docs(html-protocol): align with spec §2.1, §2.2, and add resolver section#1
Merged
Merged
Conversation
…hor-profiles.php The render_page() method was missing its closing sequence (a ?>, </div>, <?php, and }) which caused the parser to read the next method's docblock as part of render_page's inline HTML. This made every subsequent PHP file that depended on this class fail to parse. Separately, a displaced stray '?> </div> <?php }' fragment appeared after handle_create_api_author()'s proper closing brace and has been removed. Verified: php -l passes, and 'wp plugin activate content-signing' succeeds. A runtime 'table doesn't exist' error fires on activation but is a separate init-order issue out of scope for this fix.
Updates the HTML signature protocol documentation to match the
amended paper specification:
- Canonicalization section: add explicit text-only scoping, enumerate
the semantic attacks this leaves open (element rewrapping, link swap,
surrounding media manipulation), and document the layered response
(domain binding alerts readers at unexpected origins; research and
reputation path traces signed content back to canonical origin and
flags imposter copies).
- Signature data format: replace old {contentHash}:{domain}:{authorId}
binding with new {content-hash}:{claims-hash}:{domain}:{signed-at}.
Drop authorId (redundant with keyid resolution), add claims-hash for
tamper-evident metadata, add signed-at timestamp.
- Hash encoding: switch to unpadded Base64 and note the open feedback
invitation on encoding alternatives (hex, Base32).
- Verification flow: restructure into two layers -- cryptographic
verification (local, deterministic) and trust decision (client
policy). Add detail on keyid resolution methods (DID, direct URL,
trust directory reference). Add note that optional directory queries
enrich trust decision but are never required for verification.
Tracks the 2026-04-10 design decisions committed in the paper at
bb3dc5a, 1187b2d, 6d0511c, 271a455, ca8cc3b.
…tion Brings docs/html-protocol.md fully into line with the amended spec (htmltrust.tex §2.1, §2.2, §2.5): - Add an "Identity and Key Resolution" section mirroring spec §2.2: the three pluggable resolvers (DID, direct URL, trust directory), none of which is privileged by the protocol. - Add a "Canonical Content Extraction" section mirroring spec §2.1: explicit two-stage pipeline (HTML extraction → text normalization), enumerating excluded elements, block-element boundary handling, and the six text-normalization phases. - Restate text-only scoping with explicit "what is NOT covered by the hash" callout tying back to the existing Text-only scope discussion. - Tighten the Required Attributes table: spec §2.1 ordering (keyid, signature, content-hash, algorithm) with clearer language pointing at the new resolver and binding sections. - Add an explicit "Optional Attributes" subsection: there are none on the wrapper itself in this revision; claim metadata goes in inner <meta>. style/class belong in user-agent CSS, not inline on the wrapper (resolves a P1 from TODO-Cleanup.md). - Document algorithm default: ed25519 when omitted, though producers SHOULD always emit it explicitly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
<signed-section>attribute table: required attributes in spec order with cross-references to the new sections; new Optional Attributes subsection documenting that the wrapper has none in this revision and thatstyle/classbelong in user-agent CSS rather than inline (closes a P1 from TODO-Cleanup.md).algorithmdefault =ed25519when omitted, while still encouraging producers to emit it explicitly.Test plan
ebfacd3) and confirm no factual drift fromhtmltrust-spec/paper/htmltrust.tex§2.1, §2.2, §2.5.{content-hash}:{claims-hash}:{domain}:{signed-at}matches the spec and the JS/Go/PHP reference implementations.🤖 Generated with Claude Code