1 files changed, 127 insertions, 10 deletions
diff --git a/draft-schanzen-reclaimid.xml b/draft-schanzen-reclaimid.xml
index cfc2130..fa9ad15 100644
--- a/draft-schanzen-reclaimid.xml
+++ b/draft-schanzen-reclaimid.xml
@@ -122,8 +122,14 @@
 |         TYPE          |         FLAG          |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                      ID                       |
+|                                               |
+|                                               |
+|                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                    ATTESTATION                |
+|                                               |
+|                                               |
+|                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |         NSIZE         |          DSIZE        |
 +-----+-----+-----+-----+-----+-----+-----+-----+
@@ -147,11 +153,11 @@
           </dd>
           <dt>ID</dt>
           <dd>
-             Is a 64 bit attribute identifier.
+             Is a 256 bit attribute identifier.
           </dd>
           <dt>ATTESTATION</dt>
           <dd>
-             Is the 64 bit credential identifier which asserts this attribute.
+             Is the 256 bit credential identifier which asserts this attribute.
             0 means no attestation.
           </dd>
           <dt>NSIZE</dt>
@@ -164,7 +170,7 @@
           </dd>
           <dt>NAME</dt>
           <dd>
-             The attribute name. A UTF-8 string.
+             The attribute name. A UTF-8 string with NULL byte at the end.
           </dd>
           <dt>DATA</dt>
           <dd>
@@ -187,6 +193,9 @@
 |         TYPE          |         FLAG          |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                      ID                       |
+|                                               |
+|                                               |
+|                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |         NSIZE         |          DSIZE        |
 +-----+-----+-----+-----+-----+-----+-----+-----+
@@ -210,7 +219,7 @@
           </dd>
           <dt>ID</dt>
           <dd>
-             Is a 64 bit credential identifier.
+             Is a 256 bit credential identifier.
           </dd>
           <dt>NSIZE</dt>
           <dd>
@@ -222,7 +231,7 @@
           </dd>
           <dt>NAME</dt>
           <dd>
-             The credential name. A UTF-8 string.
+             The credential name. A UTF-8 string with NULL byte at the end.
           </dd>
           <dt>DATA</dt>
           <dd>
@@ -244,10 +253,10 @@
         <artwork name="" type="" align="left" alt=""><![CDATA[
 0     8     16    24    32    40    48    56
 +-----+-----+-----+-----+-----+-----+-----+-----+
-|                    IDENTITY                   |
+|      IDENTITY TYPE    |       IDENTITY        |
-|                                               |
+-----------------------+                       |
-|                                               |
+|                       +-----------------------|
-|                                               |
+|                       |    AUDIENCE TYPE      |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                    AUDIENCE                   |
 |                                               |
@@ -255,6 +264,9 @@
 |                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                      TID                      |
+|                                               |
+|                                               |
+|                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
             ]]></artwork>
           <!--        <postamble>which is a very simple example.</postamble>-->
@@ -263,17 +275,27 @@
         where:
       </t>
       <dl>
+         <dt>IDENTITY TYPE</dt>
+         <dd>
+           Is the 32 bit identity type as defined in GANA for GNS
+           identity zone types (e.g. PKEY).
+         </dd>
         <dt>IDENTITY</dt>
         <dd>
           Is the 256 bit identity public zone key of the user.
         </dd>
+         <dt>AUDIENCE TYPE</dt>
+         <dd>
+           Is the 32 bit audience type as defined in GANA for GNS
+           identity zone types (e.g. PKEY).
+         </dd>
         <dt>AUDIENCE</dt>
         <dd>
           Is the 256 bit audience public zone key of the relying party.
         </dd>
         <dt>TID</dt>
         <dd>
-           Is a 64 bit ticket identifier.
+           Is a 256 bit ticket identifier.
         </dd>
       </dl>
       <t>
@@ -287,9 +309,104 @@
      </t>
      <section anchor="attrrefs" numbered="true" toc="default">
        <name>Attribute References</name>
+       <t>
+         An attribute reference is stored in GNS under records
+         of type "RECLAIM_ATTRIBUTE_REF". An attribute reference
+         is stored in GNS under a label derived from a ticket ID.
+         The reference points to an actual attribute ID.
+         The record format of a RECLAIM_ATTRIBUTE_REF is as follows:
+       </t>
+         <figure anchor="figure_gnsattrref">
+           <artwork name="" type="" align="left" alt=""><![CDATA[
+0     8     16    24    32    40    48    56
+-----+-----+-----+-----+-----+-----+-----+-----+
+|                 ATTRIBUTE ID                  |
+|                                               |
+|                                               |
+|                                               |
+-----+-----+-----+-----+-----+-----+-----+-----+
+|         NSIZE         |          DSIZE        |
+-----+-----+-----+-----+-----+-----+-----+-----+
+/                  NAME + DATA                  /
+/                                               /
+-----------------------------------------------+
+             ]]></artwork>
+           <!--        <postamble>which is a very simple example.</postamble>-->
+         </figure>
+         <t>
+           where:
+         </t>
+         <dl>
+           <dt>ATTRIBUTE ID</dt>
+           <dd>
+             Is the 256 bit attribute ID of an existing attribute.
+           </dd>
+         </dl>
      </section>
      <section anchor="credpres" numbered="true" toc="default">
        <name>Credential Presentations</name>
+       <t>
+         A re:claimID presentation is stored in GNS under records
+         of type "RECLAIM_PRESENTATION". A presentation is derived from a
+         credential and may contain only a subset of the attestations.
+         The presentation construct is used to support selective disclosure
+         of third party issued credentials. It consists of
+         a type, a flag, a name and data.
+         The record format of a RECLAIM_PRESENTATION is as follows:
+       </t>
+         <figure anchor="figure_gnspres">
+           <artwork name="" type="" align="left" alt=""><![CDATA[
+0     8     16    24    32    40    48    56
+-----+-----+-----+-----+-----+-----+-----+-----+
+|         TYPE          |         FLAG          |
+-----+-----+-----+-----+-----+-----+-----+-----+
+|                      ID                       |
+|                                               |
+|                                               |
+|                                               |
+-----+-----+-----+-----+-----+-----+-----+-----+
+|         NSIZE         |          DSIZE        |
+-----+-----+-----+-----+-----+-----+-----+-----+
+/                  NAME + DATA                  /
+/                                               /
+-----------------------------------------------+
+             ]]></artwork>
+           <!--        <postamble>which is a very simple example.</postamble>-->
+         </figure>
+         <t>
+           where:
+         </t>
+         <dl>
+           <dt>TYPE</dt>
+           <dd>
+             Is the 32 bit presentation type as defined in the GANA registry.
+           </dd>
+           <dt>FLAG</dt>
+           <dd>
+             Is a 32 bit presentation flag combination as defined in the GANA registry
+           </dd>
+           <dt>ID</dt>
+           <dd>
+             Is a 256 bit credential identifier.
+           </dd>
+           <dt>NSIZE</dt>
+           <dd>
+             32 bit length of the presentation name in bytes.
+           </dd>
+           <dt>DSIZE</dt>
+           <dd>
+             32 bit length of the credential data.
+           </dd>
+           <dt>NAME</dt>
+           <dd>
+             The credential name. A UTF-8 string with NULL byte at the end.
+           </dd>
+           <dt>DATA</dt>
+           <dd>
+             The credential data.
+           </dd>
+         </dl>
      </section>
    </section>
  </section>

diff --git a/draft-schanzen-reclaimid.xml b/draft-schanzen-reclaimid.xml index cfc2130..fa9ad15 100644 --- a/draft-schanzen-reclaimid.xml +++ b/draft-schanzen-reclaimid.xml
@@ -122,8 +122,14 @@
122	\| TYPE \| FLAG \|	122	\| TYPE \| FLAG \|
123	+-----+-----+-----+-----+-----+-----+-----+-----+	123	+-----+-----+-----+-----+-----+-----+-----+-----+
124	\| ID \|	124	\| ID \|
		125	\| \|
		126	\| \|
		127	\| \|
125	+-----+-----+-----+-----+-----+-----+-----+-----+	128	+-----+-----+-----+-----+-----+-----+-----+-----+
126	\| ATTESTATION \|	129	\| ATTESTATION \|
		130	\| \|
		131	\| \|
		132	\| \|
127	+-----+-----+-----+-----+-----+-----+-----+-----+	133	+-----+-----+-----+-----+-----+-----+-----+-----+
128	\| NSIZE \| DSIZE \|	134	\| NSIZE \| DSIZE \|
129	+-----+-----+-----+-----+-----+-----+-----+-----+	135	+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -147,11 +153,11 @@
147	</dd>	153	</dd>
148	<dt>ID</dt>	154	<dt>ID</dt>
149	<dd>	155	<dd>
150	Is a 64 bit attribute identifier.	156	Is a 256 bit attribute identifier.
151	</dd>	157	</dd>
152	<dt>ATTESTATION</dt>	158	<dt>ATTESTATION</dt>
153	<dd>	159	<dd>
154	Is the 64 bit credential identifier which asserts this attribute.	160	Is the 256 bit credential identifier which asserts this attribute.
155	0 means no attestation.	161	0 means no attestation.
156	</dd>	162	</dd>
157	<dt>NSIZE</dt>	163	<dt>NSIZE</dt>
@@ -164,7 +170,7 @@
164	</dd>	170	</dd>
165	<dt>NAME</dt>	171	<dt>NAME</dt>
166	<dd>	172	<dd>
167	The attribute name. A UTF-8 string.	173	The attribute name. A UTF-8 string with NULL byte at the end.
168	</dd>	174	</dd>
169	<dt>DATA</dt>	175	<dt>DATA</dt>
170	<dd>	176	<dd>
@@ -187,6 +193,9 @@
187	\| TYPE \| FLAG \|	193	\| TYPE \| FLAG \|
188	+-----+-----+-----+-----+-----+-----+-----+-----+	194	+-----+-----+-----+-----+-----+-----+-----+-----+
189	\| ID \|	195	\| ID \|
		196	\| \|
		197	\| \|
		198	\| \|
190	+-----+-----+-----+-----+-----+-----+-----+-----+	199	+-----+-----+-----+-----+-----+-----+-----+-----+
191	\| NSIZE \| DSIZE \|	200	\| NSIZE \| DSIZE \|
192	+-----+-----+-----+-----+-----+-----+-----+-----+	201	+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -210,7 +219,7 @@
210	</dd>	219	</dd>
211	<dt>ID</dt>	220	<dt>ID</dt>
212	<dd>	221	<dd>
213	Is a 64 bit credential identifier.	222	Is a 256 bit credential identifier.
214	</dd>	223	</dd>
215	<dt>NSIZE</dt>	224	<dt>NSIZE</dt>
216	<dd>	225	<dd>
@@ -222,7 +231,7 @@
222	</dd>	231	</dd>
223	<dt>NAME</dt>	232	<dt>NAME</dt>
224	<dd>	233	<dd>
225	The credential name. A UTF-8 string.	234	The credential name. A UTF-8 string with NULL byte at the end.
226	</dd>	235	</dd>
227	<dt>DATA</dt>	236	<dt>DATA</dt>
228	<dd>	237	<dd>
@@ -244,10 +253,10 @@
244	<artwork name="" type="" align="left" alt=""><![CDATA[	253	<artwork name="" type="" align="left" alt=""><![CDATA[
245	0 8 16 24 32 40 48 56	254	0 8 16 24 32 40 48 56
246	+-----+-----+-----+-----+-----+-----+-----+-----+	255	+-----+-----+-----+-----+-----+-----+-----+-----+
247	\| IDENTITY \|	256	\| IDENTITY TYPE \| IDENTITY \|
248	\| \|	257	+-----------------------+ \|
249	\| \|	258	\| +-----------------------\|
250	\| \|	259	\| \| AUDIENCE TYPE \|
251	+-----+-----+-----+-----+-----+-----+-----+-----+	260	+-----+-----+-----+-----+-----+-----+-----+-----+
252	\| AUDIENCE \|	261	\| AUDIENCE \|
253	\| \|	262	\| \|
@@ -255,6 +264,9 @@
255	\| \|	264	\| \|
256	+-----+-----+-----+-----+-----+-----+-----+-----+	265	+-----+-----+-----+-----+-----+-----+-----+-----+
257	\| TID \|	266	\| TID \|
		267	\| \|
		268	\| \|
		269	\| \|
258	+-----+-----+-----+-----+-----+-----+-----+-----+	270	+-----+-----+-----+-----+-----+-----+-----+-----+
259	]]></artwork>	271	]]></artwork>
260	<!-- <postamble>which is a very simple example.</postamble>-->	272	<!-- <postamble>which is a very simple example.</postamble>-->
@@ -263,17 +275,27 @@
263	where:	275	where:
264	</t>	276	</t>
265	<dl>	277	<dl>
		278	<dt>IDENTITY TYPE</dt>
		279	<dd>
		280	Is the 32 bit identity type as defined in GANA for GNS
		281	identity zone types (e.g. PKEY).
		282	</dd>
266	<dt>IDENTITY</dt>	283	<dt>IDENTITY</dt>
267	<dd>	284	<dd>
268	Is the 256 bit identity public zone key of the user.	285	Is the 256 bit identity public zone key of the user.
269	</dd>	286	</dd>
		287	<dt>AUDIENCE TYPE</dt>
		288	<dd>
		289	Is the 32 bit audience type as defined in GANA for GNS
		290	identity zone types (e.g. PKEY).
		291	</dd>
270	<dt>AUDIENCE</dt>	292	<dt>AUDIENCE</dt>
271	<dd>	293	<dd>
272	Is the 256 bit audience public zone key of the relying party.	294	Is the 256 bit audience public zone key of the relying party.
273	</dd>	295	</dd>
274	<dt>TID</dt>	296	<dt>TID</dt>
275	<dd>	297	<dd>
276	Is a 64 bit ticket identifier.	298	Is a 256 bit ticket identifier.
277	</dd>	299	</dd>
278	</dl>	300	</dl>
279	<t>	301	<t>
@@ -287,9 +309,104 @@
287	</t>	309	</t>
288	<section anchor="attrrefs" numbered="true" toc="default">	310	<section anchor="attrrefs" numbered="true" toc="default">
289	<name>Attribute References</name>	311	<name>Attribute References</name>
		312	<t>
		313	An attribute reference is stored in GNS under records
		314	of type "RECLAIM_ATTRIBUTE_REF". An attribute reference
		315	is stored in GNS under a label derived from a ticket ID.
		316	The reference points to an actual attribute ID.
		317	The record format of a RECLAIM_ATTRIBUTE_REF is as follows:
		318	</t>
		319	<figure anchor="figure_gnsattrref">
		320	<artwork name="" type="" align="left" alt=""><![CDATA[
		321	0 8 16 24 32 40 48 56
		322	+-----+-----+-----+-----+-----+-----+-----+-----+
		323	\| ATTRIBUTE ID \|
		324	\| \|
		325	\| \|
		326	\| \|
		327	+-----+-----+-----+-----+-----+-----+-----+-----+
		328	\| NSIZE \| DSIZE \|
		329	+-----+-----+-----+-----+-----+-----+-----+-----+
		330	/ NAME + DATA /
		331	/ /
		332	+-----------------------------------------------+
		333	]]></artwork>
		334	<!-- <postamble>which is a very simple example.</postamble>-->
		335	</figure>
		336	<t>
		337	where:
		338	</t>
		339	<dl>
		340	<dt>ATTRIBUTE ID</dt>
		341	<dd>
		342	Is the 256 bit attribute ID of an existing attribute.
		343	</dd>
		344	</dl>
290	</section>	345	</section>
291	<section anchor="credpres" numbered="true" toc="default">	346	<section anchor="credpres" numbered="true" toc="default">
292	<name>Credential Presentations</name>	347	<name>Credential Presentations</name>
		348	<t>
		349	A re:claimID presentation is stored in GNS under records
		350	of type "RECLAIM_PRESENTATION". A presentation is derived from a
		351	credential and may contain only a subset of the attestations.
		352	The presentation construct is used to support selective disclosure
		353	of third party issued credentials. It consists of
		354	a type, a flag, a name and data.
		355	The record format of a RECLAIM_PRESENTATION is as follows:
		356	</t>
		357	<figure anchor="figure_gnspres">
		358	<artwork name="" type="" align="left" alt=""><![CDATA[
		359	0 8 16 24 32 40 48 56
		360	+-----+-----+-----+-----+-----+-----+-----+-----+
		361	\| TYPE \| FLAG \|
		362	+-----+-----+-----+-----+-----+-----+-----+-----+
		363	\| ID \|
		364	\| \|
		365	\| \|
		366	\| \|
		367	+-----+-----+-----+-----+-----+-----+-----+-----+
		368	\| NSIZE \| DSIZE \|
		369	+-----+-----+-----+-----+-----+-----+-----+-----+
		370	/ NAME + DATA /
		371	/ /
		372	+-----------------------------------------------+
		373	]]></artwork>
		374	<!-- <postamble>which is a very simple example.</postamble>-->
		375	</figure>
		376	<t>
		377	where:
		378	</t>
		379	<dl>
		380	<dt>TYPE</dt>
		381	<dd>
		382	Is the 32 bit presentation type as defined in the GANA registry.
		383	</dd>
		384	<dt>FLAG</dt>
		385	<dd>
		386	Is a 32 bit presentation flag combination as defined in the GANA registry
		387	</dd>
		388	<dt>ID</dt>
		389	<dd>
		390	Is a 256 bit credential identifier.
		391	</dd>
		392	<dt>NSIZE</dt>
		393	<dd>
		394	32 bit length of the presentation name in bytes.
		395	</dd>
		396	<dt>DSIZE</dt>
		397	<dd>
		398	32 bit length of the credential data.
		399	</dd>
		400	<dt>NAME</dt>
		401	<dd>
		402	The credential name. A UTF-8 string with NULL byte at the end.
		403	</dd>
		404	<dt>DATA</dt>
		405	<dd>
		406	The credential data.
		407	</dd>
		408	</dl>
		409
293	</section>	410	</section>
294	</section>	411	</section>
295	</section>	412	</section>