From c00ad80ce04334f9d3aa366e7cd83a6b66a40299 Mon Sep 17 00:00:00 2001 From: Sean Trantalis <18211470+strantalis@users.noreply.github.com> Date: Fri, 5 Dec 2025 09:21:40 -0500 Subject: [PATCH 1/3] fix: clarify method and signature field descriptions Updated the description of 'method' and 'signature' fields to clarify their usage and format. --- schema/OpenTDF/assertion_binding.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/schema/OpenTDF/assertion_binding.md b/schema/OpenTDF/assertion_binding.md index 1526306..e415d07 100644 --- a/schema/OpenTDF/assertion_binding.md +++ b/schema/OpenTDF/assertion_binding.md @@ -7,7 +7,7 @@ The `binding` object, nested within an [Assertion Object](./assertion.md), conta ```json "binding": { "method": "jws", - "signature": "eyJhbGciOiJSUzI1NiJ9..." // Base64URL encoded JWS string + "signature": "eyJhbGciOiJSUzI1NiJ9..." // JWS string } ``` @@ -15,5 +15,5 @@ The `binding` object, nested within an [Assertion Object](./assertion.md), conta | Parameter | Type | Description | Required? | | --------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- | -| method | String | The cryptographic method used for the signature. jws (JSON Web Signature) is commonly used, implying standard JWS processing rules apply. | Yes | -| signature | String | The Base64URL encoded signature value (e.g., a JWS Compact Serialization string). The signature calculation MUST include the assertion content and sufficient TDF context (like policy or key info hash) to prevent replay. | Yes | \ No newline at end of file +| method | String | Binding format. This version defines only `"jws"` (JSON Web Signature, compact serialization). | Yes | +| signature | String | JWS compact serialization string binding the assertion to the `scope` target (`tdo` or `payload`), providing integrity and replay protection. | Yes | From 1d3d6abf91dc719aa2c1d311fe37f2ad5dbf9519 Mon Sep 17 00:00:00 2001 From: Sean Trantalis <18211470+strantalis@users.noreply.github.com> Date: Fri, 5 Dec 2025 09:34:36 -0500 Subject: [PATCH 2/3] Apply suggestion from @pflynn-virtru Co-authored-by: Paul Flynn <43211074+pflynn-virtru@users.noreply.github.com> --- schema/OpenTDF/assertion_binding.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/OpenTDF/assertion_binding.md b/schema/OpenTDF/assertion_binding.md index e415d07..2684888 100644 --- a/schema/OpenTDF/assertion_binding.md +++ b/schema/OpenTDF/assertion_binding.md @@ -15,5 +15,5 @@ The `binding` object, nested within an [Assertion Object](./assertion.md), conta | Parameter | Type | Description | Required? | | --------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- | -| method | String | Binding format. This version defines only `"jws"` (JSON Web Signature, compact serialization). | Yes | +| method | String | Binding format. This version defines only `"jws"` (JWS Compact Serialization string format defined by the JWS (RFC 7515) specification). | Yes | | signature | String | JWS compact serialization string binding the assertion to the `scope` target (`tdo` or `payload`), providing integrity and replay protection. | Yes | From 389b1291ed996e5f4a8de545290ff016f8b9d878 Mon Sep 17 00:00:00 2001 From: Sean Trantalis <18211470+strantalis@users.noreply.github.com> Date: Fri, 5 Dec 2025 14:04:12 -0500 Subject: [PATCH 3/3] Clarify method field description in assertion binding --- schema/OpenTDF/assertion_binding.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/schema/OpenTDF/assertion_binding.md b/schema/OpenTDF/assertion_binding.md index 2684888..cdaa744 100644 --- a/schema/OpenTDF/assertion_binding.md +++ b/schema/OpenTDF/assertion_binding.md @@ -15,5 +15,5 @@ The `binding` object, nested within an [Assertion Object](./assertion.md), conta | Parameter | Type | Description | Required? | | --------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- | -| method | String | Binding format. This version defines only `"jws"` (JWS Compact Serialization string format defined by the JWS (RFC 7515) specification). | Yes | +| method | String | Cryptographic binding format. The only supported value is `"jws"` (JSON Web Signature using JWS Compact Serialization as per RFC 7515). | Yes | | signature | String | JWS compact serialization string binding the assertion to the `scope` target (`tdo` or `payload`), providing integrity and replay protection. | Yes |