diff options
| -rw-r--r-- | docs/signing-engine-protocol | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/docs/signing-engine-protocol b/docs/signing-engine-protocol deleted file mode 100644 index 7e754564..00000000 --- a/docs/signing-engine-protocol +++ /dev/null @@ -1,51 +0,0 @@ -;;; -*- Lisp -*- -;;; $URL$ -;;; $Id$ -;;; -;;; Scratch pad for working out API design for RPKI engine. -;;; -;;; This file is psuedocode, I just wanted to take advantage of -;;; emacs's built-in support for languages with reasonable syntax. -;;; -;;; Terminology: -;;; -;;; - IRBE: Internet Registry Back End -;;; -;;; - RE: RPKI Engine - -;;; Protocol operations between RE and signing engine. This assumes -;;; the model in which the signing engine stores nothing but keypairs -;;; and takes orders from the RE on what to sign; this still needs to -;;; be checked by competent paranoids. - -;; Create a keypair. :length is the number of bits for the key -;; (default 2048?). - -(create-keypair :cust-id 42 - :type :rsa - :length 2048) -=> (public-key keypair-id) - -;; Destroy a keypair. - -(destroy-keypair :cust-id 42 - :keypair-id keypair-id) -=> () - -;; List existing keypairs - -(list-keypairs :cust-id 42) -=> ((keypair-id public-key :rsa) - (keypair-id public-key :rsa) - ...) - -;; Sign something. how-to-sign tells us both what signature method to -;; use (ie, what kind of object we're signing) and also the signature -;; algorithm to use (where there are multiple choices, which perhaps -;; there should not be?). - -(sign-thing :cust-id 42 - :what-to-sign cert-without-signature - :how-to-sign :cert-rsa/sha256 - :keypair-id keypair-id) -=> (signed-thing) |