Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update the definition of Receipts #308

Merged
merged 4 commits into from
Oct 15, 2024
Merged

Update the definition of Receipts #308

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5988859
Update the definition of Receipts
Oct 15, 2024
ad998d2
respond to review feedback by reducing the change to
Oct 15, 2024
b9382f3
Update draft-ietf-scitt-architecture.md
SteveLasker Oct 15, 2024
ae24c9b
Update draft-ietf-scitt-architecture.md
SteveLasker Oct 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions draft-ietf-scitt-architecture.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -228,9 +228,11 @@ Over time, an Issuer may register new Signed Statements about an Artifact in a T
Receipt:

: a cryptographic proof that a Signed Statement is included in the Append-only Log.
Receipts are based on Signed Inclusion Proofs, such as those as described in COSE Signed Merkle Tree Proofs {{-COMETRE}};
they can be built on different verifiable data structures, not just binary merkle trees.
A Receipt consists of a Transparency Service-specific inclusion proof for the Signed Statement, a signature by the Transparency Service of the state of the Append-only Log after the inclusion, and additional metadata (contained in the signature's protected headers) to assist in auditing.
Receipts demonstrate the inclusion of Signed Statements in the Append-only Log of a Transparency Service and have a specific abstract role in Transparency as defined in this document.
A Receipt combines a signature by the Transparency Service of the state of the Append-only Log after the inclusion with additional metadata (contained in the signature's protected headers) to assist in auditing.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A Receipt consists of a Transparency Service-specific inclusion proof for the Signed Statement, a signature by the Transparency Service of the state of the Append-only Log after the inclusion, and additional metadata (contained in the signature's protected headers) to assist in auditing.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think, we should stick with the Original text here, which was much crisp and clear!

Can i please ask, why the need for this re-alignment? What is the ask ?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean Line 232 can be replaced with the original text from left!

Rest all re-alignment can be taken from your PR

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, the ask was this issue: #276 it was specifically asking if a Receipt was just an inclusion proof or something else.

On that issue we discussed fore shadowing the definition of transprency, which defines receipts as, essentially, signed inclusion proofs.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand the concerne was that the lack of clarity on that made it unclear whether or how other proof types, specific to the implementation, should be described. In this pr I'm just saying 'not receipts'

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think reducing the entire defintion to just

"Receipts demonstrate the inclusion of Signed Statements in the Append-only Log of a Transparency Service and have a specific abstract role in Transparency as defined in this document."

And nothing else, would address the original issue. Receipts can't both be an abstract notion and also a specific prescription imo

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with this comment.
A SCITT Receipt is a specific data structure, defined in CDDL, that profiles a COSE Receipt.... But SCITT Receipts have never supported proof types other than inclusion.

If the goal is to make sure they never do, we can use MUST language, we don't need to redefine receipt.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yogeshbdeshpande a "less is more" update based on your review I think

Receipts can be based on Signed Inclusion Proofs, such as those described in COSE Signed Merkle Tree Proofs {{-COMETRE}}; they can be built on different verifiable data structures, not just binary Merkle trees.
The cryptographic proof of inclusion for a Receipt is a Transparency Service-specific detail.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The COSE proof types are verifiable data structure specific, I think you mean that the "verifiable data structure" is a transparency service specific detail, and that correspondingly there is no interoperability unless the same data structures are chosen.

It is natural that Transparency Services support signed proofs for purposes other than demonstrating inclusion in an Append-only log; however, those are not Receipts.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The draft referenced above says they are.

It defines receipt as a signed "proof" of some type for some verifiable data structure.

It provides specific examples for inclusion and consistency.

It doesn't prevent other verifiable data structures or other proof types (such as proofs of non inclusion) from being used or called receipts.

I think it is fine for a SCITT Receipt to be only a signed inclusion proof, or only an inclusion proof in a specific verifiable data structure... Assuming that's what the SCITT WG wants SCITT Receipts to be.

This text closes the door to using the term SCITT Receipt to describe a signed consistency proof. Why is this the right thing to do for SCITT?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feedback seems important. Is there a reason we want to close that door?


Registration:

Expand Down
Loading