MPAI-PTF V1.0 Data Types - Cryptographic Instance Identity

1 Definition

A Cryptographic Instance Identity identifies a unique cryptographic instance and binds it to a public key, attributes, provenance, and integrity information.

2 Functional Requirements

A Cryptographic Instance Identity shall:

Include a Header identifying the version of the Cryptographic Instance Identity structure.
Include MInstanceID when required by the application.
Include a CryptographicInstanceID uniquely identifying the cryptographic instance.
Include CryptographicInstanceTime indicating when the identity was created or recorded.
Include a CryptographicBinding containing at least a public key.
Include Integrity information containing a fingerprint and optional signature.
Optionally include InstanceAttributes describing the instance.
Optionally include Provenance describing origin and creation details.
Optionally include DataXMData and DescrMetadata.
Use only the keys defined in this Data Type.

3 Syntax

https://schemas.mpai.community/PTF/V1.0/data/.json

4 Semantics

Label	Description
Header	Cryptographic Instance Identity Header — Standard “PTF-CII-V”.
MInstanceID	ID of the M‑Instance.
CryptographicInstanceID	Identifier of the cryptographic instance.
CryptographicInstanceTime	Time associated with the cryptographic instance.
CryptographicBinding	Binding of the cryptographic instance to its public key and optional derivation information.
– PublicKey	Public key object.
– Algorithm	Signature algorithm identifier from the Security Algorithm Taxonomy.
– KeyEncoding	Encoding of the public key material (“raw”, “spki”, or “jwk”).
– KeyValue	Public key material encoded as base64 or base64url.
– KeyDerivation	Optional key derivation information.
– Method	Method used to derive or wrap the key (“direct”, “derived”, “wrapped”).
– Context	Optional derivation or domain‑separation context.
InstanceAttributes	Optional attributes describing the cryptographic instance.
– InstanceType	Type of instance (“hardware” or “software”).
– Implementation	Vendor or implementation identifier.
– InstanceClass	Optional logical or functional class.
Provenance	Optional provenance information.
– Manufacturer	Entity declaring creation of the cryptographic instance.
– CreationTime	Time of instance creation.
– SerialOrSeedID	Optional non‑secret serial or seed identifier.
Integrity	Integrity information for the cryptographic instance.
– Fingerprint	Fingerprint of the cryptographic ID.
– Algorithm	Hash algorithm identifier from the Security Algorithm Taxonomy.
– Value	Canonical fingerprint value encoded as hex or base64url.
– Signature	Digital signature over the cryptographic ID.
– Algorithm	Signature algorithm identifier from the Security Algorithm Taxonomy.
– Value	Digital signature value encoded as base64url.
DataXMData	Metadata that the Process/AIM exchanges with other Process/AIM.
DescrMetadata	Descriptive metadata (max length 2048).

<- Go to Data Types Go to ToC

Cookie	Duration	Description
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Technical".
CookieLawInfoConsent	1 year	The cookie is set by the GDPR Cookie Consent plug-in and is used to store whether the user has consented to the use of cookies or not. It does not store any personal data.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_pk_id.6.08a8	13 months	Used to store a few details about the user such as the unique visitor ID
_pk_ses.6.08a8	30 minutes	Short lived cookies used to temporarily store data for the visit

MPAI-PTF V1.0 Data Types – Cryptographic Instance Identity

1 Definition

2 Functional Requirements

3 Syntax

4 Semantics

Notice