From c269f220364c04db50c326408a4b65acb780714e Mon Sep 17 00:00:00 2001 From: Darrell O'Donnell Date: Thu, 7 Mar 2024 08:30:25 -0800 Subject: [PATCH 1/3] added Latour view on Authority (result of governance) Signed-off-by: Darrell O'Donnell --- spec/scope.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spec/scope.md b/spec/scope.md index 3c9bfac..1ecbcee 100644 --- a/spec/scope.md +++ b/spec/scope.md @@ -16,6 +16,8 @@ The TRP does not: * make decisions - the TRP serves up data that are inputs to trust decisions. * assign Roles or Rights, though a consuming system may take information that is received via the TRP and assign these. +It is most crucial to understand that a Trust Registry does NOT create authority. As Jacques Latour says "the authority of a trust registry is an outcome of governance". + ### Purpose The purpose of this **ToIP specification** is to define a standard interoperable protocol for interacting with a global web of **peer trust registries**, each of which can answer queries about whether a particular **party** is trusted and authorized, to perform a particular **action** in a particular **digital trust ecosystem** (defined under an **EGF**), as well as which **peer trust registries** trust each other. From f4bb62f9b7e1e54c9ba1f28be9a9d427240181f1 Mon Sep 17 00:00:00 2001 From: Darrell O'Donnell Date: Thu, 7 Mar 2024 08:30:51 -0800 Subject: [PATCH 2/3] added SwaggerHug rendering Signed-off-by: Darrell O'Donnell --- spec/annex.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/spec/annex.md b/spec/annex.md index abe3748..6b5b70a 100644 --- a/spec/annex.md +++ b/spec/annex.md @@ -35,7 +35,10 @@ It is provided as an Open API Specification v3 YAML file. [OAS (.yaml) for TRP v2](../api/toip-tswg-trustregistryprotocol-v2.yaml). -[Redoc Rendering (static HTML) of specification](../api/redoc-static.html) +There are several renderings of the OAS specification: + +* Inline - this rendering is managed in this repository [Redoc Rendering (static HTML) of specification](../api/redoc-static.html) +* SwaggerHub - this rendering is manually updated from time to time and may be out of date: [SwaggerHub](https://app.swaggerhub.com/apis/CULedger/CULedger.Identity/0.3.1-oas3.1) ## Annex C - Uses and Data Model Reference From 8f20f7db52a8bfd68f81aca62d11e625d17ed8d6 Mon Sep 17 00:00:00 2001 From: Darrell O'Donnell Date: Thu, 7 Mar 2024 08:31:26 -0800 Subject: [PATCH 3/3] upgr to OAS 3.1.0 Signed-off-by: Darrell O'Donnell --- api/redoc-static.html | 22 +- api/toip-tswg-trustregistryprotocol-v2.yaml | 542 +++++++++++--------- 2 files changed, 297 insertions(+), 267 deletions(-) diff --git a/api/redoc-static.html b/api/redoc-static.html index 04d9ce7..02e60c4 100644 --- a/api/redoc-static.html +++ b/api/redoc-static.html @@ -397,7 +397,7 @@ 55.627 l 55.6165,55.627 -231.245496,231.24803 c -127.185,127.1864 -231.5279,231.248 -231.873,231.248 -0.3451,0 -104.688, -104.0616 -231.873,-231.248 z - " fill="currentColor">

ToIP Trust Registry Protocol v2 (0.2.0)

Download OpenAPI specification:Download

E-mail: darrell.odonnell@continuumloop.com License: Apache 2.0

Trust Registry capabilities

ToIP Trust Registry Protocol v2 (0.3.1-oas3.1)

Download OpenAPI specification:Download

E-mail: darrell.odonnell@continuumloop.com License: Apache 2.0

Trust Registry capabilities

Not Found

Response samples

Content type
application/json
{
  • "identifier": "did:example:123",
  • "authorizations": [
    ],
  • "governanceFrameworkVID": "did:example:456",
  • "DIDDocument": "string",
  • "validity": {
    },
  • "status": "current",
  • "statusDetail": "string"
}

Determine whether an Entity has a particular Authorization.

Authorizations:
bearerAuth
path Parameters
entityVID
required
string <uri> (VID)
https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/entitities/{entityid}

Response samples

Content type
application/json
{
  • "identifier": "did:example:123",
  • "authorizations": {
    },
  • "governanceFrameworkVID": "did:example:456",
  • "primaryTrustRegistryVID": "did:example:456",
  • "additionalTrustRegistries": [
    ],
  • "validity": {
    },
  • "status": "current",
  • "statusDetail": "string"
}

Determine whether an Entity has a particular Authorization.

Authorizations:
bearerAuth
path Parameters
entityVID
required
string <uri> (VID)

The VID-based identifier of a VID/DID/AID or X.509 Issuer. Allows reserved characters per RFC3986. Do NOT escape the URI.

@@ -451,7 +451,7 @@ " class="sc-iKOmoZ sc-cCzLxZ WVNwY VEBGS sc-ckdEwu LxEPk">

Not Found

Response samples

Content type
application/json
[
  • {
    },
  • {
    }
]

Query this Trust Registry about its recognition of another Trust Registry. +

https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/entities/{entityVID}/authorizations

Response samples

Content type
application/json
{
  • "identifier": "did:example:abc",
  • "simplename": "country:role"
}

Query this Trust Registry about its recognition of another Trust Registry.

Authorizations:
bearerAuth
query Parameters
namespace-VID
string <uri> (VID)

Filter in only the namespace requested - show all registries otherwise. The URI-based Verifiable Identifier (VID) (e.g. DID or X.509 VID). Allows reserved characters per RFC3986. @@ -518,7 +518,7 @@ " class="sc-iKOmoZ sc-cCzLxZ WVNwY VEBGS sc-ckdEwu LxEPk">

Not Found

Response samples

Content type
application/json
[
  • {
    },
  • {
    }
]

Get the namespaces that are supported in this trust Registry.

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
{
  • "identifier": "did:example:abc",
  • "simplename": "country:role"
}

Get the namespaces that are supported in this trust Registry.

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get a list of DID Methods that are supported by a particular Governance Framework.

Authorizations:
bearerAuth
query Parameters
required
Array of objects (VIDMethodListType)
https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/lookup/namespaces

Response samples

Content type
application/json
[
  • {
    }
]

Get a list of DID Methods that are supported by a particular Governance Framework.

Authorizations:
bearerAuth
query Parameters
required
Array of objects (VIDMethodListType)

Provides a list of DID-methods that are supported by this trust registry. MAY include Maximum Assurance Level +" class="sc-iKOmoZ sc-cCzLxZ WVNwY jaVotg">

Provides a list of VID types (DID) methods that are supported by this trust registry. MAY include Maximum Assurance Level that a DID Method is set at under the EGF.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get a list of the assurance levels that are in use by this Trust Registry (and its governing EGF).

Authorizations:
bearerAuth
query Parameters
egfURI
required
string <uri> (Uri)
https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/lookup/vidmethods

Response samples

Content type
application/json
[
  • {
    }
]

Get a list of the assurance levels that are in use by this Trust Registry (and its governing EGF).

Authorizations:
bearerAuth
query Parameters
egfURI
required
string <uri> (Uri)

The URI-based identifier of the Ecosystem Governance Framework that the assurance levels apply to. Allows reserved characters per RFC3986. Do NOT escape the URI.

@@ -556,7 +556,7 @@ " class="sc-iKOmoZ sc-cCzLxZ WVNwY VEBGS sc-ckdEwu LxEPk">

Not Found

Response samples

Content type
application/json
[
  • {
    }
]

metadata

https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/lookup/assurancelevels

Response samples

Content type
application/json
[
  • {
    }
]

metadata

Metadata operations.

Provides metadata object.

Metadata object.

@@ -570,7 +570,7 @@ " class="sc-iKOmoZ sc-cCzLxZ WVNwY VEBGS sc-ckdEwu LxEPk">

Not Found

Response samples

Content type
application/json
{
  • "lastupdated": "2019-08-24T14:15:22Z",
  • "languages": [
    ]
}

offline

https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/metadata

Response samples

Content type
application/json
{
  • "lastupdated": "2019-08-24T14:15:22Z",
  • "languages": "en"
}

offline

Offline operations (i.e. prepare to go offline).

Access a full data file that can be used offline.

JSON file array of offline list of Issuers

Response samples

Content type
application/json
{
  • "extractdatetime": "2019-08-24T14:15:22Z",
  • "version": "string",
  • "validity": {
    },
  • "lookups": {
    },
  • "registries": [
    ],
  • "entities": [
    ],
  • "resources": [
    ]
}

Access a full data file that can be used offline.

https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/offline/exportfile

Response samples

Content type
application/json
{
  • "extractdatetime": "2019-08-24T14:15:22Z",
  • "version": "string",
  • "validity": {
    },
  • "lookups": {
    },
  • "registries": [
    ],
  • "entities": [
    ],
  • "resources": [
    ]
}

Access a full data file that can be used offline.

Allows querying to determine the status of an Issuer, as identified by their Identifier (unique), credential type, and EGF that they are operating under.

@@ -596,7 +596,7 @@ " class="sc-iKOmoZ sc-cCzLxZ WVNwY jaVotg">

SwaggerHub API Auto Mocking

https://virtserver.swaggerhub.com/darrellodonnell/ToIP.TrustRegistry/0.1.0/offline/trustestablishmentdocument

Response samples

Content type
application/json
{
  • "TBD": "string"
}