Threat Model
Non-normative summary. The canonical analysis is in the Threat Model. Normative requirements are defined by the linked specification chapters.
OSAP establishes evidence about who signed an asset fingerprint, when they said they signed it, and what they claimed. It does not establish that content or a claim is true.
Main risks
Valid signature on misleading content
An issuer can sign misleading or altered content with its valid key. The signature evidence is still valid. A verifier reports signature validity and trust-bundle interpretation separately and does not display a generic “verified” result.
Relevant catalogue labels include:
- ✓ Signature valid: signed by
- ⚠ Issuer outside selected trust bundle
- ⚠ Claim is made by issuer, not proven as true
- ⚠ Earlier matching source found from
Changed bytes and stripped attestations
If content bytes change after signing, the original fingerprint no longer matches:
- ✕ Asset hash does not match signed fingerprint
OSAP v0.1 uses exact-byte fingerprints. It cannot associate screenshots, crops, or re-encoded copies with the original. A byte-identical reupload can still match if a verifier already has the attestation or finds it through an opt-in lookup. Discovery is not guaranteed, and the absence of an attestation does not produce a negative verification label.
Issuer key compromise
A compromised key can be used to issue or backdate attestations. Issuers can publish key revocation times, rotate keys, and revoke known forgeries. Depending on timing, a verifier reports:
- ✕ Signing key revoked at time of issuance
- ⚠ Signing key was later revoked
- ⚠ Attestation revoked by issuer:
Unlogged attestations backdated before the declared compromise time can remain indistinguishable from genuine earlier attestations.
Issuer ownership change
Control of an issuer's domain or organization can change while the identifier remains the same. Trust bundle maintainers can close the earlier period and open a new period. Verifiers report historical and current status separately; detecting and recording the change remains outside the protocol.
Malicious trust bundle maintainer
A maintainer can publish misleading assessments. Trust bundles are signed and attributable, can include reasons and evidence, and can be inspected, replaced, or forked. OSAP does not appoint an authority to overrule a selected trust bundle.
Stale revocation data
An attacker can block current revocation data or replay an older signed list. The verifier distinguishes these conditions:
revoked: null: ? Revocation status could not be checked- cached data older than the freshness threshold: ⚠ Revocation list may be stale
revoked: false: ✓ Attestation not revoked
OSAP v0.1 has no freshness proof for revocation lists.
Lookup surveillance and evidence removal
Remote hash lookup can reveal a content fingerprint and query time. Core verification can run offline; lookup is opt-in, and a verifier does not disclose the user's trust-bundle selection. Removing sidecars or discovery links can hide available evidence, but it does not create an endorsement or a negative label.