Network Working Group                                   D. Eastlake, III
Request for Comments: 3354                                      Motorola
Category: Informational                                      August 2002
        
Network Working Group                                   D. Eastlake, III
Request for Comments: 3354                                      Motorola
Category: Informational                                      August 2002
        

Internet Open Trading Protocol Version 2 Requirements

互联网开放交易协议第2版要求

Status of this Memo

本备忘录的状况

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。

Copyright Notice

版权公告

Copyright (C) The Internet Society (2002). All Rights Reserved.

版权所有(C)互联网协会(2002年)。版权所有。

Abstract

摘要

This document gives requirements for the Internet Open Trading Protocol (IOTP) Version 2 by describing design principles and scope and dividing features into those which will, may, or will not be included.

本文件通过描述设计原则和范围,并将功能划分为将包含、可能包含或不包含的功能,给出了互联网开放交易协议(IOTP)第2版的要求。

Version 2 of the IOTP will extend the interoperable framework for Internet commerce capabilities of Version 1 while replacing the XML messaging and digital signature part of IOTP v1 with standards based mechanisms.

IOTP第2版将扩展第1版互联网商务功能的互操作框架,同时用基于标准的机制取代IOTP第1版的XML消息传递和数字签名部分。

Table of Contents

目录

   1. Introduction ...................................................2
   2. Design Principles and Scope ....................................2
   3. Requirements ...................................................2
   4. Security Considerations ........................................4
   References ........................................................4
   Authors Addresses .................................................5
   Full Copyright Statement ..........................................6
        
   1. Introduction ...................................................2
   2. Design Principles and Scope ....................................2
   3. Requirements ...................................................2
   4. Security Considerations ........................................4
   References ........................................................4
   Authors Addresses .................................................5
   Full Copyright Statement ..........................................6
        
1. Introduction
1. 介绍

Version 2 of the Internet Open Trading Protocol (IOTP) will extend the interoperable framework for Internet commerce capabilities of Version 1 [RFC 2801] as described in Section 3 below. In addition, it will replace the ad hoc XML messaging and digital signature [RFC 2802] parts of IOTP v1 with standards based mechanisms [RFC 3275].

互联网开放交易协议(IOTP)第2版将扩展第1版[RFC 2801]互联网商务能力的互操作框架,如下文第3节所述。此外,它将用基于标准的机制[RFC 3275]取代IOTP v1的特别XML消息和数字签名[RFC 2802]部分。

This document gives requirements for the Internet Open Trading Protocol (IOTP) Version 2 by describing design principles and scope and dividing features into those which will, may, or will not be included.

本文件通过描述设计原则和范围,并将功能划分为将包含、可能包含或不包含的功能,给出了互联网开放交易协议(IOTP)第2版的要求。

2. Design Principles and Scope
2. 设计原则和范围

1. The specification must describe the syntax and processing necessary for an extension of the interoperable framework for Internet commerce described in IOTP V1.0 [RFC 2801].

1. 规范必须描述IOTP V1.0[RFC 2801]中描述的互联网商务互操作框架扩展所需的语法和处理。

2. Keep changes to IOTP V1.0 to a minimum.

2. 将对IOTP V1.0的更改保持在最低限度。

3. Maintain all existing functionality of IOTP V1.0.

3. 维护IOTP V1.0的所有现有功能。

4. Test all XML DTDs and/or Schemas and XML examples in the specification to insure that they are well-formed.

4. 测试规范中的所有XML DTD和/或模式和XML示例,以确保它们格式正确。

5. Create usage/implementation guidance information, probably as a separate document.

5. 创建使用/实施指南信息,可能作为单独的文档。

6. It should be designed to work well with other protocols such as ECML [RFC 3106].

6. 它的设计应能与ECML[RFC3106]等其他协议很好地协同工作。

7. IOTP Version 2 should be developed as part of the broader Web design philosophy of decentralization, URIs, Web data, and modularity /layering / extensibility. [Berners-Lee, WebData] In this context, this standard should take advantage of existing provider (and infrastructure) primitives.

7. IOTP版本2应作为更广泛的分散、URI、Web数据和模块化/分层/可扩展性Web设计理念的一部分进行开发。[Berners Lee,WebData]在这种情况下,该标准应该利用现有的提供者(和基础设施)原语。

3. Requirements
3. 要求

IOTP Version 2 will include the following:

IOTP版本2将包括以下内容:

1. Be a superset of IOTP Version 1.

1. 是IOTP版本1的超集。

2. Provide for the Dynamic Definition of Trading Sequences. I.E., transactions will not be limited, as with v1, to a single payment and a single delivery with delivery occurring after payment.

2. 提供交易顺序的动态定义。也就是说,与v1一样,交易将不限于一次付款和一次交付,且交付发生在付款后。

Instead, it will be possible to propose an arbitrary sequence of transaction steps.

相反,可以提出任意顺序的事务步骤。

3. Include specification of an Offer Request Block.

3. 包括报价请求块的规范。

4. Support Improved Problem Resolution (extend to cover presentation of signed receipt to customer support party, better defined Customer Care role, etc.).

4. 支持改进的问题解决方案(扩展到向客户支持方提交已签署的收据,更好地定义客户关怀角色等)。

5. Add provisions to indicate and handle a payment protocol not tunneled through IOTP.

5. 添加规定,以指示和处理未通过IOTP隧道传输的支付协议。

6. Add support for server based wallets.

6. 添加对基于服务器的钱包的支持。

The following may be include in IOTP v2:

IOTP v2中可能包括以下内容:

1. Support Repeated/ongoing payments. For example, a means to specify that a customer approval covers not only the instant purchase but also some limited number of future purchase with some total or per purchase spending limit.

1. 支持重复/持续付款。例如,一种指定客户批准不仅包括即时购买,而且还包括未来购买的有限数量,以及总或每次购买的支出限额的方法。

2. Enhanced Server to Server messages. For example, a means for a Delivery Handler to inform a Payment Handler that goods have actually shipped, which may be a pre-condition for making a charge against a credit card.

2. 增强的服务器到服务器消息。例如,送货员通知付款员货物已实际装运的一种方式,这可能是对信用卡收费的先决条件。

3. Include the ability to add both fields and attributes to existing trading blocks in addition to the present ability to add entirely new trading blocks.

3. 除了当前添加全新交易区块的功能外,还包括向现有交易区块添加字段和属性的功能。

The following are out of scope for IOTP version 2:

以下内容超出IOTP版本2的范围:

1. Legal or regulatory issues surrounding the implementation of the protocol or information systems using it.

1. 围绕协议实施或使用协议的信息系统的法律或监管问题。

2. Design of an XML Messaging Layer. Instead, whatever is or appears most likely to become the standard XML messaging layer will be used. This includes a standard enveloping, addressing, and error reporting framework.

2. XML消息传递层的设计。相反,将使用最有可能成为标准XML消息传递层的内容。这包括一个标准的封装、寻址和错误报告框架。

3. Design of XML Digital Signatures. Instead, the existing standard [RFC 3275] will be used.

3. XML数字签名的设计。相反,将使用现有标准[RFC 3275]。

4. Security Considerations
4. 安全考虑

As provided above, IOTP v2 will provide optional authentication via standards based XML Digital Signatures [RFC 3275]; however, neither IOTP v1 nor v2 provide a confidentiality mechanism. Both require the use of secure channels such as those provided by TLS [RFC 2246] or IPSEC for confidentiality and depend on the security mechanisms of any payment system used in conjunction with them to secure payments.

如上所述,IOTP v2将通过基于标准的XML数字签名[RFC 3275]提供可选身份验证;然而,IOTP v1和v2都不提供保密机制。两者都需要使用安全通道,如TLS[RFC 2246]或IPSEC提供的通道,以确保机密性,并依赖于与之结合使用的任何支付系统的安全机制来确保支付安全。

References

工具书类

[Berners-Lee] "Axioms of Web Architecture: URIs", <http://www.w3.org/DesignIssues/Axioms.html>, "Web Architecture from 50,000 feet", <http://www.w3.org/DesignIssues/Architecture.html>.

[Berners Lee]“Web架构的公理:URI”<http://www.w3.org/DesignIssues/Axioms.html>,“50000英尺的Web架构”<http://www.w3.org/DesignIssues/Architecture.html>.

[RFC 2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996.

[RFC 2026]Bradner,S.,“互联网标准过程——第3版”,BCP 9,RFC 2026,1996年10月。

[RFC 2246] Dierks, T. and C. Allen, "The TLS Protocol: Version 1.0", RFC 2246, January 1999.

[RFC 2246]Dierks,T.和C.Allen,“TLS协议:1.0版”,RFC 2246,1999年1月。

[RFC 2801] Burdett, D., "Internet Open Trading Protocol - IOTP Version 1.0", RFC 2801, April 2000.

[RFC 2801]Burdett,D.,“互联网开放交易协议-IOTP版本1.0”,RFC 2801,2000年4月。

[RFC 2802] Davidson, K. and Y. Kawatsura, "Digital Signatures for the v1.0 Internet Open Trading Protocol (IOTP)", RFC 2802, April 2000.

[RFC 2802]Davidson,K.和Y.Kawatsura,“v1.0互联网开放交易协议(IOTP)的数字签名”,RFC 2802,2000年4月。

[RFC 3106] Eastlake, D. and T. Goldstein, "ECML v1.1: Field Names for E-Commerce", RFC 3106, April 2001.

[RFC 3106]Eastlake,D.和T.Goldstein,“ECML v1.1:电子商务领域名称”,RFC 3106,2001年4月。

[RFC 3275] Eastlake, D., Reagle, J. and D. Solo, "XML-Signature Syntax and Processing", RFC 3275, March 2002.

[RFC 3275]Eastlake,D.,Reagle,J.和D.Solo,“XML签名语法和处理”,RFC 3275,2002年3月。

[WebData] "Web Architecture: Describing and Exchanging Data", <http://www.w3.org/1999/04/WebData>.

[WebData]“Web架构:描述和交换数据”<http://www.w3.org/1999/04/WebData>.

[XML] "Extensible Markup Language (XML) 1.0 (Second Edition)", <http://www.w3.org/TR/1998/REC-xml>, T. Bray, J. Paoli, C. M. Sperberg-McQueen.

[XML]“可扩展标记语言(XML)1.0(第二版)”<http://www.w3.org/TR/1998/REC-xml>,T.Bray,J.Paoli,C.M.Sperberg McQueen。

Author's Addresses

作者地址

Donald E. Eastlake 3rd Motorola 155 Beaver Street Milford, MA 01757 USA Phone: +1-508-851-8280 (w) +1-508-634-2066 (h) EMail: Donald.Eastlake@motorola.com

Donald E.Eastlake 3rd Motorola美国马萨诸塞州米尔福德海狸街155号01757电话:+1-508-851-8280(w)+1-508-634-2066(h)电子邮件:Donald。Eastlake@motorola.com

Full Copyright Statement

完整版权声明

Copyright (C) The Internet Society (2002). All Rights Reserved.

版权所有(C)互联网协会(2002年)。版权所有。

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.

本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。

The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.

上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。

This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Acknowledgement

确认

Funding for the RFC Editor function is currently provided by the Internet Society.

RFC编辑功能的资金目前由互联网协会提供。