@@ -494,23 +494,23 @@ When a client re-connects to a polyproto WebSocket gateway server, the client ma
494494to the server instead of identifying. The resumed event sent by the server informs the client
495495about everything the client has missed since their last active connection to the gateway.
496496
497- TODO: Must the resume event not contain a token?
498-
499497!!! example "Example resume event structure"
500498
501499 ```json
502500 {
503501 "n": "core",
504502 "op": 5,
505503 "d": {
506- "s": 12
504+ "s": 12,
505+ "token": "aDHsdfghihn2n0c634tnlxibnd2tz09y8m7kbxti7rg""
507506 }
508507 }
509508 ```
510509
511- | Field | Type | Description |
512- | ----- | ------ | --------------------------------------------------------------------------------------- |
513- | ` s ` | uint64 | Sequence number of the last event received by the client; aka. "Where to receive from". |
510+ | Field | Type | Description |
511+ | ------- | ------ | --------------------------------------------------------------------------------------------------------------------- |
512+ | ` s ` | uint64 | Sequence number of the last event received by the client; aka. "Where to receive from". |
513+ | ` token ` | string | A [ session token] ( #41-authentication ) issued by the server, identifying the session the client wants to connect with. |
514514
515515!!! example "Example "resumed" event"
516516
@@ -573,9 +573,13 @@ A set of "relevant events" is a set of events which meet both of the following c
573573 generated using a revoked certificate. In other words, intermediary values of this event type
574574 affect the validity or state of other events.
575575
576- Servers may reject a clients' wish to resume, if the number of events that would need to be replayed
577- is too high for the server to process. In this case, the request to resume is met with a close code
578- of ` 4010 ` by the server and the connection is terminated.
576+ Servers may reject a clients' wish to resume, if
577+
578+ - The number of events that would need to be replayed is too high for the server to process.
579+ - The client is not eligible to resume and must start a new session instead.
580+
581+ In this case, the request to resume is met with an appropriate [ close code] ( #325-closing-a-connection )
582+ (ex.: ` 4010 ` ) by the server and the connection is terminated.
579583
580584##### 3.2.3.7 Server certificate change event
581585
@@ -825,7 +829,10 @@ Protocol in polyproto should happen on a best-effort basis.
825829
826830### 3.6 Compression
827831
828- TODO
832+ !!! info "Unfinished"
833+
834+ As of beta.1 of the polyproto protocol specification, this section is unfinished. Expect this
835+ section to receive content in future beta releases of the protocol spec.
829836
830837!!! bug "TODO; Here's a TL;DR:"
831838
@@ -900,6 +907,9 @@ for information on how this is done.
900907 Their concept has been thought out further and implemented in different ways. Challenge strings are
901908 no longer needed. This section will be removed soon.
902909
910+ The API documentation already reflects this change; expect the protocol specification to reflect
911+ these changes in upcoming beta versions of polyproto.
912+
903913 TODO: Better describe "Sensitive-Solution" instead.
904914
905915!!! warning
@@ -1305,8 +1315,11 @@ TODO
13051315
13061316 - Should actors always be able to revoke the ID-Cert they are sending the revocation message with
13071317 without needing to complete a sensitive action?
1318+ - Currently, I cannot see any reason that would speak against this.
13081319 - How can actors remain in control of their keys? If revocations need to be signed by the server,
13091320 then the server has more authority over keys than the actor does
1321+ - Revocations should likely never have to be signed by the server. Either that, or it does,
1322+ but the [trust model assumptions](#2-trust-model) apply.
13101323
13111324If the ID-Cert revocation was initiated by an actor, that actor must inform other servers of this
13121325revocation ** before** sending further messages to those servers.
0 commit comments