List of functions of the Vendor API
Note: All functions in paranthesis () are suggestions, the ones without MUST be realised.
Especially the functions regarding the age verification need be discussed.
Is Assurer
The function returns whether the requested person has assurer status or not.
Presently assurer status is defined by 100 valid assurance points and passed CATS test.
Return values: yes/no/no valid information if no permission
Assurer points
The function returns the number of points that the requested person can grant as maximum.
If the requested person is not an assurer the return value should be 0.
Return values: 0,10,15,20,25,30,35, no valid information if no permission
Last Activity
The function returns one of the following 4 status information about the last activity of the requested person in their account:
<= 6 months
<= 12 month
<=24 month
>= 24 month / no information
Problems
might be that support activity is tracked as well on the account
Return Values: 6, 12, 24, no valid information if no permission or > 24 months
(Is minor)
The function returns whether the requested person is below a certain age. Returns true or false
This function could also be used within the account application for setting PoJAM restrictions.
Problems
Which country restriction should be used for the age criteria? The one of the vendor, the one where the requested person is born or the one where the requested person is living.
Who approves that the county settings are correct?
(Age range)
The function returns whether the requested person is in one of the following age ranges:
< 17
>= 17 and < 21
>=21 and <30
>=30 and <40
…
(AgeRestriction)
The function returns whether the requested person matches one of the following statements if the requested person allowed the statement to be returned. If not, “no information available” should be returned.
below 17
below 18
below 19
below 20
below 21
ValidCertificate (Is User identity valid)
The function returns whether the requested person's identity information is valid, expired, blocked or unknown.
This function may only be an internal one for a check whether the requested user information is valid.
Thinking of using the certificate serial number as identity check, the result could be:
valid – if the certificate is valid
expired/revoked – if the certificate is expired or revoked
unknown – if the identity could not be verified or if the account is blocked/locked/deleted
Return values: valid, expired, revoked, no valid information if no permission or any other state of the account
AccountID
Returns the AccountID for a certificate
Return Values: AccountID or no valid information if no permission
RealName
Returns the name in the account first name + middle name + last name + suffix.
Return values: real name, no valid information if no permission
AccountDeleted
Returns whether an account is deleted or not.
Q: What are the indicators for a deleted account?
Return values: yes, no, no valid information if no permission
AccountDeletedList(since)
Returns a list of all accounts that have been deleted since a given date
Return value: list of account ids
IsVerifiedUser
Returns if persons have reached the assured status which means that they can place their name in the certificate.
Presently CAcert Member with >=50 assurance points
Return values: yes, no, no valid information if no permission