PEPmodel documentation PEPmodel HTTP

Transactions

This page outlines PEP related actions taken over a series of typical client/server transactions. Data issued by the client is in red and that by the server is blue. Included examples are:

Ignorant client makes request

Client issues request 

GET /countable/asdf.html HTTP/1.1
Host: pfunk.w3.org
Date: Mon, 9 Jun 1997 21:58:39 GMT

client requests resource

Server reponds with policy declaration 

HTTP/1.1 420 Bad Extensions
Content-Length: 85
PEPInfo: {{id "http://pfunk.w3.org:8887/src/classes/AccessCounter"}{strength must}{for "/countable/" *}}
Date: Mon, 9 Jun 1997 21:59:38 GMT
Content-Type: text/html
<HTML><HEAD><TITLE>Bummer</TITLE></HEAD>
<BODY><H1>Bummer</H1>so sorry</BODY></HTML>

Client retries request 

GET /countable/asdf.html HTTP/1.1
Host: pfunk.w3.org
Date: Mon, 9 Jun 1997 21:58:39 GMT
PEP: {{map "http://pfunk.w3.org:8887/src/classes/AccessCounter" AccessCounter-12345}{strength must}}
AccessCounter-12345: 1

Server honors request 

HTTP/1.1 200 OK
Content-Length: 95
PEPInfo: {{id "http://pfunk.w3.org:8887/src/classes/AccessCounter"}{strength must}{for "/countable/" *}}
Date: Mon, 9 Jun 1997 21:59:38 GMT
Content-Type: text/html
AccessCounter-12345: 1
<HTML><HEAD><TITLE>asdf</TITLE></HEAD>
<BODY><H1>asdf</H1>All accounted for, sir.</BODY></HTML>

 Server advertises other services

Client issues request 

GET /asdf.html HTTP/1.1
Host: pfunk.w3.org
Date: Mon, 9 Jun 1997 21:58:39 GMT

client requests resource

Server reponds with policy declaration 

HTTP/1.1 200 OK
Content-Length: 103
PEPInfo: {
    {id "http://pfunk.w3.org:8887/src/classes/PostPay"}{strength must}{for "/payola/" *}
    {id "http://pfunk.w3.org:8887/src/classes/AccessCounter"}{strength may}{for "/" *}
    {id "http://pfunk.w3.org:8887/src/classes/EscapeBody"}{strength must}{for "/escaped/" *}}
Date: Mon, 9 Jun 1997 21:59:38 GMT
Content-Type: text/html
<HTML><HEAD><TITLE>asdf</TITLE></HEAD>
<BODY><H1>asdf</H1>Pretty exciting, huh?</BODY></HTML>

Note: This policy declaration announced AccessCounter as an optional extension that was valid anywhere from the root down. The server could have returned an extension declaration which the client could have ignored if it didn't understand it.

 Server invokes payment extension

Client issues request 

GET /payola/asdf.html HTTP/1.1
Host: pfunk.w3.org
Date: Mon, 9 Jun 1997 21:58:39 GMT

client requests resource

Server reponds with policy declaration 

HTTP/1.1 200 OK
Content-Length: 103
PEP: {{map "http://pfunk.w3.org:8887/src/classes/PostPay" key=K1,price=P1}{strength must}}
K1: 118.23.205.22.1df34c8e
P1: $.20
Date: Mon, 9 Jun 1997 21:59:38 GMT
Content-Type: text/html
<HTML><HEAD><TITLE>fdsa</TITLE></HEAD>
<BODY><H1>fdsa</H1>?siht rof deyap uoy dalg uoy t'nerA</BODY></HTML>

Note: the server may assume that the majority of commercial clients will be honest. This allows it to not encrypt the response, saving the client a round trip with the key server. This would work until someone hacks up a proxy server to strip out the PEP header and allow even honest clients to cheat on payment.
 

Eric Prud'hommeaux, eric@w3.org,
@(#) $Id: Transactions.html,v 1.2 1997/08/03 00:39:00 eric Exp $