Slightly more documentation

3805c5fb · ale · 3c544c3f · 3805c5fb
Commit 3805c5fb authored 5 years ago by ale
--- a/README.md
+++ b/README.md
@@ -26,8 +26,20 @@ supported are *append* and *scan* (and internally a
 *delete-older-than* that periodically wipes entries that are too old
 to be relevant anymore).

-Querying reputation for an IP consists in scanning the database for
-a pre-defined window of time in the past, and passing the results
-to a *scoring script* (currently written in an embedded language),
-that applies aggregation and weighting and returns the final score.
+Querying reputation for an IP consists in scanning the database for a
+pre-defined window of time in the past, and passing the results to a
+*scoring script* (currently written in [an embedded
+language](https://github.com/d5/tengo)), that applies aggregation and
+weighting and returns the final score.

+## RPC interface
+
+The server provides a simple GRPC interface that is used for event
+submission and querying. The query API is a simple IP lookup,
+returning a score. This conceivably could be turned into a DNS-based
+API as well.
+
+## Third-party sources
+
+It would be nice to allow the scoring script to consult other IP-based
+third-party sources, such as DNSBLs, or GeoIP lookups, etc.