Spring '84 has two roles: servers and clients.

A board is a small HTML fragment signed with an Ed25519 key that encodes its own expiration date. One key publishes one board. A newer valid board replaces the old board for that key.

A Spring '84 identity is an Ed25519 keypair. The public key MUST be expressed as 64 lowercase hexadecimal characters.

The final seven characters MUST match 84eMMYY, where 84e identifies the protocol family, MM is the expiration month, and YY is the expiration year.

0000c3c690ca08fd6f071cfd6fb587efc10c9d5a81f1c7ce7c901066b84e1126

A key is valid for exactly two years preceding its expiration date. A key ending in 84e0328 becomes valid on April 1, 2026 and expires at 23:59:59 UTC on March 31, 2028.

There is no built-in succession mechanism. If continuity is desired, the publisher must generate a new key before the old one expires and use linked keys during the overlap period.

A board is an HTML fragment. It MUST NOT include a doctype, <html>, <head>, or a full document wrapper.

<time datetime="2026-03-30T14:22:00Z">March 30, 2026</time>

Allowed Elements

<div>, <span>, <p>, <br>, <h1> ... <h6>, <em>, <strong>,
<a>, <img>, <ul>, <ol>, <li>, <blockquote>, <pre>, <code>,
<style>, <hr>, <figure>, <figcaption>, <section>, <article>,
<header>, <footer>, <time>, <mark>, <del>, <ins>, <sub>, <sup>,
<details>, <summary>, <spring-84-link>

Allowed Attributes

• -class, id, style, title, lang, and dir on any allowed element.
• -href on <a>, constrained to the spring84:// scheme.
• -src, alt, width, and height on <img>. Image sources MUST be data URIs.
• -datetime on <time>.
• -key and sig on <spring-84-link>.

Embedded images MUST contain pixel data only. Servers MUST reject EXIF, XMP, IPTC, PNG text chunks, GIF application extensions, WebP metadata chunks, and other non-rendering metadata.

Spring '84 uses three HTTP endpoints.

4.1 Publishing

PUT /board/<key> HTTP/1.1
Spring-84-Version: 1
Spring-84-Signature: <hex-encoded Ed25519 signature>
Content-Type: text/html;charset=utf-8

<board HTML>

The key in the URL is the publisher's public key. The signature header contains an Ed25519 signature over the exact request body.

If all checks pass, the server stores the board and responds with 200 OK. The timestamp check provides monotonic freshness and replay protection.

4.2 Retrieving

GET /board/<key> HTTP/1.1

HTTP/1.1 200 OK
Spring-84-Signature: <hex-encoded Ed25519 signature>
Content-Type: text/html;charset=utf-8
Last-Modified: Sun, 30 Mar 2026 14:22:00 GMT

<board HTML>

Servers MUST support conditional requests with If-Modified-Since and return 304 Not Modified when the stored board is not newer.

Missing and expired boards both return 404 Not Found.

4.3 Listing

GET /keys?limit=100&after=<cursor> HTTP/1.1

HTTP/1.1 200 OK
Content-Type: application/json
Spring-84-More: true

["ab12cd34...ef56", "cd56ef78...1234"]

GET /keys returns 64-character public keys with non-expired boards in lexicographic order. limit defaults to 100 and MUST NOT exceed 1000. after is the last key from the previous page.

Spring '84 assumes multiple independent servers. There is no central server, canonical instance, relay-to-relay synchronization, or authoritative host for a key.

• -Publishers MAY push the same signed board to multiple servers.
• -Clients MAY pull from multiple servers and use the newest valid board for a key.
• -Servers MAY aggregate boards from other servers. A board remains valid regardless of where it was retrieved from.

spring84://<key>
spring84://<key>?relay=boards.example.com

The optional relay query parameter is a discovery hint. Clients MAY use it, MAY ignore it, and MUST NOT treat it as authoritative.

A link is active only when both boards contain reciprocal declarations, both signatures verify, and both keys are within their valid period.

<spring-84-link key="<key_b_hex>" sig="<key_b_signature>" />

The signature is over the canonical link string:

LINK:<lower_key>:<higher_key>

Servers do not parse, validate, or act on linked-key declarations beyond normal HTML allowlist validation.

• -Render boards with CSP: default-src 'none'; style-src 'unsafe-inline'; img-src data:;
• -Render boards in a sandboxed iframe or equivalent isolation mechanism with no permissions granted.
• -Verify Spring-84-Signature against the board body and URL key before rendering.
• -Independently sanitize HTML before rendering, even if the server already validated it.
• -Resolve spring84:// links inside the client.

The following are MAY-level policies, not conformance requirements.

• -Servers MAY impose extra proof-of-work requirements.
• -Servers MAY limit how frequently a key can update its board.
• -Servers MAY delete expired boards from storage, provided expired boards are not served.
• -Servers MAY refuse boards for any local policy reason.
• -Servers MAY maintain allowlists and reject all other keys.
• -Servers MAY use mutual linked-key declarations as introductions for allowlist expansion.

A Spring '84 conformance suite should include:

• -Valid boards covering the full allowed HTML and CSS surface.
• -Invalid boards exercising every rejection condition.
• -Signature verification test vectors.
• -Key format validation test vectors.
• -Expiration and timestamp edge cases.
• -Linked-key verification scenarios.

The current validator and implementation work is maintained in the Spring '84 GitHub repository.

The current Spring '84 version is 1. Publishers MUST include a Spring-84-Version header. Servers MUST reject unsupported versions with 400 Bad Request.

The version number increments only for validation-affecting changes: new allowed elements, new required checks, or wire-format changes.

• -Spring '84 specification, validator, and implementation.
• -Spring '83 specification by Robin Sloan.
• -Specifying Spring '83 by Robin Sloan.
• -RFC 865: Quote of the Day Protocol by Jon Postel.
• -Ed25519: High-speed high-security signatures by Daniel J. Bernstein et al.