aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2021-05-05 12:30:38 +0200
committerMartin Schanzenbach <mschanzenbach@posteo.de>2021-05-05 12:30:38 +0200
commite83d2df802258a91d5891554afa7b2df27de4aba (patch)
tree801c1a444d4a5eff215cb6c91e005742a848e0a8
parent28bc636e4c54d513f904c37dffeaac7156971090 (diff)
downloadlsd0002-e83d2df802258a91d5891554afa7b2df27de4aba.tar.gz
lsd0002-e83d2df802258a91d5891554afa7b2df27de4aba.zip
update objects
-rw-r--r--draft-schanzen-reclaimid.xml137
1 files changed, 127 insertions, 10 deletions
diff --git a/draft-schanzen-reclaimid.xml b/draft-schanzen-reclaimid.xml
index cfc2130..fa9ad15 100644
--- a/draft-schanzen-reclaimid.xml
+++ b/draft-schanzen-reclaimid.xml
@@ -122,8 +122,14 @@
122| TYPE | FLAG | 122| TYPE | FLAG |
123+-----+-----+-----+-----+-----+-----+-----+-----+ 123+-----+-----+-----+-----+-----+-----+-----+-----+
124| ID | 124| ID |
125| |
126| |
127| |
125+-----+-----+-----+-----+-----+-----+-----+-----+ 128+-----+-----+-----+-----+-----+-----+-----+-----+
126| ATTESTATION | 129| ATTESTATION |
130| |
131| |
132| |
127+-----+-----+-----+-----+-----+-----+-----+-----+ 133+-----+-----+-----+-----+-----+-----+-----+-----+
128| NSIZE | DSIZE | 134| NSIZE | DSIZE |
129+-----+-----+-----+-----+-----+-----+-----+-----+ 135+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -147,11 +153,11 @@
147 </dd> 153 </dd>
148 <dt>ID</dt> 154 <dt>ID</dt>
149 <dd> 155 <dd>
150 Is a 64 bit attribute identifier. 156 Is a 256 bit attribute identifier.
151 </dd> 157 </dd>
152 <dt>ATTESTATION</dt> 158 <dt>ATTESTATION</dt>
153 <dd> 159 <dd>
154 Is the 64 bit credential identifier which asserts this attribute. 160 Is the 256 bit credential identifier which asserts this attribute.
155 0 means no attestation. 161 0 means no attestation.
156 </dd> 162 </dd>
157 <dt>NSIZE</dt> 163 <dt>NSIZE</dt>
@@ -164,7 +170,7 @@
164 </dd> 170 </dd>
165 <dt>NAME</dt> 171 <dt>NAME</dt>
166 <dd> 172 <dd>
167 The attribute name. A UTF-8 string. 173 The attribute name. A UTF-8 string with NULL byte at the end.
168 </dd> 174 </dd>
169 <dt>DATA</dt> 175 <dt>DATA</dt>
170 <dd> 176 <dd>
@@ -187,6 +193,9 @@
187| TYPE | FLAG | 193| TYPE | FLAG |
188+-----+-----+-----+-----+-----+-----+-----+-----+ 194+-----+-----+-----+-----+-----+-----+-----+-----+
189| ID | 195| ID |
196| |
197| |
198| |
190+-----+-----+-----+-----+-----+-----+-----+-----+ 199+-----+-----+-----+-----+-----+-----+-----+-----+
191| NSIZE | DSIZE | 200| NSIZE | DSIZE |
192+-----+-----+-----+-----+-----+-----+-----+-----+ 201+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -210,7 +219,7 @@
210 </dd> 219 </dd>
211 <dt>ID</dt> 220 <dt>ID</dt>
212 <dd> 221 <dd>
213 Is a 64 bit credential identifier. 222 Is a 256 bit credential identifier.
214 </dd> 223 </dd>
215 <dt>NSIZE</dt> 224 <dt>NSIZE</dt>
216 <dd> 225 <dd>
@@ -222,7 +231,7 @@
222 </dd> 231 </dd>
223 <dt>NAME</dt> 232 <dt>NAME</dt>
224 <dd> 233 <dd>
225 The credential name. A UTF-8 string. 234 The credential name. A UTF-8 string with NULL byte at the end.
226 </dd> 235 </dd>
227 <dt>DATA</dt> 236 <dt>DATA</dt>
228 <dd> 237 <dd>
@@ -244,10 +253,10 @@
244 <artwork name="" type="" align="left" alt=""><![CDATA[ 253 <artwork name="" type="" align="left" alt=""><![CDATA[
2450 8 16 24 32 40 48 56 2540 8 16 24 32 40 48 56
246+-----+-----+-----+-----+-----+-----+-----+-----+ 255+-----+-----+-----+-----+-----+-----+-----+-----+
247| IDENTITY | 256| IDENTITY TYPE | IDENTITY |
248| | 257+-----------------------+ |
249| | 258| +-----------------------|
250| | 259| | AUDIENCE TYPE |
251+-----+-----+-----+-----+-----+-----+-----+-----+ 260+-----+-----+-----+-----+-----+-----+-----+-----+
252| AUDIENCE | 261| AUDIENCE |
253| | 262| |
@@ -255,6 +264,9 @@
255| | 264| |
256+-----+-----+-----+-----+-----+-----+-----+-----+ 265+-----+-----+-----+-----+-----+-----+-----+-----+
257| TID | 266| TID |
267| |
268| |
269| |
258+-----+-----+-----+-----+-----+-----+-----+-----+ 270+-----+-----+-----+-----+-----+-----+-----+-----+
259 ]]></artwork> 271 ]]></artwork>
260 <!-- <postamble>which is a very simple example.</postamble>--> 272 <!-- <postamble>which is a very simple example.</postamble>-->
@@ -263,17 +275,27 @@
263 where: 275 where:
264 </t> 276 </t>
265 <dl> 277 <dl>
278 <dt>IDENTITY TYPE</dt>
279 <dd>
280 Is the 32 bit identity type as defined in GANA for GNS
281 identity zone types (e.g. PKEY).
282 </dd>
266 <dt>IDENTITY</dt> 283 <dt>IDENTITY</dt>
267 <dd> 284 <dd>
268 Is the 256 bit identity public zone key of the user. 285 Is the 256 bit identity public zone key of the user.
269 </dd> 286 </dd>
287 <dt>AUDIENCE TYPE</dt>
288 <dd>
289 Is the 32 bit audience type as defined in GANA for GNS
290 identity zone types (e.g. PKEY).
291 </dd>
270 <dt>AUDIENCE</dt> 292 <dt>AUDIENCE</dt>
271 <dd> 293 <dd>
272 Is the 256 bit audience public zone key of the relying party. 294 Is the 256 bit audience public zone key of the relying party.
273 </dd> 295 </dd>
274 <dt>TID</dt> 296 <dt>TID</dt>
275 <dd> 297 <dd>
276 Is a 64 bit ticket identifier. 298 Is a 256 bit ticket identifier.
277 </dd> 299 </dd>
278 </dl> 300 </dl>
279 <t> 301 <t>
@@ -287,9 +309,104 @@
287 </t> 309 </t>
288 <section anchor="attrrefs" numbered="true" toc="default"> 310 <section anchor="attrrefs" numbered="true" toc="default">
289 <name>Attribute References</name> 311 <name>Attribute References</name>
312 <t>
313 An attribute reference is stored in GNS under records
314 of type "RECLAIM_ATTRIBUTE_REF". An attribute reference
315 is stored in GNS under a label derived from a ticket ID.
316 The reference points to an actual attribute ID.
317 The record format of a RECLAIM_ATTRIBUTE_REF is as follows:
318 </t>
319 <figure anchor="figure_gnsattrref">
320 <artwork name="" type="" align="left" alt=""><![CDATA[
3210 8 16 24 32 40 48 56
322+-----+-----+-----+-----+-----+-----+-----+-----+
323| ATTRIBUTE ID |
324| |
325| |
326| |
327+-----+-----+-----+-----+-----+-----+-----+-----+
328| NSIZE | DSIZE |
329+-----+-----+-----+-----+-----+-----+-----+-----+
330/ NAME + DATA /
331/ /
332+-----------------------------------------------+
333 ]]></artwork>
334 <!-- <postamble>which is a very simple example.</postamble>-->
335 </figure>
336 <t>
337 where:
338 </t>
339 <dl>
340 <dt>ATTRIBUTE ID</dt>
341 <dd>
342 Is the 256 bit attribute ID of an existing attribute.
343 </dd>
344 </dl>
290 </section> 345 </section>
291 <section anchor="credpres" numbered="true" toc="default"> 346 <section anchor="credpres" numbered="true" toc="default">
292 <name>Credential Presentations</name> 347 <name>Credential Presentations</name>
348 <t>
349 A re:claimID presentation is stored in GNS under records
350 of type "RECLAIM_PRESENTATION". A presentation is derived from a
351 credential and may contain only a subset of the attestations.
352 The presentation construct is used to support selective disclosure
353 of third party issued credentials. It consists of
354 a type, a flag, a name and data.
355 The record format of a RECLAIM_PRESENTATION is as follows:
356 </t>
357 <figure anchor="figure_gnspres">
358 <artwork name="" type="" align="left" alt=""><![CDATA[
3590 8 16 24 32 40 48 56
360+-----+-----+-----+-----+-----+-----+-----+-----+
361| TYPE | FLAG |
362+-----+-----+-----+-----+-----+-----+-----+-----+
363| ID |
364| |
365| |
366| |
367+-----+-----+-----+-----+-----+-----+-----+-----+
368| NSIZE | DSIZE |
369+-----+-----+-----+-----+-----+-----+-----+-----+
370/ NAME + DATA /
371/ /
372+-----------------------------------------------+
373 ]]></artwork>
374 <!-- <postamble>which is a very simple example.</postamble>-->
375 </figure>
376 <t>
377 where:
378 </t>
379 <dl>
380 <dt>TYPE</dt>
381 <dd>
382 Is the 32 bit presentation type as defined in the GANA registry.
383 </dd>
384 <dt>FLAG</dt>
385 <dd>
386 Is a 32 bit presentation flag combination as defined in the GANA registry
387 </dd>
388 <dt>ID</dt>
389 <dd>
390 Is a 256 bit credential identifier.
391 </dd>
392 <dt>NSIZE</dt>
393 <dd>
394 32 bit length of the presentation name in bytes.
395 </dd>
396 <dt>DSIZE</dt>
397 <dd>
398 32 bit length of the credential data.
399 </dd>
400 <dt>NAME</dt>
401 <dd>
402 The credential name. A UTF-8 string with NULL byte at the end.
403 </dd>
404 <dt>DATA</dt>
405 <dd>
406 The credential data.
407 </dd>
408 </dl>
409
293 </section> 410 </section>
294 </section> 411 </section>
295 </section> 412 </section>