Skip to content

Commit

Permalink
fix: trust_marks_issuers -> trust_mark_issuers
Browse files Browse the repository at this point in the history
  • Loading branch information
peppelinux committed Oct 31, 2023
1 parent 1f49c7b commit a65aa1a
Show file tree
Hide file tree
Showing 5 changed files with 11 additions and 11 deletions.
2 changes: 1 addition & 1 deletion docs/common/common_examples.rst
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@ EN 1.4. Entity Configuration Response Trust Anchor
"federation_trust_mark_status_endpoint": "https://registry.agid.gov.it/trust_mark_status/"
}
},
"trust_marks_issuers": {
"trust_mark_issuers": {
"https://registry.agid.gov.it/openid_relying_party/public/": [
"https://registry.spid.agid.gov.it/",
"https://public.intermediary.spid.it/"
Expand Down
2 changes: 1 addition & 1 deletion docs/en/entity_configuration.rst
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ The ECs of a TA, other than the common claims of all the other members, contains

It MAY contain also **allowed_leaf_entity_types**, that restricts what types of Leaf Entities that MAY appear beneath the entity described in this Entity Statement
- |spid-icon| |cieid-icon|
* - **trust_marks_issuers**
* - **trust_mark_issuers**
- JSON Array that indicates which Federation authorities are considered trustworthy
for issuing specific TMs, assigned with their unique identifiers.
- |spid-icon| |cieid-icon|
Expand Down
2 changes: 1 addition & 1 deletion docs/en/la_federazione_delle_identita.rst
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ The configuration of the Federation is published by the Trust Anchor inside its

All the members MUST obtain the Federation configuration before the operational phase and they
MUST keep it up-to-date on a daily basis. The Federation configuration contains the Trust Anchor
public keys for the signature operations, the maximum number of Intermediates allowed between a Leaf and the Trust Anchor (**max_path length**) and the authorities who are enabled to issue the Trust Marks (**trust_marks_issuers**).
public keys for the signature operations, the maximum number of Intermediates allowed between a Leaf and the Trust Anchor (**max_path length**) and the authorities who are enabled to issue the Trust Marks (**trust_mark_issuers**).

Here a non-normative example of :ref:`Entity Configuration response Trust Anchor<Esempio_EN1.4>`.

Expand Down
14 changes: 7 additions & 7 deletions docs/en/trust_marks.rst
Original file line number Diff line number Diff line change
Expand Up @@ -14,23 +14,23 @@ Typical examples include the Entity's national or international identification c
by the issuing subject.

During the registration process of a new Leaf Entity (onboarding), the TMs are issued and signed by the TA
or its Intermediates (SA) or by Attribute Authorities (AA), if they are defined inside the attribute **trust_marks_issuers**, published inside the TA's Entity Configuration.
or its Intermediates (SA) or by Attribute Authorities (AA), if they are defined inside the attribute **trust_mark_issuers**, published inside the TA's Entity Configuration.

Each member Entity MUST expose, in its own configuration (EC), the TMs released by the issuing authorities.

In the CIE / SPID scenario, a TM is signed by the TA **MinInterno** / **Agid** or their Intermediates (SA) or by Attribute Authorities (AA).

The TA defines the subjects who are enabled to issue TMs that are recognizable inside the Federation,
and this is done by the claim **trust_marks_issuers**, contained in its own Entity Configuration.
The value of the claim **trust_marks_issuers** is composed by a JSON Object having as keys the TM identifiers, and as values the list of identifiers (URLs) or the Entities who are enabled to issue them.
and this is done by the claim **trust_mark_issuers**, contained in its own Entity Configuration.
The value of the claim **trust_mark_issuers** is composed by a JSON Object having as keys the TM identifiers, and as values the list of identifiers (URLs) or the Entities who are enabled to issue them.

In the following, a non-normative example of the object **trust_marks_issuers** inside the TA's Entity Configuration.
In the following, a non-normative example of the object **trust_mark_issuers** inside the TA's Entity Configuration.


.. code-block:: json
{
"trust_marks_issuers":{
"trust_mark_issuers":{
"https://registry.agid.gov.it/openid_relying_party/public/":[
"https://registry.spid.agid.gov.it/",
"https://public.intermediate.spid.it/"
Expand All @@ -48,8 +48,8 @@ In the CIE / SPID scenario, a TM is signed by the TA **MinInterno** / **Agid** o
Attribute Authorities (AA).

The TA defines the subjects that are enabled to issue TMs that are recognizable inside the Federation,
and it does it with the claim **trust_marks_issuers**, that is present in its Entity Configuration.
The value of the attribute **trust_marks_issuers** is composed by a JSON Object whose keys are the TM identifiers and whose values are the list of the identifiers (URLs) of the Entities enabled
and it does it with the claim **trust_mark_issuers**, that is present in its Entity Configuration.
The value of the attribute **trust_mark_issuers** is composed by a JSON Object whose keys are the TM identifiers and whose values are the list of the identifiers (URLs) of the Entities enabled
to issue them.

The Trust Marks represent the first filter for establishing the trust among the parties.
Expand Down
2 changes: 1 addition & 1 deletion docs/en/trust_negotiation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ by the SA towards the RP and through validating the Entity Configuration of the
defined by the value **max_path_length**, is exceeded, the OP stops the process of Federation Entity Discovery and rejects the RP request.


.. [1] The Federation Trust Marks are configured in the claim **trust_marks_issuers** and contained in the Entity Configuration of the Trust Anchor.
.. [1] The Federation Trust Marks are configured in the claim **trust_mark_issuers** and contained in the Entity Configuration of the Trust Anchor.
.. [2] An RP can expose more than one superior Entity inside its own claim **authority_hints**. An example is an RP that takes part both in the SPID and in the CIE Federation. Besides, an RP can result as a subordinate of more than one Intermediates, either of SPID or CIE.
Expand Down

0 comments on commit a65aa1a

Please sign in to comment.