DevCentre

Application Programmers Interface Specification

The Internet Document API will provide all the services for sending and receiving Internet Documents. The following page is just a draft of what it could look like.

It will be implemented in Java, C, and Delphi. The implementations may differ slightly, as the languages themselves all have different syntax.

Suggestions about how the API should be implemented would be appreciated. Send any comments or ideas to Peter Harrison

Outline

The API is split into two functional areas, the Document Interface and the Transport Interface. The Document Interface will be able to manipulate, load, save and verify XML Documents. Essentially the Document Interface will be a implmentation of DOM. The Transport Interface will be used to transfer any kind of data over via email, taking care of issues such as encryption and signing.

Document Interface

The Document Interface is actually a lightweight XML 'Parser'. Its not a validating parser, it is just able to read and write XML documents.

Class: TIDXml

Properties:

XML

Node

Methods:

GetValue( node : String ) : String
Gets the value of a specific Node.

GetCount( node : String ) : Integer
Gets the number of instances that exist of a Tag on a Node.

AddNode( node, newnode : String )
Adds a new Node from and existing Node. Note that the root node of all XML documents is 'xml'.

AddElement( newnode, value : String )
AddElement adds a new Element under the current Node.

EditValue( node, value : String )
EditValue changes the value of the Node to the value supplied.

Transport Interface

The primary strength of the Transport Interface is the way I plan to handle Public Keys. One of the biggest problems I see currently is that people need to worry about how to obtain public keys. With this API, the details are more hidden. Once you generate your own Key Pair, and you get the PKServer List, the sending an receiving of encrypted emails is automatic. Any required public keys are downloaded for you.

GetPKServers();
This is run in order to obtain the current list of Public Key Servers. It should be called before any batch of documents are transmitted.

PrivateKey GeneratePrivateKey();
This is used to generate a Private Key. Is should be called once only for every client. The result should be stored in an encrypted format on the hard drive.

PublicKey GeneratePublicKey( PrivateKey );
This is used to generate a Public Key for the Private Key supplied. This is generally called immediatly after GeneratePrivateKey. Once generated it can be sent to a PKServer.

PKAddress SendPublicKey( Name, Email, PublicKey );
This function sends a public key to a PKServer. The GetPKServers must have been run recently in order to have an up to date list of PKServers. The PKServer used is chosen at random. The function returns a PKAddress, which is similar to an email address, in that it provides an address which people can use to find your Public Key. The format is similar to email - an example would be name#pkserver.com.

PublicKey GetPublicKey( PKAddress | emailAddress );
This function requests a Public Key using the PKAddress or email addressspecified. The PKAddress has the server to connect to in the Address, like a email address. The separator between account and server is a '#' instead of a '@' like in email addresses. If a PKAddress is supplied the PKServer specified is contacted for the Public Key.

If an email address is supplied each PKServer is contacted in turn and queried. Naturally using email addresses for Public Key resolution is not the prefered means of obtaining a Public Key due to the huge comms overhead.

PS : Any ideas on how we could make email public key resolution faster?

PublicKey VerifyPublicKey( PKAddress | emailAddress );
This function requests a Verification using the PKAddress or email addressspecified. The PKAddress has the server to connect to in the Address, like a email address. The separator between account and server is a '#' instead of a '@' like in email addresses. If a PKAddress is supplied the PKServer specified is contacted for the Public Key.

The Verification consists of a MD5 of the Public Key, instead of the Public Key itself. The MD5 is shorter than the Public Key.

SetEmailSettings( emailaddress, pop3server, smtpserver, pop3password );
This function sets up all the details about your email connection

SendEmailFile( emailaddress, PublicKey, FileName );
This function sends a file on disk out to the supplied email address. The file is compressed, encrypted using the supplied public key, signed using your private key, and attached as a mime attachment to the email. The email header will also contain your PKAddress.

SendEmailStream( emailaddress, PublicKey, Stream );
This function sends a data stream to the supplied email address. The stream is compressed, encrypted using the supplied public key, signed using your private key, and attached as a mime attachment to the email. The email header will also contain your PKAddress.

GetEmailHeaders();
This function will receive the headers of all emails waiting for collection.

GetEMailtoFile( number, Filename );
This function will receive the email, and unpack the attached file into the specified file. It will automatically handle obtaining the required Public Key by looking up the PKAddress supplied, or at a last resort looking up the email address. It will then use the Public Key of the sender to authenticate the email.

GetEMailtoStream( number, Stream );
This function will receive the email, and unpack the attached file into the specified stream. It will automatically handle obtaining the required Public Key by looking up the PKAddress supplied, or at a last resort looking up the email address. It will then use the Public Key of the sender to authenticate the email.

DeleteEmail( number );
Deletes the specified Email

Odds and Ends

Further things to think about:

Confirmations, sending back confirmation that a document that was sent actually arrived.

Hooks for Outlook and Outlook Express?

Home