-
Notifications
You must be signed in to change notification settings - Fork 6
integrity
Integrity (of a message or data) means that the information is whole, sound, and unimpaired (not necessarily correct). It means nothing is missing from the information; it is complete and in intended good order. (Source: Neil Thomson)
In KERI's "security first" approach Authenticity includes technical integrity of data involved. This includes:
- internal consistency
- external consistency or duplicity evident
Integrity in ACDCs is "self-verifying": the SAID that is contained in the data is also the of hash of the data.
The integrity of streaming data in CESR and CESR proof signatures is established by code tables and verifiable by the mere (killer-)feature: round-robin composability. If you can toggle between the text - and binary representation, then that's the integrity proof, if not, then it's provably lacking integrity.
A side-benefit of how integrity is implemented in KERI is non-repudiation - done via a crypto-hash verification via the signer's public key - is not inherent in the meaning of integrity.
Furthermore for KERI integrity, as an assessment of the substance or the content itself, does not fall within its narrow definition.
Our criterium is cryptographic verifiability. Once you can't verify, for KERI this type of non-technical integrity is not included in integrity
. For the same reason we wouldn't use validation* as a mechanism to prove integrity.
On today's Technology Architecture TF call,..., we defined authenticity to include integrity.
Source ToIP issue 10
message integrity seems to be included in technical integrity
.
The further separation of Authenticity and Integrity in the ToIP glossary can be largely adopted by KERI? | TBW prio 2 |
verified integrity
(complementary) integrity verification
*Validation in relation to integrity, in KERI's view would be an assessment of what's been verified before; in a certain context from a certain angle. And this mechanism is too close to veracity judgement, to be an objective verdict over integrity of data.