Merge pull request #265 from ietf-wg-scitt/hannestschofenig-patch-8

Clarification regarding tbsCertificate Co-authored-by: Henk Birkholz <[email protected]> Co-authored-by: Hannes Tschofenig <[email protected]>
ietf-wg-scitt · Jul 21, 2024 · f4d542b · f4d542b
2 parents 83c4eb9 + 1da7aaf
commit f4d542b
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/draft-ietf-scitt-architecture.md b/draft-ietf-scitt-architecture.md
@@ -310,10 +310,10 @@ Similarly, reputable Transparency Services are incentivized to secure their Appe
 
 The building blocks defined in SCITT are intended to support applications in any supply chain that produces or relies upon digital Artifacts, from the build and supply of software and IoT devices to advanced manufacturing and food supply.
 
-SCITT is a generalization of Certificate Transparency {{-CT}}, which can be interpreted as a transparency architecture for the supply chain of X.509 certificates.
+SCITT is a generalization of Certificate Transparency (CT) {{-CT}}, which can be interpreted as a transparency architecture for the supply chain of X.509 certificates.
 Considering CT in terms of SCITT:
 
-- CAs (Issuers) sign X.509 TBSCertificates (Artifacts) to produce X.509 certificates (Signed Statements)
+- CAs (Issuers) sign the ASN.1 DER encoded tbsCertificate structure to produce an X.509 certificate (Signed Statements)
 - CAs submit the certificates to one or more CT logs (Transparency Services)
 - CT logs produce Signed Certificate Timestamps (Transparent Statements)
 - Signed Certificate Timestamps are checked by Relying Parties