Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Workflow and details for signed-statement/issue #10

Closed
SteveLasker opened this issue May 23, 2024 · 1 comment · Fixed by #51
Closed

Workflow and details for signed-statement/issue #10

SteveLasker opened this issue May 23, 2024 · 1 comment · Fixed by #51
Assignees
@JAG-UK
Labels
has-pr
Milestone
Draft 03

Comments

@SteveLasker
Copy link
Collaborator

Opening this issue to explore:

  • Does /signed-statements/issue also register the newly signed statement, or return a signed statement to then be submitted via 2.1.2. Signed Statement Registration?
  • What are the properties of a Signed Statement, when signed by the Transparency Service?
    • How does the TS represent it has signed on behalf of the service-authenticated user, meaning are we deferring the signing to be a root CA, where the service is maintaining identity documents for the user? Or, is there some on-behalf of flow?
@SteveLasker SteveLasker mentioned this issue May 23, 2024
Merged
@JAG-UK
Copy link
Contributor

JAG-UK commented Jul 26, 2024

Currently the endpoint returns a Signed Statement, and then you have to send that along to the Register endpoint.
While an all-in-one API seems attractive, it would also risk getting complex as parameters for each part of the operation are added and commingled. I'd suggest leaving it as it is for now.

How does the TS represent it has signed on behalf of the service-authenticated user,

Suggest we not over-specify this. Too many options and this isn't special compared to any other signing service, or an internal security server farm, or whatever. So where do we draw the line on showing this?

@JAG-UK JAG-UK self-assigned this Aug 6, 2024
@JAG-UK JAG-UK mentioned this issue Dec 3, 2024
Merged
@JAG-UK JAG-UK linked a pull request Dec 5, 2024 that will close this issue
Refactor all the RegisterSignedStatement workflows #51
Merged
@SteveLasker SteveLasker added this to the Draft 03 milestone Dec 31, 2024
@JAG-UK JAG-UK closed this as completed in #51 Jan 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JAG-UK JAG-UK

Labels
has-pr
Projects
None yet
Milestone
Draft 03
Development

Successfully merging a pull request may close this issue.

Refactor all the RegisterSignedStatement workflows ietf-wg-scitt/draft-ietf-scitt-scrapi
2 participants
@SteveLasker @JAG-UK