From 922723e25bbc1938a2e72fa23d0e1c56ecf08062 Mon Sep 17 00:00:00 2001 From: steve lasker Date: Tue, 21 May 2024 14:59:18 -0700 Subject: [PATCH 1/2] Spelling errors and markdown nits Signed-off-by: steve lasker --- draft-ietf-scitt-scrapi.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/draft-ietf-scitt-scrapi.md b/draft-ietf-scitt-scrapi.md index 83eda63..4835920 100644 --- a/draft-ietf-scitt-scrapi.md +++ b/draft-ietf-scitt-scrapi.md @@ -64,7 +64,7 @@ informative: --- abstract This document describes a REST API that supports the normative requirements of the SCITT Architecture {{-SCITT-ARCH}}. -Optional key discovery and query interfaces are provided to support interoperability issues with Decentralized Identifiers, X509 Certificates and Artifact Reposistories. +Optional key discovery and query interfaces are provided to support interoperability issues with Decentralized Identifiers, X509 Certificates and Artifact Repositories. --- middle @@ -101,7 +101,7 @@ This specification uses "payload" as defined in {{RFC9052}}. # Endpoints Authentication is out of scope for this document. -If Authentication is not implemented, rate limiting or other denial of service mititations MUST be applied to enable anonymous access. +If Authentication is not implemented, rate limiting or other denial of service mitigations MUST be applied to enable anonymous access. NOTE: '\' line wrapping per RFC 8792 in HTTP examples. @@ -138,11 +138,10 @@ In the absence of this header field, this document does not specify a minimum. The following HTTP endpoints are mandatory to implement to enable conformance to this specification. - ### Transparency Configuration Authentication SHOULD NOT be implemented for this endpoint. -This endpoint is used to discovery the capabilites of a transparency service implementing this specification. +This endpoint is used to discovery the capabilities of a transparency service implementing this specification. Request: @@ -345,7 +344,6 @@ TODO: other error codes The following HTTP endpoints are optional to implement. - ### Issue Statement Authentication MUST be implemented for this endpoint. @@ -557,7 +555,7 @@ Content-Type: application/json This endpoint in inspired by {{-Nonce-Endpoint}}. Authentication SHOULD NOT be implemented for this endpoint. -This endpoint is used to demonstrate proof of posession, which is the reason that authentication is not required. +This endpoint is used to demonstrate proof of possession, which is the reason that authentication is not required. Client holding signed statements that require demonstrating proof of possession MUST use this endpoint to obtain a nonce. Request: @@ -714,7 +712,6 @@ Registry {{IANA.params}}, following the template in {{RFC3553}}: Index value: No transformation needed. ~~~ - ## Well-Known URI for Issuers The following value is requested to be registered in the "Well-Known URIs" registry (using the template from {{RFC5785}}): @@ -763,4 +760,3 @@ To indicate that the content is a SCITT Receipt: - Provisional registration? No --- back - From 711c9ab43b5388c62dbd2817254e42f72eba2be6 Mon Sep 17 00:00:00 2001 From: steve lasker Date: Tue, 21 May 2024 15:05:59 -0700 Subject: [PATCH 2/2] Add RFC8792 reference Signed-off-by: steve lasker --- draft-ietf-scitt-scrapi.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/draft-ietf-scitt-scrapi.md b/draft-ietf-scitt-scrapi.md index 4835920..ff2d601 100644 --- a/draft-ietf-scitt-scrapi.md +++ b/draft-ietf-scitt-scrapi.md @@ -51,6 +51,7 @@ normative: RFC7231: RFC3553: RFC5785: + RFC8792: IANA.params: I-D.draft-ietf-scitt-architecture: SCITT-ARCH @@ -103,7 +104,7 @@ This specification uses "payload" as defined in {{RFC9052}}. Authentication is out of scope for this document. If Authentication is not implemented, rate limiting or other denial of service mitigations MUST be applied to enable anonymous access. -NOTE: '\' line wrapping per RFC 8792 in HTTP examples. +NOTE: '\' line wrapping per {{RFC8792}} in HTTP examples. All messages are sent as HTTP GET or POST requests.