| 1. Definition | 2. Functional Requirements | 3. Syntax | 4. Semantics |
1 Definition
A Trust Message is a signed, structured communication exchanged between entities participating in the MPAI‑PTF Trust Framework. A Trust Message may represent either:
- a Trust Request, in which an entity asks another entity to perform a trust‑related operation, or
- a Trust Response, in which an entity returns the result of such a request.
Trust Messages provide a uniform, cryptographically protected mechanism for initiating and responding to trust operations, enabling interoperability, auditability, and policy‑driven verification.
2 Functional Requirements
A Trust Message shall:
- Identify the message
- Include a versioned header.
- Include a unique message identifier.
- Include the time at which the message was created.
- Indicate the message type
"TrustRequest"or"TrustResponse".
- Identify the communicating parties
- A Trust Request shall include a RequesterID.
- A Trust Response shall include a ResponderID.
- Carry request information (for TrustRequest)
- Requested operation.
- Target object type.
- Target object identifier.
- Carry response information (for TrustResponse)
- Status (
SuccessorFailure). - Optional failure reason.
- Optional result payload.
- Status (
- Provide integrity protection
- Include a digital signature using an algorithm from the Security Algorithm Taxonomy.
- Support metadata
- Optional descriptive metadata.
- Optional Data Exchange Metadata.
- Reject undeclared fields
- Only the fields defined in the schema shall be permitted.
3 Syntax
https://schemas.mpai.community/PTF/V1.0/data/TrustMessage.json
4 Semantics
| Field | Description |
|---|---|
| Header | Version header of the form PTF-MSG-Vx.y. |
| MessageType | Indicates whether the message is a TrustRequest or a TrustResponse. |
| MessageID | Unique identifier of the trust message. |
| MessageTime | Time at which the message was created, using the OSD Time data type. |
| RequesterID | Identifier of the entity making the request (present only for TrustRequest). |
| ResponderID | Identifier of the entity responding (present only for TrustResponse). |
| Request.Operation | The trust operation being requested. |
| Request.TargetType | Type of object the request concerns (e.g., CII, InstanceCredential). |
| Request.TargetID | Identifier of the target object. |
| Response.Status | Result of the request: Success or Failure. |
| Response.Reason | Optional human‑readable reason for failure. |
| Response.Result | Optional result payload returned by the responder. |
| Signature | Digital signature over the entire Trust Message. |
| Signature.Algorithm | Signature algorithm identifier from the Security Algorithm Taxonomy. |
| Signature.Value | Base64url‑encoded digital signature value. |
| DataXMData | Optional Data Exchange Metadata. |
| DescrMetadata | Optional human‑readable descriptive metadata (max 2048 characters). |
