The Proposed 402-Receipts Standard

Most of the communication needed by this standard happens in the HTTP headers of requests and responses.

Additionally, the meaning of relevant HTTP Response codes is explained.

All requests and responses involved in this standard should be made over HTTPS connections with valid certificates. Implementations should decline to follow addresses for insecure HTTP resources, and where possible should redirect HTTP traffic to HTTPS.


402 Response Code

A 402 HTTPS response indicates that the request should/may be retried with a (valid, applicable) Receipt as described in the Receipts-Accepts header. To the extent possible, 402 should be the “rejection of last resort” in the sense that a 402 response should not be given if the request would have failed for other reasons in addition to the absence of a suitable Receipts-Submission header.

A Receipts-Accepts header is mandatory for a 402 response.

If a 402 response has a response body, that body should be used as a placeholder for the requested resource, and must be appropriate for such use. It should contain human-appropreate messaging explaining the nature of the problem.


Receipts-Accepts Header

The Receipts-Accepts response header value is a compressed Receipt Definition XML object. Any response may have an Accepts header, but they are mandatory for a 402 Response. In practice it’s advisable for the Receipts-Accepts header to be constant for a given resource regardless of the rest of the details of the response.

Receipts-Accepts: eNpVkFFugzAQRP97CpQDeBFqWqna+qPKDdoewCIbsIrXFrsROX4MhpD6a954PFovnuni2auPLNUtDCyfh141yQfAa92Yn6/Twb5UFe65GWcjBufZbuFpmgzdXEgDmTYGQFgDJe2VgoXktAcfXEcmcYewuCUgvmMapdCDH/UjteSTijkHNkw6xfFvqUNYk6UG/vWg6mCb96bOB2GGYl9Gkt6+Za+o4rZRdB9gpg0yXvPnxf5+nxCK3K9ciFdWW5v6iLDC1gJ7TdHLw7ycp3U+k9g7Cyp50Q==

This decompresses to the following xml:

<definitions xmlns="https://402.TBD">

Receipts-Receipt Header

The Receipts-Receipt HTTP Request header will contain a compressed Receipt xml object. See the Receipts page for a more detailed explanation of the contents of a Receipt and details of how it will be signed and its textual representation.