doc: credential for 8i4b3j account changed

[libisds.git] / doc / message

Message specification
=====================

Source: Provozní řád ISDS, version 2009-10-30, Page 13
Source: Webové služby ISDS pro manipulaci s datovými zprávami, version 2.11
    (2010-05-20) [DataMessage_ws.pdf]
Source: Registration of media type FO and ZFO
    <http://www.alvestrand.no/pipermail/ietf-types/2008-June/002037.html>
Source: O2. Datové schránky: Informace pro dodavatele aplikací, version
    2010-04-28, Page 18

Message ::= Envelope, Content

Message format is defined in Appendix 1, file dmBaseTypes.xsd.

Content ::= (Document)+

Content involves one or more attachments (= Documents). Allowed Document
formats are defined in Appendix 3 of Vyhláška o stanovení podrobností užívání
a provozování ISDS.

Currently (2009-11-18) allowed formats are (quotation follows):

    – pdf (Portable Document Format)
    – PDF/A (Portable Document Format for the Long-term Archiving)
    – xml (Extensible Markup Language Document); must be valid against
    free available XML Schema published by recipient
    – fo/zfo (602XML Filler dokument)
    – html/htm (Hypertext Markup Language Document)
    – odt (Open Document Text)
    – ods (Open Document Spreadsheet)
    – odp (Open Document Presentation)
    – txt (plain text)
    – rtf (Rich Text Format)
    – doc (MS Word Document)
    – xls (MS Excel Spreadsheet)
    – ppt (MS PowerPoint Presentation)
    – jpg/jpeg/jfif (Joint Photographic Experts Group File Interchange Format)
    – png (Portable Network Graphics)
    – tiff (Tagged Image File Format)
    – gif (Graphics Interchange Format)
    – mpeg1/mpeg2 (Moving Picture Experts Group Phase 1 / Phase 2)
    – wav (Waveform Audio Format)
    – mp2/mp3 (MPEG-1 Audio Layer 2 / Layer 3)
    – isdoc/isdocx (Information System Document) version 5.2 or higher

Document format declaration inside Document and conformance checks change
during time. XML Schemas provide attribute for Document MIME type and Document
annotation.

Attribute dmMimeType must present, but may be empty, may contain file name
extension, or may contain official MIME type. If MIME type is declared, ISDS
checks Document content for conformance to the MIME type.

There is MIME type blacklist: application/x-zip-compressed,
application/x-msdownload.

Attribute dmFileDescr (so called annotation) must present and must contain
file name of the Document. Even if dmMimeType exists, ISDS uses THIS attribute
to detect Document format (according file name extension) and checks content
for format conformance.

There is list of allowed file name extensions: pdf, xml, fo, zfo, html, htm,
odt, ods, odp, txt, rtf, doc, xls, ppt, jpg, jpeg, jfif, png, tiff, gif, mpeg1
mpeg2, wav, mp2, mp3, isdoc, isdocx, cer, crt, der, pk7, p7b, p7c, p7f, p7m,
p7s, tst (time stamp).

Non-normative: File name extension to MIME type map:

Extensions  MIME type           Description
-------------------------------------------------------------------------------
pdf         application/pdf     Portable Document Format
xml         application/xml     Extensible MarkUp Language
fo          application/vnd.software602.filler.xml+form
                                602XML form (uncompressed)
zfo         application/vnd.software602.filler.xml+zip+form
                                602XML form (zipped XML form with XSL-FO styles)
html, htm   text/html           Hyper Text MarkUp Language
odt         application/vnd.oasis.opendocument.text
                                Open Document Format Text
ods         application/vnd.oasis.opendocument.spreadsheet
                                Open Document Format Spreadsheet
odp         application/vnd.oasis.opendocument.presentation
                                Open Document Format Presentation
txt         text/plain          Plain text (no charset nor encoding signalled)
rtf         application/rtf     Rich Text Format
doc         application/msword  Microsoft Word Document
xls         application/vnd.ms-excel
                                Microsoft Excel Document
ppt         application/vnd.ms-powerpoint
                                Microsoft PowerPoint Document
jpg, jpeg, jfif
            image/jpeg          JFIF/JPEG image
png         image/png           Portable Network Graphics
tiff        image/tiff          Tag Image File Format
gif         image/gif           Graphics Interchange Format
mpeg1       video/mpeg          Motion Joint Picture Expert Group Version 1
mpeg2       video/mpeg2         Motion Joint Picture Expert Group Version 2
wav         audio/x-wav         RIFF Waveform Audio File Format
mp2         audio/mpeg          MPEG-1 Audio Layer II
mp3         audio/mpeg          MPEG-1 Audio Layer III
isdoc, isdocx
                                Information System Document (payment invoice)
cer, crt, der
                                X.509 Certificate (different serialization)
pk7, p7b, p7c, p7f, p7m, p7s
                                Crypto Message Syntax (different serialization)
tst                             Time Stamp Token (RFC 3161)


Document ::= Binary_Document | XML_Document

Document is Base64 encoded binary format or XML.

There exist special Document type, ESS format, that can exist in Content only
once.

Note: ESS format is special XML language designed as interface between
Electronic Document Systems (ESS). It's defined in Appendix 4 of Provozní řád
ISDS.

Message with `malicious code' will be refused by ISDS.

Maximal total size of Documents in a Message is 10 MB. Binary document size is
size before encoding into Base64, XML document size is size in bytes as is
serialized inside SOAP request.

A Message can be addressed to 50 recipients at maximum.

Life time of Message:

    – 90 days for delivered message, 100 days for system message
    – unlimited for delivered through fiction messages, however they can be
    moved to off-line storage after 90 days. User can request to move the
    Message back into his box (off-line only currently).

Deleted messages are stored off-line as Envelope only without Content. Since
2010-06-01, some services has access to off-line stored envelopes
(Get(Signed)DeliveryInfo, MessageEnvelopeDownload, VerifyMessage,
AuthenticateMessage).

Note: Delivery through fiction is currently defined as new unread for more
than 10 days after delivery.


Digital Signatures
==================

Embedded digital signatures are PKCS#7 to avoid expensive XML canonicalization.


Message hash
============

Message checksum is a hashed bit stream of part of a message. Exact message
part to hash must preserve physical XML serialization. The hash value is
carried inside a message, it's stored in ISDS and it's used as a input form
digital time stamp.

Currently SHA-1 and SHA-256 algortihms are defined. They are identified by
dmHash/@algorithm attribute. Algorithm name in attribute value contains hyphen
character.


System messages
===============

There exists special message type initiated by ISDS (i.e. from system, not from
other box). Such message has reserved from-box `aaaaaaa' (7 × `a') value and
sender type `0' and it contains always document of type HTML. There are
following cases defined:

1   Outgoing message contained malicious code
2   You, administrator, deleted other user
3   Outgoing message could not been delivered because recipient box had been
    made inaccessible
4   Outgoing commercial message has not been accepted by recipient
5   User has been added to the box
6   User permissions has been changed


Commercial messages
===================

Users can allow commercial message receiving explicitly. Commercial message
are not considered as accepted by recipient automatically (in opposite to
standard messages), recipient must call ConfirmDelivery to move message from
state Delivered (4) to state Received (6).

User can request to assign permission to send commercial messages. Permission
can be assigned by Czech Post. Commercial recipient can not be searched. Sender
must know exact box ID.

Incomming commercial message can be recognised by @dmType="K" in message
envelope. If @dmType is "V" or attribute is missing, message is so called
public (i.e. standard noncommercial with acceptance time outs etc.).

How does ISDS determine (non-)commercial status of outgoing message?
The decision is based on sender and recipient box type, commercial
sending/receiving permission and OVM message flag:

All messages are public except following combinations when message is
considered as commercial:

        Sender                         Recipient
Gross type  Commercial sending  Gross type  Commercial receiving    OVM flag
----------------------------------------------------------------------------
non-OVM     allowed             non-OVM     allowed                 any
any         any                 non-OVM     allowed                 false


Message states
==============

Value   Meaning
1       Message has been put into ISDS
2       Message stamped by TSA
3       Message included viruses, infected document has been removed
4       Message delivered (dmDeliveryTime stored)
5       Message delivered through fiction (dmAcceptanceTime stored)
6       Message delivered by user log-in or user explicit request (in case of
        commercial message) (dmAcceptanceTime stored)
7       Message has been read by user
8       Message could not been delivered (e.g. recipient box has been made
        inaccessible meantime)
9       Message content deleted (thus can not be obtained on-line)
10      Message stored into data safe (this is optional commercial service)