Add signing of Identifiables#523
Add signing of Identifiables#523sebbader-sap merged 16 commits intoadmin-shell-io:IDTA-01002-3-2_workingfrom
Conversation
…3-2_working Idta 01002 3 2 working
aorzelskiGH
requested review from
BirgitBoss,
alexgordtop,
danielporta,
g1zzm0,
mjacoby,
sebbader-sap,
waltersve and
zrgt
as code owners
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
...ation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc
Fixed
Show fixed
Hide fixed
BirgitBoss
left a comment
BirgitBoss
left a comment
There was a problem hiding this comment.
section https://industrialdigitaltwin.io/aas-specifications/IDTA-01002/v3.1.1/general.html#_design_principles also needs to be updated:
new naming convention to add "Signed"
<Interface Operation> ::= <Method Verb><Model Element Name>[<Modifier>]["By"<By-Qualifier>]["Signed"]
- update text
BirgitBoss
left a comment
BirgitBoss
left a comment
There was a problem hiding this comment.
missing: signed calls for AAS and Submodel Registry.
missing: updated changelog
|
|
||
| The AASX package format includes the possibility of signing an AASX package, but this is seldomly used. AASX packages can also not be protected by AAS security and access rules. This is why signatures are needed as part of the API. | ||
|
|
||
| Different levels of API signatures have been investigated by the IDTA TF Security, including JWS (JSON Web Signature) or JAdES (JSON advanced digital signature). This version explains and defines new endpoints /$signed for AAS, Submodel and ConecptDescription, which provide a plain text JWS. |
There was a problem hiding this comment.
bad style: do not mention that something was discussed, of course alternatives were discussed. remove mentioning of any task force etc. in normative text, this can only be done in the Preamble
|
Close #518 |
...ation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc
Outdated
Show resolved
Hide resolved
...ation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc
Outdated
Show resolved
Hide resolved
BirgitBoss
changed the base branch from
IDTA-01002-3-2_Working_DO_NOT_USE
to
IDTA-01002-3-2_working
I updated the changelog: see PR #561, if merged into this PR this finding would be resolved |
|
In general approved per email in CW13 2026. |
|
merging this PR as well as still a minor diff appears. |
sebbader-sap
merged commit ed158cb
into
admin-shell-io:IDTA-01002-3-2_working
5 participants
Adding JWS signed data by new endpoints /$signed