Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleanup of remaining references to Claims. #105

Merged
merged 1 commit into from
Oct 6, 2023
+3 −3
Merged

Cleanup of remaining references to Claims. #105

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions draft-ietf-scitt-architecture.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -739,13 +739,13 @@ When a Signed Statement is registered by a TS a Transparent Statement is created
Receipts are based on COSE Signed Merkle Tree Proofs ({{-COMETRE}}) with an additional wrapper structure that adds the following information:

- version: Receipt version number; MUST be set to `0` for implementation of this document.
- ts_identifier: The DID of the Transparency Service that issued the Receipt. Verifiers MAY use this DID as a key discovery mechanism to verify the Receipt; in this case the verification is the same as for Signed Claims and the signer MAY include the `kid` header parameter. Verifiers MUST support the `did:web` method, all other methods are optional.
- ts_identifier: The DID of the Transparency Service that issued the Receipt. Verifiers MAY use this DID as a key discovery mechanism to verify the Receipt; in this case the verification is the same as for Signed Statment and the signer MAY include the `kid` header parameter. Verifiers MUST support the `did:web` method, all other methods are optional.

We also introduce the following requirements for the COSE signature of the Merkle Root:

- The SCITT version header MUST be included and its value match the `version` field of the Receipt stucture.
- The DID of issuer header (like in Signed Claims) MUST be included and its value match the `ts_identifier` field of the Receipt structure.
- TS MAY include the Registration policy info header to indicate to verifiers what policies have been applied at the registration of this claim.
- The DID of issuer header (like in Signed Statements) MUST be included and its value match the `ts_identifier` field of the Receipt structure.
- TS MAY include the Registration policy info header to indicate to verifiers what policies have been applied at the registration of this Statement.
- Since {{-COMETRE}} uses optional headers, the `crit` header (id: 2) MUST be included and all SCITT-specific headers (version, DID of TS and Registration Policy) MUST be marked critical.

The TS may include the registration time to help verifiers decide about the trustworthiness of the Transparent Statement.
Expand Down