Introducing Bohdan and Florian as co-authors + a fiew cosmetic modifications - lsd0013

commit a9daa068888c26de2f33102def5293a0439180d3
parent 8c3e2849c2291d4abdb3024a66994c302fef2c21
Author: Emmanuel Benoist <emmanuel.benoist@bfh.ch>
Date:   Thu,  9 Oct 2025 15:46:00 +0200

Introducing Bohdan and Florian as co-authors + a fiew cosmetic modifications

Diffstat:
M draft-donau.xml  | 72 +++++++++++++++++++++++++++++++++++++++++++++++++-----------------------

1 file changed, 49 insertions(+), 23 deletions(-)
diff --git a/draft-donau.xml b/draft-donau.xml
@@ -60,7 +60,38 @@
       </address>
     </author>
 
-    <date day="30" month="June" year="2025" />
+    
+    <author fullname="Bohdan Potuzhnyi" initials="B.P." surname="Potuzhnyi">
+      <organization>Bern University of Applied Sciences</organization>
+      <address>
+        <postal>
+          <street>H&ouml;heweg 80</street>
+          <street></street>
+          <city>Biel/Bienne</city>
+	      <code>CH-2501</code>
+          <country>CH</country>
+        </postal>
+        <email>bohdan.potuzhnyi@bfh.ch</email>
+      </address>
+    </author>
+
+        
+    <author fullname="Florian Dold" initials="F.D." surname="Dold">
+      <organization>Taler Systems AG</organization>
+      <address>
+        <postal>
+          <street>7, rue de Mondorf</street>
+          <street></street>
+          <city>Erpeldange</city>
+	      <code>L-5421</code>
+          <country>Luxembourg</country>
+        </postal>
+        <email>dold@taler.net</email>
+      </address>
+    </author>
+
+    
+    <date day="09" month="October" year="2025" />
 
     <!-- Meta-data Declarations -->
     <area>General</area>
@@ -231,7 +262,7 @@
     reserved characters that are percent-encoded.
     </t>
     <t>
-    Finally, algo specifies the specific signature algorithm
+    Finally, <tt>algo</tt> specifies the specific signature algorithm
     used; for now,
     only ED25519 (see <xref target="RFC8032" />) is supported.
     The signature using the specified algorithm must be
@@ -255,11 +286,11 @@
     Actions" sub-registry.
     </t>
     <t>
-    Donau-validators seeing a "donau://" URI MUST use HTTP over TLS when talking
+    Donau-validators seeing a "<tt>donau://</tt>" URI MUST use HTTP over TLS when talking
     to the respective network service.
-    Donau-validators seeing a "donau+http://" URI MUST use HTTP without TLS when talking
+    Donau-validators seeing a "<tt>donau+http://</tt>" URI MUST use HTTP without TLS when talking
     to the respective network service.  Donau-validators SHOULD support
-    "donau+http://"-URIs only when run in developer or debug mode.
+    "<tt>donau+http://</tt>"-URIs only when run in developer or debug mode.
     Validators would contact the base to obtain the public key
     used for the signature. The base origin SHOULD also be shown to the
     user to indicate which authority issued the proof of donation.
@@ -336,13 +367,13 @@
 
 
 
-    Each of the "signkeys" is valid between "stamp_start" and
-    "stamp_expire" and the public "key" returned is encoded using Base 32
+    Each of the "<tt>signkeys</tt>" is valid between "<tt>stamp_start</tt>" and
+    "<tt>stamp_expire</tt>" and the public "<tt>key</tt>" returned is encoded using Base 32
     U Crockford encoding <xref target="base32-U-crockford"/>.
 
    <sourcecode>
         <![CDATA[
-    ; Core JSON tokens (simplified; assumes standard JSON for strings, numbers, booleans, null, arrays, objects)
+; Core JSON tokens (simplified; assumes standard JSON for strings, numbers, booleans, null, arrays, objects)
 JSONString      = DQUOTE *(%x20-21 / %x23-5B / %x5D-10FFFF / "\" EscapedChar) DQUOTE
 UCrockford = *( ALPHA32 / "-" )
 ALPHA32 = DIGIT / LETTER
@@ -392,7 +423,7 @@ SignKey = "{" DQUOTE "key" DQUOTE ":" JSONObject "," DQUOTE "year" DQUOTE ":" JS
         ]]>
       </sourcecode>
 
-Example, a response to a GET request to the /key/ endpoint.
+Example, a response to a GET request to the <tt>/key/</tt> endpoint.
    <sourcecode>
         <![CDATA[
  {"signkeys":
@@ -412,7 +443,7 @@ Example, a response to a GET request to the /key/ endpoint.
 						and signature">
   <t>
     If the Donau-URI does not contain the total or the signature, the
-    verification app MUST download them from the /donation-statement/
+    verification app MUST download them from the <tt>/donation-statement/</tt>
     endpoint of the base.<br/>
 
     The verification app will compute the donor hash H using SHA-512 <xref target="RFC6234"/>
@@ -420,10 +451,10 @@ Example, a response to a GET request to the /key/ endpoint.
     NUL byte (0x00), followed by the salt string, followed by a final NUL byte (0x00):
     <tt>H = SHA-512(taxid || 0x00 || salt || 0x00)</tt>. Here, <tt>taxid</tt> is the
     UTF-8 string obtained by percent-decoding the <tt>taxid-enc</tt> path segment.
-    This produces the hash-donor-id. The verification app will contact the
-    base in the endpoint /donation-statement with the year and the hash-donor-id. 
+    This produces the <tt>hash-donor-id</tt>. The verification app will contact the
+    base in the endpoint <tt>/donation-statement</tt> with the year and the hash-donor-id. 
 
-    The hash-donor-id must be encoded using Base 32 U Crockford
+    The <tt>hash-donor-id</tt> must be encoded using Base 32 U Crockford
     encoding <xref target="base32-U-crockford"/>.
 
     
@@ -435,14 +466,9 @@ Example, a response to a GET request to the /key/ endpoint.
 <t>References: [this.I-D]</t>
 </list>
 
-FIXME-EB: why here 'total' and 'amount' in the URL? Use 'total' in both cases for consistency?
-FIXME-EB: why return 'pub'? Seems redundant!
-FIXME-EB: maybe return 'algo' also in /keys?
-RESPONSE-EB : I do not know, this is just https://docs.taler.net/core/api-donau.html
-
 
 Servers implementing the donation-statement endpoint MUST respect the
-following syntax; all three fields (total-field, sig-field, pub-field) MUST be included.
+following syntax; all three fields (<tt>total-field</tt>, <tt>sig-field</tt>, <tt>pub-field</tt>) MUST be included.
 
 The amount is a string formed first of the currency (in capital
 letters) then ":" and then the value (can be an integer or a decimal
@@ -592,8 +618,7 @@ Example of an element of USD 100.00 :
           <dt>YEAR:</dt>
           <dd>The year on a 32 bit unsigned integer in big endian.</dd>
         </dl>
-        <t>FIXME-EB: we'll need test vectors for this in an appendix!</t>
-      </section>
+       </section>
 
 <section anchor="signature-verification" title="Signature verification for a donation statement">
   <t>
@@ -766,8 +791,6 @@ Fetched public key for year 2025 from https://donau.test.taler.net/keys:
 
     &RFC8032; 
 
-    &RFC4648; 
-
     &RFC9498; 
 
     &RFC7748; 
@@ -779,6 +802,9 @@ Fetched public key for year 2025 from https://donau.test.taler.net/keys:
 
   <references title="Informational References">
 
+    &RFC4648; 
+
+
    <reference anchor="HMW12" target="https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf">
      <front>
          <title>Clickjacking: Attacks and Defenses</title>

	lsd0013 LSD0013: The donau:// scheme
	Log \| Files \| Refs