Versions Compared

Version Old Version 18 New Version Current
Changes made by

Frank Tarsillo (Deactivated)

Frank Tarsillo (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

DRAFT- InProgress

 Abstract

Commentary:

The  App Directory (AppD) is a service that provides a financial application definition that includes a trusted identifier(s) and associated metadata.  The information registered as part of an application definition supports discovery, launch configuration, intents and context data supporting the use and interoperability of financial applications.  This proposal recommends use of a distributed or detached model to managing application data servicing, where there are (N) AppD services on a network providing information related to a subset of namespace "zones" that align with the financial application identifiers.  This approach encourages independence, scale and responsive provisioning of application definitions. This is modeled from a subset of the public name service "Domain Name System", which has proven reliable and conceptually fit for discovery.

In order to support the discovery of application data stored in a given directory, name space concepts are introduced to both identify the realm of application definitions and AppD service locations that host data.  In simple terms, there has to be a way of discovering the location of the AppD service itself and the associated application definitions that are available from that service.  

This proposal focuses on defining the following key features to support this need:

  • Application data discovery through nested namespace approach and email address construction (name@fqdn) defining the application identifier as the name part and AppD location as the fully qualified domain name part.  The entire address should be considered the fully qualified application ID. (Note: An expanded definition is required outside this proposal) 
  • AppD service host discovery implementations should support the following requirements;
    1. Discovery through of the AppD location using the fully qualified application ID namespace syntax host name resolution Discovery through use of DNS SRV record types domain name. This would be the fqdn part of the email structure. 
    2. Discovery of the AppD location using the fully qualified application ID domain name to lookup DNS SRV records identifying the host server location and access TCP port. (RFC2782 ) 
    3. Federated discovery of URI records between AppD services
    4. Statically defined URI records for use within client applications directly.  This is similar to #1 above, but provides explicit protocol, port and url definitions as part of the defintion. 

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119].

...

AppD service through DNS / SRV records:

Image RemovedImage Added


AppD Service distribution visual:

...

For the purposes of this proposal, application data discovery shall be accessible through a unique application identifier (AppId) representing a single application represented by a nested namespace syntax using dot notation (e.g. app.sub.root).  It should be noted that a given AppD service may support multiple application namespace "zones" as part of a standard nested naming hierarchyand email address construction (name@fqdn) defining the application identifier as the name part and AppD location as the fully qualified domain name part.  The entire address should be considered the fully qualified application ID



Example:


Code Block
getAppData("appapp@sub.sub.root")  

return 
{
   "guid": "appapp@sub.sub.root",
   "id":1,
   "name":"app",
   "title":"A really cool app",
   "manifest_url":"https://app.sub.root/app.json",
   "description":"An app that provides really cool financial data",
   "contact_email":"info@appinfo@sub.sub.root",
   "support_email":"support@appsupport@sub.sub.root",
   "signature":"https://app.sub.root/app",
   "publisher":"foo",
   "icon":"https://app.sub.root/app/img/1525196540430.jpg",
   "appPage":"/apps/app",
   "images":[
            {
              "url":"https://app.sub.root/app/img/1525196540315.png"
            }]
}

...

The following represents the three ways AppD service instances should be discovered over a given network.  Again, the view is that AppD services are distributed/decoupled based on associated application namespace on a given network.  This takes into account the use of the application identifiers described in previous section.  A launcher is required to use a URI (e.g. "https://appd.foo.com/api/appd/app1app1@appd.appd.foo.com") to query a given directory instance for data.  In order to construct a URI, the host location and port of a given AppD service instance is required.  This proposal focuses on the following approaches to achieve this resolution. 

...

An application directory URI can be constructed using a fully qualified application ID by recognizing the identifier as a fully qualified domain name, whereby the subdomain of the fully qualified application ID can resolve to the application directory host.  Given an application (email address syntax) by using fqdn part of the ID as the host location and the name part as the application name.   Given an application name "app1" with a fully qualified identifier of "app1app1@appd.appd.foo.com" an application directory host location can be derived by simply extracting the subdomain fqdn "appd.foo.com" from the email syntax.   The extracted subdomain fqdn "app.foo.com" must may resolve to the actual host location where the application directory is running.   

...

  1. URI protocol is defaulted to https, but can be overridden by the launcher. 
  2. URI hostname is the subdomain fully qualified domain of the fully qualified application ID. 
  3. URI port is default https/443, but can be overridden by the launcher
  4. URI url is by default "/api/(service)/(version)" .  It is recommended that we identify service label as "appd" with version being optional.  Calls that are made without version automatically default to latest "/api/appd/app1" vs "/api/appd/v1/app1" 

The resulting URI to retrieve application data for "app1" would be "https://appd.foo.com/api/appd/v1/app1app1@appd.appd.foo.com"  

 Application identifiers, Shrinking the URI and AppdD defaults

Although the concept of fully qualified application IDs are useful in resolving the actual host of the application directory, there is no requirement for an application directory to use this fully qualified application ID as the resolver for a record.  An  An application ID is unique to given application directory, but there is no requirement to use the fully qualified representation when querying an interface.  Taking the prior example, the fully qualified application ID "app1app1@appd.appd.foo.com" is represented as "app1" within the application directory.  As a result a launcher can use a shortened URI construct "https://appd.foo.com/api/appd/v1/app1" to resolve the application data vs "https://appd.foo.com/api/appd/app1@appd.foo.com".

DNS/SRV Records

Another approach to support AppD service discovery (resolution) is through use of existing domain name service (DNS) implementations that are broadly used on the Internet today (see: RFCs).  Name service implementations can be considered critical infrastructure and are proven stable with over twenty years of use. Name services can be used both through public Internet or locally deployed intranet, which provides optionality to deployment schemes. 

More specifically, resolution of an AppD service instance should (host location) can be implemented using DNS "service records" (SRV) providing the host instance, protocol and associated port.  The following is a well known description of a SRV record (RFC2782):

...

Although SRV records provide the means of resolving the location of an AppD service for a specific domain, there could be a need to know what domains exist in the universe.  This would be a list of domains representing all known directory instances. It is recommended that  the FDC3/FINOS organization publish a list of known domains which support AppD services.  This publication can be handled in multiple ways, such as structured files or API endpoints.  This proposal shall not provide a qualified solution to achieve this, but rather draw attention to a potential requirement.  

Peer-to-Peer Discovery

This type of discovery focuses on the replication of known domain:URI records between AppD services.   A domain:URI records consist of the application identifier or domain and the associated URI (e.g. appd.foo.com : https://appd.foo.com).  This follows the concept of peer-to-peer replication, whereby the following concepts must be supported by a given AppD service must:

  1. have one or more peers seeded manually or through centralized source (see above section on Known domains)
  2. store AppD service locations as domain:URI record types
  3. publish managed (owned) domain:URI records on startup to peers
  4. have an accessible endpoint providing list of known domain:URI  
  5. on startup, retrieve a list of known domain:URIs from peer(s) 
  6. have an accessible endpoint to receive published events from other AppD services. 
  7. compare received events/records to known records with any differences triggering record updates to peers.
  8. Must verify and refresh discovered domain:URI records

The requirements force almost a complete replication and active refresh of records across a peer-to-peer instances, but increases the development requirements and network traffic. 

Image Removed

Static configuration

...