Defined-trust Limited Domains are a type of Limited Domain [RFC8799] where the rules specifying the (networked) communication of application information are defined in a communications schema that governs the information communicated in a particular Limited Domain. The schema includes the required format of information and specifies identities and the attributes that are required to legally construct a particular format. Application-local trust management enforces the schema which allows members of the domain to be “definite in what they accept” [LANG] and hence secure the Domain without a physical perimeter. All communications must be signed by a verifiable member identity. The schema specifies the format of the communications as well as the format of identity certificates and all signing rules are specified as a chain of trust that terminates at the trust anchor of the Domain. Non-conformant communications are detected and discarded early in the arrival process, preventing external information from entering the Domain. Encryption can be specified in the schema for privacy of Domain information. A Defined-trust Limited Domain may also be referred to as a Trust Domain or just Domain where the context is clear.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Nichols, Kathleen, "Defined-trust Limited Domains", Technical Disclosure Commons, (February 23, 2023)