Skip to content

docs: Improve footnote rendering in signatures.md #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
aksbro-gpu wants to merge 1 commit into from
Closed

docs: Improve footnote rendering in signatures.md #289

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 24 additions & 19 deletions docs/specification/signatures.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,13 +108,14 @@ defined in [RFC 7517](https://datatracker.ietf.org/doc/html/rfc7517).
| :---- | :----- | :------- | :--------------------------------------- |
| `kid` | string | Yes | Key ID (referenced in signatures) |
| `kty` | string | Yes | Key type (`EC` for elliptic curve) |
| `crv` | string | Yes* | Curve name (`P-256`, `P-384`) |
| `x` | string | Yes* | X coordinate (base64url encoded) |
| `y` | string | Yes* | Y coordinate (base64url encoded) |
| `crv` | string | Yes<sup><code>*</code></sup> | Curve name (`P-256`, `P-384`) |
| `x` | string | Yes<sup><code>*</code></sup> | X coordinate (base64url encoded) |
| `y` | string | Yes<sup><code>*</code></sup> | Y coordinate (base64url encoded) |
| `use` | string | No | Key usage (`sig` for signing) |
| `alg` | string | No | Algorithm (`ES256`, `ES384`) |

\* Required for EC keys
<sup><code>*</code></sup> Required
for EC keys

**Example:**

Expand Down Expand Up @@ -169,9 +170,10 @@ For HTTP REST transport, UCP uses
| :---------------- | :--------------- | :------- | :------------------------------------ |
| `Signature-Input` | Request/Response | Yes | Describes signed components |
| `Signature` | Request/Response | Yes | Contains signature value |
| `Content-Digest` | Request/Response | Cond.* | SHA-256 hash of request/response body |
| `Content-Digest` | Request/Response | Cond.<sup><code>*</code></sup> | SHA-256 hash of request/response body |

\* Required when request/response has a body
<sup><code>*</code></sup> Required
when request/response has a body

`Content-Digest` follows [RFC 9530](https://www.rfc-editor.org/rfc/rfc9530) and
hashes the raw body bytes. This binds the message body to the signature without
Expand All @@ -193,16 +195,18 @@ verification.
| `@method` | Yes | HTTP method (GET, POST, etc.) |
| `@authority` | Yes | Target host (prevents cross-host relay)|
| `@path` | Yes | Request path |
| `@query` | Cond.\* | Query string (if present) |
| `ucp-agent` | Cond.\** | Profile URL (binds identity) |
| `idempotency-key` | Cond.\*** | Idempotency header (state-changing) |
| `content-digest` | Cond.† | Body digest (if body present) |
| `content-type` | Cond.† | Content-Type (if body present) |

\* Required if request has query parameters
\** Required if `UCP-Agent` header is present
\*** Required for POST, PUT, DELETE, PATCH
† Required if request has a body
| `@query` | Cond.<sup>*</sup> | Query string (if present) |
| `ucp-agent` | Cond.<sup>**</sup> | Profile URL (binds identity) |
| `idempotency-key` | Cond.<sup>***</sup> | Idempotency header (state-changing) |
| `content-digest` | Cond.<sup>†</sup> | Body digest (if body present) |
| `content-type` | Cond.<sup>†</sup> | Content-Type (if body present) |

<div style="font-size: 0.85em; line-height: 1.5; margin-top: 10px;">
<sup>*</sup> Required if request has query parameters<br>
<sup>**</sup> Required if <code>UCP-Agent</code> header is present<br>
<sup>***</sup> Required for POST, PUT, DELETE, PATCH<br>
<sup>†</sup> Required if request has a body
</div>

**Signature Generation:**

Expand Down Expand Up @@ -286,10 +290,11 @@ Response signatures use `@status` instead of `@method`:
| Component | Required | Description |
| :--------------- | :------- | :-------------------------------- |
| `@status` | Yes | HTTP status code (200, 201, etc.) |
| `content-digest` | Cond.* | Body digest (if body present) |
| `content-type` | Cond.* | Content-Type (if body present) |
| `content-digest` | Cond.<sup><code>*</code></sup> | Body digest (if body present) |
| `content-type` | Cond.<sup><code>*</code></sup> | Content-Type (if body present) |

\* Required if response has a body
<sup><code>*</code></sup> Required
if response has a body

**Complete Response Example:**

Expand Down
Loading