You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/getting-started.mdx
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -87,7 +87,7 @@ In practice, to use a certificate with the CAI SDK, follow this process:
87
87
3. Use one of the supporting CAI libraries or C2PA Tool to sign manifests using the certificate.
88
88
89
89
:::tip
90
-
For more details and a short tutorial example, see [Signing manifests](manifest/signing-manifests).
90
+
For more details and a short tutorial example, see [Signing manifests](manifest/signing-manifests.md).
91
91
:::
92
92
93
93
### Getting a security certificate
@@ -113,7 +113,7 @@ Certificate authorities offer many levels of validation. For Content Credentials
113
113
-**Organization Validated (OV).** The CA validates the organization's identity by checking its credentials against extensive databases, including those held by local governments.
114
114
-**Extended Validation (EV).** A fully authenticated certificate, needed to offer secure web locations, email, and financial transactions.
115
115
116
-
If you don't get an OV certificate, then the Content Credentials that use the certificate won't display your organization name, as shown in the examples on [verify.contentauthenticity.org](https://verify.contentauthenticity.org/).
116
+
If you don't get an OV certificate, then the [C2PA Verify tool](https://verify.contentauthenticity.org/)won't display your organization namein the Content Credentials.
117
117
118
118
### Extracting the certificate
119
119
@@ -143,7 +143,7 @@ The C2PA [Verify tool](https://contentcredentials.org/verify) uses a list of _kn
143
143
144
144
## Identity
145
145
146
-
To identify who created or modified an asset, identity needs to be verifiable and bound to an asset and its manifest store. The CAI SDK supports the [W3C verifiable credentials](https://c2pa.org/specifications/specifications/1.3/specs/C2PA_Specification.html#_w3c_verifiable_credentials) standard recommendation (part of the C2PA specification), but doesn't currently have a way to validate these credentials or ensure that they properly reflect authorship of the content. An actor can add one or more identities to a manifest using the W3C verifiable credentials data model. Currently, a verifier must trust the manifest signer to properly authenticate the identity.
146
+
To identify who created or modified an asset, identity needs to be verifiable and bound to an asset and its manifest store. The CAI SDK supports the [W3C verifiable credentials](https://c2pa.org/specifications/specifications/1.4/specs/C2PA_Specification.html#_w3c_verifiable_credentials) standard recommendation (part of the C2PA specification), but doesn't currently have a way to validate these credentials or ensure that they properly reflect authorship of the content. An actor can add one or more identities to a manifest using the W3C verifiable credentials data model. Currently, a verifier must trust the manifest signer to properly authenticate the identity.
147
147
148
148
Identity can be bolstered with other kinds of evidence such as _Adobe connected accounts_. In the future, the identity credentials will be separately verifiable. In the future, these verifiable credentials will be strongly bound to the manifest and media and be independently verifiable.
149
149
@@ -227,7 +227,7 @@ Embedding a manifest in an asset usually increases the size of the file. Two thi
227
227
228
228
### Storing a manifest in the cloud
229
229
230
-
In addition to storing the manifest with the asset, Adobe tools use the _Adobe Content Credentials Cloud_, a public, persistent storage option for attribution and history data. Publishing to this cloud keeps files smaller and makes Content Credentials more resilient, because if stripped from an asset they can be recovered by searching at [verify.contentauthenticity.org](https://verify.contentauthenticity.org/). On the other hand, embedding the manifest keeps the file self-contained and means no web access is required to validate.
230
+
In addition to storing the manifest with the asset, Adobe tools use the _Adobe Content Credentials Cloud_, a public, persistent storage option for attribution and history data. Publishing to this cloud keeps files smaller and makes Content Credentials more resilient, because if stripped from an asset they can be recovered by searching with the [C2PA Verify tool](https://verify.contentauthenticity.org/). On the other hand, embedding the manifest keeps the file self-contained and means no web access is required to validate.
231
231
232
232
Currently, Adobe Content Credentials Cloud (ACCC) is only available to Adobe tools, though in the future other credentials clouds may become available if other organizations want to host a credential service. Currently, most manifests will be embedded in assets since ACCC is specific to Adobe.
You're strongly encouraged to read this introduction and [Getting started](getting-started) to give you some basic background and context, before you dive right into development. [Working with manifests](manifest/understanding-manifest) also has some crucial information, regardless of which language and library you use.
10
+
You're strongly encouraged to read this introduction and [Getting started](getting-started.mdx) to give you some basic background and context, before you dive right into development. [Working with manifests](manifest/understanding.md) also has some crucial information, regardless of which language and library you use.
11
11
:::
12
12
13
13
The Coalition for Content Provenance and Authenticity (C2PA) and Content Authenticity Initiative (CAI) are groups working together to develop and promote adoption of an open industry standard for content authenticity and provenance.
@@ -37,7 +37,7 @@ To see a summary of what each tool and library can do, see [Which tool is right
37
37
38
38
### JavaScript library
39
39
40
-
The client [JavaScript library](js-sdk/getting-started/overview) enables **working with manifest data in the browser**. Use this library to:
40
+
The client [JavaScript library](js-sdk/getting-started/overview.mdx) enables **working with manifest data in the browser**. Use this library to:
41
41
42
42
- Verify and display manifest data on a website or web application.
43
43
- Link manifest data displayed on your site to [Verify](https://verify.contentauthenticity.org/).
Conversely, if the Content Credential was signed by a known certificate, the Verify tool will display the [name of the certificate owner and time of the claim signature](../verify#title-and-signing-information).
15
+
Conversely, if the Content Credential was signed by a known certificate, the Verify tool will display the [name of the certificate owner and time of the claim signature](verify.mdx#title-and-signing-information).
16
16
17
17
:::note
18
18
The C2PA intends to publish an official public list of known certificates. Until then, **[Verify](https://contentcredentials.org/verify)** uses a temporary list. The list is subject to change and will be deprecated when C2PA publishes the official list.
0 commit comments