From 3e59140ccb74a46fdba4f1ba237a08479ad5f899 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sat, 24 Feb 2024 16:23:04 -0500 Subject: [PATCH] Move termlist into main specification and sort. --- index.html | 139 +++++++++++++++++++++++++++++++++++++++++++++++- terms.html | 151 ----------------------------------------------------- 2 files changed, 138 insertions(+), 152 deletions(-) diff --git a/index.html b/index.html index 590f76b0..42cc3238 100644 --- a/index.html +++ b/index.html @@ -548,7 +548,144 @@

Design Goals and Rationale

Terminology

-
+

+This section defines the terms used in this specification. A link to these terms +is included whenever they appear in this specification. +

+ +
+
data integrity proof
+
+A set of attributes that represent a digital proof and the parameters required +to verify it. +
+
public key
+
+Cryptographic material that can be used to verify digital proofs created with a +corresponding [=private key=]. +
+
private key
+
+Cryptographic material that can be used to generate digital proofs. +
+
proof type
+
+A specified set of cryptographic primitives bundled together into a +[=cryptographic suite=] for the purposes of safety and convenience, by +cryptographers for developers (see the section on +cryptographic suites). +
+
proof purpose
+
+The specific intent for the proof; the reason why an entity created it. The +protected declaration acts as a safeguard to prevent the proof from being +misused for a purpose other than the one it was intended for. +
+
challenge
+
+A random or pseudo-random value used by some authentication protocols to +mitigate replay attacks. +
+
domain
+
+A string value that specifies the operational domain of a digital proof. +This could be an Internet domain name like example.com, an +ad-hoc value such as mycorp-level3-access, or a very +specific transaction value like 8zF6T8J34qP3mqP. A signer could +include a [=domain=] in its digital proof to restrict its use +to particular target, identified by the specified [=domain=]. +
+ +
authentication
+
+A process by which an entity can prove to a verifier that it has a specific +attribute or controls a specific secret. +
+ +
cryptographic suite
+
+A specification defining the usage of specific cryptographic primitives in +order to achieve a particular security goal. These documents are often used +to specify [=verification methods=], digital signature types, +their identifiers, and other related properties. +
+ +
decentralized identifier (DID)
+ +
+A globally unique persistent identifier that does not require a centralized +registration authority and is often generated and/or registered +cryptographically. The generic format of a is defined in [[?DID-CORE]]. +
+ +
controller
+ +
+An entity that has the capability to make changes to a +[=controller document=]. +
+ +
controller document
+ +
+A set of data that specifies one or more relationships between a +[=controller=] and a set of data, such as a set of public cryptographic keys. +
+ +
subject
+ +
+The entity identified by the `id` property in a [=controller document=]. +Anything can be a subject: person, group, organization, physical thing, digital +thing, logical thing, etc. +
+ +
resource
+ +
+As defined by [[RFC3986]]: "...the term 'resource' is used in a general sense +for whatever might be identified by a URI." Similarly, any resource might serve +as a [=subject=] identified by a [=DID=]. +
+ +
verifier
+
+A role an entity performs by receiving data containing one or more +[=data integrity proofs=] and then determining whether or not the proof +is valid. +
+ +
verification method
+ +
+

+A set of parameters that can be used together with a process to independently +verify a proof. For example, a cryptographic public key can be used as a +verification method with respect to a digital signature; in such usage, it +verifies that the signer possessed the associated cryptographic private key. +

+

+"Verification" and "proof" in this definition are intended to apply broadly. For +example, a cryptographic public key might be used during Diffie-Hellman key +exchange to negotiate a shared symmetric key for encryption. This guarantees the +integrity of the key agreement process. It is thus another type of verification +method, even though descriptions of the process might not use the words +"verification" or "proof." +

+
+ +
verification relationship
+ +
+

+An expression of the relationship between the [=subject=] and a +[=verification method=]. An example of a verification relationship is +[[[#authentication]]]. +

+
+ +
+
diff --git a/terms.html b/terms.html index 95f2a438..e69de29b 100644 --- a/terms.html +++ b/terms.html @@ -1,151 +0,0 @@ -

-This section defines the terms used in this specification. A link to these terms -is included whenever they appear in this specification. -

- -
-
data integrity proof
-
-A set of attributes that represent a digital proof and the parameters required -to verify it. -
-
public key
-
-Cryptographic material that can be used to verify digital proofs created with a -corresponding private key. -
-
private key
-
-Cryptographic material that can be used to generate digital proofs. -
-
proof type
-
-A specified set of cryptographic primitives bundled together into a -cryptographic suite for the purposes of safety and convenience, by -cryptographers for developers (see the section on -cryptographic suites). -
-
proof purpose
-
-The specific intent for the proof; the reason why an entity created it. The -protected declaration acts as a safeguard to prevent the proof from being -misused for a purpose other than the one it was intended for. -
-
challenge
-
-A random or pseudo-random value used by some authentication protocols to -mitigate replay attacks. -
-
domain
-
-A string value that specifies the operational domain of a digital proof. -This could be an Internet domain name like example.com, an -ad-hoc value such as mycorp-level3-access, or a very -specific transaction value like 8zF6T8J34qP3mqP. A signer could -include a domain in its digital proof to restrict its use -to particular target, identified by the specified domain. -
- -
authentication
-
-A process by which an entity can prove to a verifier that it has a specific -attribute or controls a specific secret. -
- -
cryptographic suite
-
-A specification defining the usage of specific cryptographic primitives in -order to achieve a particular security goal. These documents are often used -to specify verification methods, digital signature types, -their identifiers, and other related properties. -
- -
decentralized identifier (DID)
- -
-A globally unique persistent identifier that does not require a centralized -registration authority and is often generated and/or registered -cryptographically. The generic format of a is defined in [[?DID-CORE]]. Many—but -not all—methods make use of distributed ledger technology (DLT) or some -other form of decentralized network. -
- -
controller
- -
-An entity that has the capability to make changes to a -controller document. -
- -
controller document
- -
-A set of data that specifies one or more relationships between a -controller and a set of data, such as a set of public cryptographic keys. -
- -
subject
- -
-The entity identified by the `id` property in a controller document. -Anything can be a subject: person, group, organization, physical thing, digital -thing, logical thing, etc. -
- -
distributed ledger (DLT)
- -
-A non-centralized system for recording events. These systems establish -sufficient confidence for participants to rely upon the data recorded by others -to make operational decisions. They typically use distributed databases where -different nodes use a consensus protocol to confirm the ordering of -cryptographically signed transactions. The linking of digitally signed -transactions over time often makes the history of the ledger effectively -immutable. -
- -
resource
- -
-As defined by [[RFC3986]]: "...the term 'resource' is used in a general sense -for whatever might be identified by a URI." Similarly, any resource might serve -as a subject identified by a DID. -
- -
verifier
-
-A role an entity performs by receiving data containing one or more -data integrity proofs and then determining whether or not the proof -is valid. -
- -
verification method
- -
-

-A set of parameters that can be used together with a process to independently -verify a proof. For example, a cryptographic public key can be used as a -verification method with respect to a digital signature; in such usage, it -verifies that the signer possessed the associated cryptographic private key. -

-

-"Verification" and "proof" in this definition are intended to apply broadly. For -example, a cryptographic public key might be used during Diffie-Hellman key -exchange to negotiate a shared symmetric key for encryption. This guarantees the -integrity of the key agreement process. It is thus another type of verification -method, even though descriptions of the process might not use the words -"verification" or "proof." -

-
- -
verification relationship
- -
-

-An expression of the relationship between the subject and a -verification method. An example of a verification relationship is -authentication. -

-
- -