| Note |
|---|
2016-12-30 Samtrafikens BoB Metadata is now going into production, and this interim-solution is discontinued. |
The purpose of the interim key-storage is to get online with an common AB for the management procedures are to provide a temporary Administering Body (AB) function for the early-adapting participants of the Mobile Ticket SpecificationSpecifications. This is not an a complete AB as we believe there are more functions to comefull functionality is not required at this stage. The current API is based upon the same principles as the coming API-specs from the project, but the permanent solution will detailedhave more functionality.
The interim solution for key storage -management is divided into two parts:
- The key storage repository where everyone can fetch the key-list on an open url.using a public url. The key-list, which is updated every 5 minutes, can be fetched from https://api.mobileticket.se/keylist
- The key handling -management in which an client a Participant with an assigned PID, via email can send in an new public key.
Keylist
The keylist can be fetched from <URL>
Key handling
In the interim key handling new keys are published on the keylist via email. Keys shall be delivered within an JWS according to mts4 but with the following content:
The JWS Protected Header shall contain the following fields:{
"alg": 'EC',
"kid": string <kid defined from the AB>,
"authid": string <your PID> ,
"notvalidafter": integer (unix timestamp),
"serial": integer (serialNumber),
}
The JWS Payload shall contain the following fields:
{
'mtbPublicKeys' [ JWK Object, JWK Object .. JWK Object ],
}
- e-mail, can publish or remove public keys.