http://www.itu.int/rec/T-REC-X.590-202310-I/en
This specification enables the following core features: 1. Signatures can be added to the JSON data without needing to base64 encode the JSON data or convert it to CBOR. Meaning, you can still view and process the signed JSON data without destroying the signature or having to change it to some other serialization 2. Multiple independent organizations can digitally sign the same JSON data, a critical feature for attestation 3. Signatures can be added after the fact, this enables sharing communities to also digitally sign the JSON data to show that they have independently verified it and thus increasing the trust in the data 4. Signatures can be detached from the original JSON data and shared separately, if needed due to data marking requirements 5. Individual signatures can be countersigned as many times as needed, a critical features for contracts 6. Signatures can be verified hours, days, weeks, months, or years later, which is important for auditing and verification 7. Signatures remain valid even when going through an intermediary processing organization like an ISAC or ISAO 8. It supports quantum safe digital signature algorithms 9. Enables signing of SBOMs and HBOMs 10. Support cti / threat intelligence / stix and CACAO playbook sharing from the various ISACs and ISAOs Some of the initial main uses cases for JSS X.590 are * Financial transactions * Real Estate transactions * Legal contracts * Threat intelligence sharing * SBOMs and HBOMs * Account and identity verification Bret
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
