Skip to content

Commit

Permalink
Merge pull request #105 from SteveLasker/claim-cleanup
Browse files Browse the repository at this point in the history 
Cleanup of remaining references to Claims.
  • Loading branch information
@SteveLasker
SteveLasker authored Oct 6, 2023
2 parents 0383ec2 + ce0b9f4 commit e6e4f18
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions draft-ietf-scitt-architecture.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -739,13 +739,13 @@ When a Signed Statement is registered by a TS a Transparent Statement is created
Receipts are based on COSE Signed Merkle Tree Proofs ({{-COMETRE}}) with an additional wrapper structure that adds the following information:

- version: Receipt version number; MUST be set to `0` for implementation of this document.
- ts_identifier: The DID of the Transparency Service that issued the Receipt. Verifiers MAY use this DID as a key discovery mechanism to verify the Receipt; in this case the verification is the same as for Signed Claims and the signer MAY include the `kid` header parameter. Verifiers MUST support the `did:web` method, all other methods are optional.
- ts_identifier: The DID of the Transparency Service that issued the Receipt. Verifiers MAY use this DID as a key discovery mechanism to verify the Receipt; in this case the verification is the same as for Signed Statment and the signer MAY include the `kid` header parameter. Verifiers MUST support the `did:web` method, all other methods are optional.

We also introduce the following requirements for the COSE signature of the Merkle Root:

- The SCITT version header MUST be included and its value match the `version` field of the Receipt stucture.
- The DID of issuer header (like in Signed Claims) MUST be included and its value match the `ts_identifier` field of the Receipt structure.
- TS MAY include the Registration policy info header to indicate to verifiers what policies have been applied at the registration of this claim.
- The DID of issuer header (like in Signed Statements) MUST be included and its value match the `ts_identifier` field of the Receipt structure.
- TS MAY include the Registration policy info header to indicate to verifiers what policies have been applied at the registration of this Statement.
- Since {{-COMETRE}} uses optional headers, the `crit` header (id: 2) MUST be included and all SCITT-specific headers (version, DID of TS and Registration Policy) MUST be marked critical.

The TS may include the registration time to help verifiers decide about the trustworthiness of the Transparent Statement.
Expand Down

0 comments on commit e6e4f18

Please sign in to comment.