HPPR Repository Service
Tags: repo, overview
© R.A.Sol
The HPPR Repository Service is the standard authenticated packet repository layer built on the packet and wire protocols.
hpprd is the reference daemon implementation of
these specs.
The Model
A repository stores packet versions at coordinates.
Clients send commands to retrieve, list, store, watch, replicate, and stream those packet versions. Commands arrive through a command flow. The accepted request envelope establishes a principal. The repository evaluates that principal against policy and then performs the command.
The story is:
- packet bytes prove content and signatures
- coordinates name packet versions
- command messages ask a service to do work
- command flows define how requests are accepted
- repository envelopes bind commands to principals
- Ring1 and Ring2 load identity state
- ACL maps principals and coordinates to
read,write, andlist - storage materializes the abstract packet repository
- replication, streams, admin, and joins are repository commands and conventions layered on the same model
Repository requests are interpreted in this order:
- transport receives one command message;
- command flow determines available state;
- request envelope determines principal;
- command catalog determines semantics;
- Ring1/Ring2 and ACL rules determine authorization;
- storage or streaming machinery performs the command.
Conformance Boundary
Repository service conformance covers:
- repository command semantics (041)
- authenticated request envelopes (042)
- session command flow (043)
- message command flow (044)
- repository identity text (045)
- ACL rule format, evaluation, and storage (050)
- Ring1 repository authentication (051)
- Ring2 group authentication (052)
- filesystem repository layout (060)
- replication and live streaming (080)
- bootstrap and join workflow conventions (090)
Underlying packet data is defined in 010, addressing in 020, and command-flow vocabulary in 030, 031, and 032. Higher-level data schemes are defined in 100 and 110.