest或InquiryResponse;取决于签名的类型。

AND a similar change extending the list of values in Section 12.1, Page 262.

以及第262页第12.1节中扩展值列表的类似更改。

And at Section 6.1.2, Page 82, add the following:

并在第82页第6.1.2节中添加以下内容:

AuthenticationStatus any role

身份验证状态任何角色

InquiryRequest any role

查询请求任何角色

InquiryResponse any role

查询响应任何角色

4. Security Considerations
4. 安全考虑

The errata listed herein are not particularly security related. Never the less, incorrect implementations due to uncorrected errors in the specification may compromise security.

此处列出的勘误表与安全性无关。然而,由于规范中未纠正的错误而导致的错误实现可能会危及安全性。

5. References
5. 工具书类

[RFC 2801] Burdett, D., "Internet Open Trading Protocol - IOTP Version 1.0", RFC 2801, April 2000.

[RFC 2801]Burdett,D.,“互联网开放交易协议-IOTP版本1.0”,RFC 2801,2000年4月。

[RFC 2802] Davidson, K. and Y. Kawatsura, "Digital Signatures for the v1.0 Internet Open Trading Protocol (IOTP)", RFC 2802, April 2000.

[RFC 2802]Davidson,K.和Y.Kawatsura,“v1.0互联网开放交易协议(IOTP)的数字签名”,RFC 2802,2000年4月。

[RFC 2803] Maruyama, H., Tamura, K. and N. Uramoto, "Digest Values for DOM (DOMHASH)", RFC 2803, April 2000.

[RFC 2803]Maruyama,H.,Tamura,K.和N.Uramoto,“DOM的摘要值(DOMHASH)”,RFC 2803,2000年4月。

6. Acknowledgements
6. 致谢

Thanks to the following people for reporting or responding to reports of these errata:

感谢以下人员报告或回复这些勘误表的报告:

Harald Barrera Dubois, Yoshiaki Kawatsura, Chun Ouyang

哈拉尔·巴雷拉·杜波伊斯、川谷义树、春欧阳

7. Author's Address
7. 作者地址

Donald E. Eastlake 3rd Motorola 155 Beaver Street Milford, MA 01757 USA

Donald E.Eastlake 3rd Motorola美国马萨诸塞州米尔福德海狸街155号01757

   Phone:  +1-508-851-8280 (w)
           +1-508-634-2066 (h)
   EMail:  Donald.Eastlake@motorola.com
        
   Phone:  +1-508-851-8280 (w)
           +1-508-634-2066 (h)
   EMail:  Donald.Eastlake@motorola.com
        
8. Full Copyright Statement
8. 完整版权声明

Copyright (C) The Internet Society (2003). All Rights Reserved.

版权所有(C)互联网协会(2003年)。版权所有。

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.

本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。

The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.

上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。

This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Acknowledgement

确认

Funding for the RFC Editor function is currently provided by the Internet Society.

RFC编辑功能的资金目前由互联网协会提供。