diff --git a/documentation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc b/documentation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc index 72bc4443..4416c695 100644 --- a/documentation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc +++ b/documentation/IDTA-01002-3/modules/ROOT/pages/http-rest-api/service-specifications-and-profiles.adoc @@ -888,7 +888,7 @@ h|Service Specification / Profiles h|Description |<> |Profile for a Submodel Repository which only contains Submodels with kind=Template; is _not_ included in the profile SubmodelRepositoryServiceSpecification/SSP-001 or the profile SubmodelRepositoryServiceSpecification/SSP-002 |<> |Only read operations for a Submodel Repository which only contains Submodels with kind=Template; is included in the profile SubmodelRepositoryServiceSpecification/SSP-003 but _not_ in the profile SubmodelRepositoryServiceSpecification/SSP-001 or the profile SubmodelRepositoryService Specification/SSP-002 |<>|Query operations -|<>|Signature operations +|<>|Signature operations |=== [[submodel-repository-service-specification-ssp-001]] @@ -1152,7 +1152,7 @@ See: https://app.swaggerhub.com/apis/Plattform_i40/SubmodelRepositoryServiceSpec h|Service Specification / Profiles h|Description |<> |Full feature set |<> |Query operations -|<> |Signature operations +|<> |Signature operations |=== [#concept-description-repository-service-specification-ssp-001] diff --git a/documentation/IDTA-01002-3/modules/ROOT/pages/signatures.adoc b/documentation/IDTA-01002-3/modules/ROOT/pages/signatures.adoc index 42d284d5..3b6a17c4 100644 --- a/documentation/IDTA-01002-3/modules/ROOT/pages/signatures.adoc +++ b/documentation/IDTA-01002-3/modules/ROOT/pages/signatures.adoc @@ -14,9 +14,10 @@ SPDX-License-Identifier: CC-BY-4.0 Some use cases of the Asset Administration Shell require the proof that data has not been changed and that it is still the original data of the AAS originator. An example is a device manufacturer supplying to an integrator supplying to a plant operator. The plant operator wants to check the remained integrity of the device manufacturer's AAS. -The AASX package format includes the possibility of signing an AASX package, but this is rarely used. AASX packages can also not be protected by AAS security and access rules. This is why signatures are needed as part of the API. +The AASX package format includes the possibility of signing an AASX package, but this feature is not used very often. AASX packages can also not be protected by AAS security and access rules. This is why signatures are needed as part of the API. -Different levels of API signatures have been investigated by the IDTA TF Security, including JWS (JSON Web Signature) or JAdES (JSON advanced digital signature). This version explains and defines new endpoints /$signed for AAS, Submodel and ConceptDescription, which provide a plain text JWS. +Different levels of API signatures have been investigated by the IDTA TF Security, including JWS (JSON Web Signature) or JAdES (JSON advanced digital signature). +This version explains and defines new endpoints /$signed for AAS, Submodel and ConceptDescription, which provide a plain text JWS. JWS ist defined in RFC 7515 (https://datatracker.ietf.org/doc/html/rfc7515).