niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/tier1/asl-policy-hash-1.md

146 lines
3 KiB
Markdown
Raw Normal View History

Add federation and trust/policy tier1 specs
2026-01-17 08:52:02 +01:00
# ASL/POLICY-HASH/1 -- Policy Hash Specification
Status: Draft
Owner: Architecture
Version: 0.1.0
SoT: No
Last Updated: 2025-01-17
Tags: [policy, hash, federation, trust]
**Document ID:** `ASL/POLICY-HASH/1`
**Layer:** L2 -- Policy binding semantics (no encoding)
**Depends on (normative):**
* `ASL/FEDERATION/1`
**Informative references:**
* `ASL/DAM/1` -- Domain Authority Manifest
* `ASL/DAP/1` -- Domain admission
---
## 0. Conventions
The key words **MUST**, **MUST NOT**, **REQUIRED**, **SHOULD**, and **MAY** are to be interpreted as in RFC 2119.
ASL/POLICY-HASH/1 defines the logical structure and hashing rules for policy documents. It does not define transport or storage encodings.
---
## 1. Purpose
The policy hash binds domain rules to snapshots, authority, and federation decisions without embedding mutable policy text into artifacts.
---
## 2. Policy Coverage (Normative)
The policy hash MUST cover semantic constraints that affect correctness or trust:
1. Publication rules
2. Execution rules
3. Federation rules
4. Retention and GC constraints
5. Visibility rules
---
## 3. Logical Structure
```text
DomainPolicy {
version : u32
publication_policy : PublicationPolicy
execution_policy : ExecutionPolicy
federation_policy : FederationPolicy
retention_policy : RetentionPolicy
visibility_policy : VisibilityPolicy
}
```
Section schemas (minimal):
```text
PublicationPolicy {
require_signature : bool
allowed_roles[] : Role
snapshot_required : bool
}
ExecutionPolicy {
per_signature_required : bool
allowed_roles[] : Role
deterministic_only : bool
}
FederationPolicy {
export_published_only : bool
require_snapshot : bool
trusted_domains[] : DomainID
}
RetentionPolicy {
gc_unpublished_allowed : bool
min_snapshot_retention : u32
}
VisibilityPolicy {
internal_hidden : bool
published_read_only : bool
}
```
---
## 4. Canonicalization Rules (Normative)
The policy hash MUST be computed from canonical bytes:
1. Field order fixed
2. Arrays sorted lexicographically
3. No whitespace or comments
4. Integers encoded big-endian
5. Booleans encoded as 0x00 or 0x01
6. No optional fields omitted; defaults must be explicit
---
## 5. Hash Computation
```
policy_bytes = CanonicalSerialize(DomainPolicy)
policy_hash = HASH(policy_bytes)
```
The hash algorithm is SHA-256 unless explicitly overridden by domain policy.
---
## 6. Storage Locations
The policy hash SHOULD be stored in:
* Domain Authority Manifest (DAM)
* Snapshot metadata
* Federation metadata
* Optional PER metadata
---
## 7. Policy Evolution
Policy changes MUST NOT mutate history. A new policy requires:
1. New policy document
2. New policy hash
3. New DAM
4. New snapshots referencing the new hash
---
## 8. Summary
ASL/POLICY-HASH/1 defines a minimal, deterministic policy hash that binds domain rules to authority and snapshots without embedding mutable policy text into artifacts.
Reference in a new issue Copy permalink