Skip to content

docs: pin DPI safeguards mapping to framework version 2.0 and add O2 row#187

Merged
jeremi merged 3 commits into
mainfrom
docs/dpi-safeguards-version-pin-o2
Jul 2, 2026
Merged

docs: pin DPI safeguards mapping to framework version 2.0 and add O2 row#187
jeremi merged 3 commits into
mainfrom
docs/dpi-safeguards-version-pin-o2

Conversation

@jeremi

@jeremi jeremi commented Jul 2, 2026

Copy link
Copy Markdown
Member

What

Two edits to explanation/dpi-safeguards-alignment.mdx, from a full review of the page against the MOSIP DPI Safeguards Report 2025 and the Mifos DPI safeguards blog as models:

  1. Pin the framework version. The claim scope now names version 2.0 and links the canonical framework page (/framework) instead of /assessments. The standards register already records Universal DPI Safeguards Framework version 2.0; the page body previously cited principle IDs (F1-F9, O1-O9) with no version, so a framework revision could silently invalidate the mapping. Verified against dpi-safeguards.org (2026-07-02): 18 principles, 13 risks, five life-cycle stages, and the F/O principle names on the page all match version 2.0.
  2. Add an "Evolve with evidence (O2)" row to the principle alignment table. The stack has real, already-published material for this principle (ITB/SEMIC validation evidence, the CNCF-style security self-assessment, OpenSSF and release-trust evidence, CI-gated tests and conformance fixtures) that the mapping did not surface. The boundary column keeps assessments, audits, and engagement with affected people on the program side.

Also bumps last_reviewed to 2026-07-02 to reflect the review below.

Review notes (security-sensitive / Tier-C)

This page carries trust and security claims, so per docs review policy it needs maintainer source-pack sign-off against the RS-* specs. Evidence gathered during the review, all claims re-verified against source at c595e84:

  • pdp.* stable denial codes and purpose/context fail-closed gates: crates/registry-platform-pdp/src/lib.rs, wired in crates/registry-relay/src/api/governed.rs
  • value/predicate/redacted disclosure modes: crates/registry-notary-core/src/model.rs
  • SD-JWT VC issuance, profiled OID4VCI routes, did:jwk holder binding: crates/registry-notary-core/src/sd_jwt.rs, crates/registry-notary-server/src/api.rs
  • Static-peer delegated evaluation: FederationConfig in crates/registry-notary-core/src/config.rs, /federation/v1/evaluations
  • Scope-before-source ordering: asserted in crates/registry-notary-server/tests/target_matching_contract_test.rs
  • Admin routes on a separate listener, never merged into the public app: crates/registry-relay/src/api/admin.rs, main.rs
  • All ten Manifest renderers named in the Project roles table exist in registry-manifest-core
  • Frontmatter standards_referenced matches src/data/standards.yaml; universal-dpi-safeguards stays compares_against and the page language stays within that claim level

Verification

  • npm run generate clean; npm run check:content, check:markdown 0 errors; check:style Vale summary 0 errors
  • npm test passes; npm run build completes (198 pages)
  • Canonical diff-mode grep for em dashes / bold-led list items / tool-call tags: no matches
  • All page links (including the three new O2 links) return 200 on a local dev server

jeremi added 2 commits July 2, 2026 14:37
The framework site now publishes version 2.0; the page cited principle
IDs against an unversioned link, so the mapping could drift silently.
Pin the version in the claim scope (matching the standards register
entry) and link the canonical framework page instead of /assessments.

Add an Evolve with evidence (O2) row to the principle alignment table,
pointing at the ITB/SEMIC evidence, security self-assessment, and
OpenSSF release-trust pages, which already exist as reviewable
evidence but were not surfaced in this mapping.

Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
…s page

The page expanded DCAT, CPSV-AP, SHACL, and OIDC on first use but left
PDP, SD-JWT VC, and OID4VCI bare, and dropped holder binding and
did:jwk unexplained; the stated reader is a DPI reviewer, not a
credentials engineer. Expand each on first use, gloss holder binding
inline, and replace the untraceable 'bundle digests' phrase with the
package and configuration-bundle digests the code actually publishes.

Link the pdp.* denial codes to the errors reference and the disclosure
modes to their explanation page so table claims are checkable in one
click.

Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
@jeremi

jeremi commented Jul 2, 2026

Copy link
Copy Markdown
Member Author

Second commit adds the prose-quality pass discussed in review: first-use expansions for Policy Decision Point (PDP), Selective Disclosure JWT Verifiable Credentials (SD-JWT VC), and OpenID for Verifiable Credential Issuance (OID4VCI); an inline gloss for holder binding via did:jwk; 'bundle digests' replaced with the traceable 'package and configuration-bundle digests'; and the pdp.* denial codes and disclosure modes now link to their reference/explanation pages. Gates re-run clean (frontmatter, markdownlint, Vale 0 errors, build 198 pages, banned-pattern grep empty, all new link targets present in dist).

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5dc1846551

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread docs/site/src/content/docs/explanation/dpi-safeguards-alignment.mdx Outdated
Comment thread docs/site/src/content/docs/explanation/dpi-safeguards-alignment.mdx
Comment thread docs/site/src/content/docs/explanation/dpi-safeguards-alignment.mdx Outdated
@jeremi

jeremi commented Jul 2, 2026

Copy link
Copy Markdown
Member Author

Tier-C maintainer sign-off: reviewed the trust and security claims against the RS-* specs and the code evidence listed in the PR body. Approved for merge.

Review findings on #187: holder_binding.mode defaults to none per
credential profile, so state that binding applies when the profile
enables it rather than implying every credential is bound. Remove the
'CI-gated tests and conformance fixtures' clause from the O2 row; it
had no evidence link, and the three linked evidence pages carry the
claim.

Signed-off-by: Jeremi Joslin <jeremi@joslin.fr>
@jeremi jeremi merged commit c54922e into main Jul 2, 2026
10 checks passed
@jeremi jeremi deleted the docs/dpi-safeguards-version-pin-o2 branch July 2, 2026 09:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant