Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Address what is stored on the ledger #335

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Address what is stored on the ledger #335

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions draft-ietf-scitt-architecture.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -558,7 +558,8 @@ The subsequent sections describe the main concepts, namely Transparency Service,
## Transparency Service

Transparency Services MUST feature an Append-only Log.
The Append-only Log is the verifiable data structure that records registered Signed Statements and supports the production of Receipts.
The Append-only Log is the verifiable data structure that records integrity protection of the registered Signed Statements and supports the production of Receipts.
Transparency Services may provide ancillary services to store the contents of the Signed Statement, however the Append-only Log does not store the Signed Statement contents avoiding concerns of persisting personally identifiable information.

All Transparency Services MUST expose APIs for the Registration of Signed Statements and issuance of Receipts.

Expand Down Expand Up @@ -615,7 +616,7 @@ This verifiable data structure MUST support the following security requirements:

Append-Only:

: once included in the verifiable data structure, a Signed Statement cannot be modified, deleted, or reordered; hence its Receipt provides an offline verifiable proof of Registration.
: once the integrity protection of the Signed Statement is included in the verifiable data structure, the Log cannot be modified, deleted, or reordered; hence its Receipt provides an offline verifiable proof of Registration, in relation to other entries on the Log.

Non-equivocation:

Expand All @@ -632,7 +633,10 @@ Specific verifiable data structures, such those describes in {{-CT}} and {{-COME

### Adjacent Services

Transparency Services can be deployed along side other database or object storage technologies.
SCITT defines the structure and behavior for interacting with the Append-only Log, which stores cryptographic proofs of the registered Signed Statements.
The persistence and indexing of the Signed Statement are adjacent services.

In addition, Transparency Services can be deployed along side database, object storage or package manager services, providing integrity protection and verification for their content.
For example, a Transparency Service that is supporting a software package management system, might be referenced from the APIs exposed for package management.
Providing an ability to request a fresh Receipt for a given software package, or to request a list of Signed Statements associated with the software package.

Expand Down
Loading