Versions Compared

Version Old Version 4 New Version 5
Changes made by

Fredrik Ljunggren

Fredrik Ljunggren

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The purpose of the interim key-storage is to get online with a temporary AB for the early-adapting participants of the Mobile Ticket Specifications. This is not a complete AB as we believe there are more functions to come. The API is based upon the same principles as the coming API-specs from the project, but the permanent solution will be more detailed.

The interim solution for key storage is divided into two parts:

  • The key storage where everyone can fetch the key-list on an open url. The keylist can be fetched from http://api.mobileticket.se/keylist The keylist is updated every 5 minutes.
  • The key handling in which a client with a PID via email can publish or remove public keys.

 

Key-management

Overview

In the interim key-management mechanism, keys are published to and removed from the keylist via preformatted signed e-mail to the AB.

Each Participant (with an assigned PID) can take part in the key-management after a "hand shake" where the Participant physically deliver, to a delegate of the AB, their public component of the key used for signing the key-management e-mails.

The key-management key will be verified with a signed message in return to the Participant.

The keys shall be delivered within an JWS according to mts4 but specified as in in a JSON format signed using JWS (RFC 7515) as specified as here.

Key management requests are sent via e-mail to keyhandling@mobileticket.se. After successfully authenticating the content of the JSON structure contained within the e-mailsmail, key information are subject to a manual check and then imported into the key management system.

After a successful import the system will send a confirmation email to the predefined recipient of the Participant.

All transactions will be logged.