id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	launchpad_bug
3875	Server/client code for HTTP storage protocol fURLs	itamarst	itamarst	"A HTTP storage fURL looks like `pb://i5xb...@example.com:443/g3m5...#v=1`, where `i5xb...` is the sha256 of the Subject Public Key Information. The `g3m5...` is the swissnum; the `#v=1` means it's HTTP.

On the server-side:

1. The HTTP server should be able to listen with TLS, given paths to key file and certificate file. (It already accepts the swissnum.)
2. It should provide an API that returns the fURL in above format, at the moment purely to be used in testing.

On the client-side:

1. The client should be able to determine the host/port to connect to from a fURL.
2. Upon connecting, the client should verify:
    1. Expiration date of certificate; it hasn't expired.
    2. That the public key in the certificate has SPKI has that matches the one in the fURL.
    3. That the certificate was signed by the private key (i.e. self-signed)."	task	closed	normal	HTTP Storage Protocol	unknown	n/a	fixed