Secure Asset Transfer Protocol N. Smith Internet-Draft Independent Intended status: Standards Track 13 September 2025 Expires: 17 March 2026 A SATP Core Binding for vLEI Identities draft-smith-satp-vlei-binding-00 Abstract The verifiable Legal Entity Identifier (vLEI) is a cryptographically verifiable extension of the LEI standard, designed to automate trust in organizational identity. Governed by the Global Legal Entity Identifier Foundation (GLEIF), the vLEI system uses Authentic Chained Data Containers (ACDCs), Self-Addressing Identifiers (SAIDs), and Key Event Receipt Infrastructure (KERI) to issue and verify credentials for legal entities and their authorized representatives. It enables secure, machine-readable identity assertions across financial, regulatory, and supply chain ecosystems, supporting role-based delegation and interoperability with decentralized trust frameworks. This specification defines vLEI for verifiable gateway operator identities and cryptographically links the gateway operator identity to the gateway identity. Thus SATP core lock assertions are cryptographically linked to gateway operator identities. About This Document This note is to be removed before publishing as an RFC. The latest revision of this draft can be found at https://nedmsmith.github.io/draft-smith-satp-vlei-binding/draft- smith-satp-vlei-binding.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-smith-satp- vlei-binding/. Discussion of this document takes place on the Secure Asset Transfer Protocol Working Group mailing list (mailto:sat@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/sat/. Subscribe at https://www.ietf.org/mailman/listinfo/sat/. Source for this draft and an issue tracker can be found at https://github.com/nedmsmith/draft-smith-satp-vlei-binding. Smith Expires 17 March 2026 [Page 1] Internet-Draft SATP-vLEI September 2025 Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 17 March 2026. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Definitions . . . . . . . . . . . . . . . . . 4 3. Identities . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.1. SATP Identity Binding . . . . . . . . . . . . . . . . . . 5 3.2. vLEI Roles . . . . . . . . . . . . . . . . . . . . . . . 7 4. vLEI Binding Architecture . . . . . . . . . . . . . . . . . . 8 4.1. SATP vLEI Mapping . . . . . . . . . . . . . . . . . . . . 8 4.1.1. LegalEntityIdentityvLEICredential Credentials . . . . 9 4.1.2. LegalEntityEngagementContextRolevLEICredential Credentials . . . . . . . . . . . . . . . . . . . . . 9 4.1.3. Other vLEI Deployment Considerations . . . . . . . . 9 4.2. Key Structures . . . . . . . . . . . . . . . . . . . . . 9 4.3. SATP Message Wrapper Schema . . . . . . . . . . . . . . . 10 4.3.1. SATP Transfer Initiation (Stage 1) Message Binding . 10 4.3.2. vLEI Wrapper . . . . . . . . . . . . . . . . . . . . 10 Smith Expires 17 March 2026 [Page 2] Internet-Draft SATP-vLEI September 2025 4.3.3. Content References . . . . . . . . . . . . . . . . . 10 4.3.4. Key Wrappers . . . . . . . . . . . . . . . . . . . . 11 4.4. vLEI Media Types . . . . . . . . . . . . . . . . . . . . 11 4.4.1. Profile Optonal Parameter . . . . . . . . . . . . . . 12 4.4.2. Encoding Optonal Parameter . . . . . . . . . . . . . 13 4.4.3. Charset Optonal Parameter . . . . . . . . . . . . . . 13 5. Verification of vLEI Payloads . . . . . . . . . . . . . . . . 14 6. Implementation Status . . . . . . . . . . . . . . . . . . . . 14 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 8.1. Media Type Assignment . . . . . . . . . . . . . . . . . . 14 8.1.1. application/cesr+json . . . . . . . . . . . . . . . . 14 8.1.2. application/cesr+cbor . . . . . . . . . . . . . . . . 16 8.1.3. application/cesr+msgpk . . . . . . . . . . . . . . . 18 8.1.4. application/cesr . . . . . . . . . . . . . . . . . . 20 8.2. CoAP Content-Format ID Assignments . . . . . . . . . . . 22 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 24 9.1. Normative References . . . . . . . . . . . . . . . . . . 24 9.2. Informative References . . . . . . . . . . . . . . . . . 26 Appendix A. Full CDDL . . . . . . . . . . . . . . . . . . . . . 28 Appendix B. Examples in JSON . . . . . . . . . . . . . . . . . . 30 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 33 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 33 1. Introduction The SATP architecture [I-D.ietf-satp-architecture] defines an interoperability architecture for interconnection between networks or systems that anticipates a secure asset transfer protocol that satisfies security, privacy, atomicity and liveliness requirements in the transfer of assets. The SATP core protocol [I-D.ietf-satp-core] is a protocol for exchanging digital assets that ensures the state of the asset is preserved across inter-domain transfers. It is an extensible protocol where fields containing identity and payload values that are not defined by SATP core may be defined by companion specifications. This specification defines a SATP core protocol binding for Verifiable Legal Entity Identifiers (vLEI) [ISO17442-3] used to identify SATP gateways and the organizations that operate them. In some use cases, the assets being transferred have legal considerations such that officers of the organization are expected to authorize digital asset transfers. This specification details the various vLEI credentials needed and how to integrate them with SATP core messages. SATP core message binding anticipates use of a message wrapper that uses media type [STD91] and content format [RFC7252] identifiers to facilitate interoperability with vLEI and other credential types. Smith Expires 17 March 2026 [Page 3] Internet-Draft SATP-vLEI September 2025 2. Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Identities The SATP core protocol [I-D.ietf-satp-core] defines a set of entities that participate in an asset transfer. These entities are represented in differennt ways including identifiers, credentials and public keys. SATP entities are presumed to have been issued cryptographically relevant identities prior to the SATP Transfer Initiation Stage (Stage 1) and subsequent exchanges. An entity (see Section 3 [RFC4949] bound to a cryptographic key is also known as a principal [ACM-Calculus]. A legal entity is defined by [ISO17442-1_2020] section 1 (scope). vLEIs [ISO17442-3] use Autonomic Identifiers (AID) to name legal entities and to bind cryptographic keys, to form vLEI principals. AIDs are contained within an Authentic Chained Data Contain (ACDC) [ACDC-Spec] credential. AIDs link to Key Event Logs (KEL) that are form of key attestation. KELs change periodically as key event receipts are added to the log, thus key state could have security implications. The state of the vLEI credential may change between SATP stages or whenever a key is used. The state of an ACDC is locked to keystate at issuance. A cryptographic hash of an ACDC credential and its initial key state can be referenced using a Self- Addressing Identifier (SAID) [CESR-Spec]. When applying vLEI to SATP, ACID properties suggest that the state of the exchanged asset, the protocol state, and the key state play a role during asset exchange. Ideally, SATP principals (including key state) are unchanging during complete asset exchange (or full rollback). However, if key-state can't be locked as part of a SATP ACID exchange, key state verification at each SATP stage may be needed. SATP signing keys (e.g., senderGatewaySignaturePublicKey) that are based on ACDC credentials implicitly support key attestation as part of key verification. SATP device keys (e.g., senderGatewayDeviceIdentityPubKey) used for device authentication or device attestation can furthur strengthen trustworthiness claims of SATP endpoints. Some SATP keys do not use vLEI credentals, but could still be based on ACDC credentials. Still other credential types Smith Expires 17 March 2026 [Page 4] Internet-Draft SATP-vLEI September 2025 (e.g., X.509 [RFC5280])) could be used for non-natural person entities. Nevertheless, use of a Key Event Recipt Infrastructure (KERI) [KERI-Spec] key means these keys can benefit from KEL-based key attestation. RFCthis assumes SATP identifiers and public keys are artifacts of a credential issued to a common entity. Nevertheless, the GatewayDeviceIdentityPublicKey could be associated with a different credential from the one belongin to the GatewaySignaturePublicKey. Consequently, there MAY be additional credentials issued to SATP principals that require additional verifier processing. // Note1: Need to check if there is a KERI key encoding other than // CESR and if ACDC is sufficient to describe the key. // // -- Ned Smith 3.1. SATP Identity Binding Table 3 shows SATP entities with corresponding SATP message types mapped to a suitable credential structure. Stage 1 defines uses credential artifacts (i.e., identifiers and public keys) implying credential issuance occurred earlier, possibly during Stage 0. RFCthis assumes all credentials issued are (or can be) ACDCs. The entity identifier within an ACDD is an autonomic identifer (AID), which is semantically aligned with SATP IDs. +=============+=========================================+=========+ |SATP Entity |SATP Message |Structure| +=============+=========================================+=========+ |Originator |OriginatorCredential -implied- |ACDC | +-------------+-----------------------------------------+---------+ | |originatorPubkey |ACDC or | | | |other | +-------------+-----------------------------------------+---------+ | |verifiedOriginatorEntityID |AID | +-------------+-----------------------------------------+---------+ |Sender |senderGatewayOwnerCredential -implied- |ACDC | |Gateway Owner| | | +-------------+-----------------------------------------+---------+ | |senderGatewayOwnerID |AID | +-------------+-----------------------------------------+---------+ |Sender |senderGatewayCredential -implied- |ACDC | |Gateway (G1) | | | +-------------+-----------------------------------------+---------+ | |senderGatewaySignaturePublicKey |ACDC or | | | |other | Smith Expires 17 March 2026 [Page 5] Internet-Draft SATP-vLEI September 2025 +-------------+-----------------------------------------+---------+ | |senderGatewayId |AID | +-------------+-----------------------------------------+---------+ | |senderGatewayDeviceIdentityCredential |ACDC | | |-implied- | | +-------------+-----------------------------------------+---------+ | |senderGatewayDeviceIdentityPubkey |ACDC or | | | |other | +-------------+-----------------------------------------+---------+ | |senderGatewayDeviceIdentityId -implied- |AID | +-------------+-----------------------------------------+---------+ |Sender |senderNetworkCredential -implied- |ACDC | |Network | | | +-------------+-----------------------------------------+---------+ | |senderGatewayNetworkId |AID | +-------------+-----------------------------------------+---------+ |.............|.........................................|.... | +-------------+-----------------------------------------+---------+ |Beneficiary |BeneficiaryCredential -implied- |ACDC | +-------------+-----------------------------------------+---------+ | |beneficiaryPubkey |ACDC or | | | |other | +-------------+-----------------------------------------+---------+ | |verifiedBeneficiaryEntityID |AID | +-------------+-----------------------------------------+---------+ |Receiver |receiverGatewayOwnerCredential -implied- |ACDC | |Gateway Owner| | | +-------------+-----------------------------------------+---------+ | |senderGatewayOwnerID |AID | +-------------+-----------------------------------------+---------+ |Receiver |receiverGatewayCredential -implied- |ACDC | |Gateway (G2) | | | +-------------+-----------------------------------------+---------+ | |receiverGatewaySignaturePublicKey |ACDC or | | | |other | +-------------+-----------------------------------------+---------+ | |receiverGatewayId |AID | +-------------+-----------------------------------------+---------+ | |receiverGatewayDeviceIdentityCredential |ACDC | | |-implied- | | +-------------+-----------------------------------------+---------+ | |receiverGatewayDeviceIdentityPubkey |ACDC or | | | |other | +-------------+-----------------------------------------+---------+ | |receiverGatewayDeviceIdentityId -implied-|AID | +-------------+-----------------------------------------+---------+ |Recipient |recipientNetworkCredential -implied- |ACDC | |Network | | | Smith Expires 17 March 2026 [Page 6] Internet-Draft SATP-vLEI September 2025 +-------------+-----------------------------------------+---------+ | |recipientGatewayNetworkId |AID | +-------------+-----------------------------------------+---------+ Table 1: Mapping of SATP Entities and Messages to Credential Type // Note2: Need to describe how this draft approaches protocol binding // where focus is on top-down, but not ignoring buttom up eg tls. // // -- Ned Smith 3.2. vLEI Roles The vLEI ecosystem defines roles-specific credentials. Version 1.0 of vLEI defines six ecosystem roles. +=====================================================+============+ | vLEI Role |Abbreviation| +=====================================================+============+ | QualifiedvLEIIssuervLEICredential |QVI | +-----------------------------------------------------+------------+ | LegalEntityvLEICredential |LEID | +-----------------------------------------------------+------------+ | OORAuthorizationvLEICredential |OORA | +-----------------------------------------------------+------------+ | LegalEntityOfficialOrganizationalRolevLEICredential |OOR | +-----------------------------------------------------+------------+ | ECRAuthorizationvLEICredential |ECRA | +-----------------------------------------------------+------------+ | LegalEntityEngagementContextRolevLEICredential |ECR | +-----------------------------------------------------+------------+ Table 2: vLEI Ecosystem Roles vLEI defines a role architecdture that is hierarchical. A QVI role oversees lifecycle of LEID, OORA, and ECRA roles. The OORA role oversees lifecycle of OOR roles and the ECRA role oversees the lifecycle of ECR roles. The LEID, OOR, and ECR roles could oversee lifecycle of non-vLEI credentials; which are classified as non- natural person credentials by [ISO17442-1_2020]. Smith Expires 17 March 2026 [Page 7] Internet-Draft SATP-vLEI September 2025 4. vLEI Binding Architecture The SATP core protocol [I-D.ietf-satp-core] defines several extensible protocol fields that contain identity and other values not defined by SATP core. To facilitate interoperability these fields SHOULD contain a media type [STD91] or content format [RFC7252] wrapper. This specation requests IANA assignment of media type and content format identifiers for vLEIs which are serialized as Composable Event Streaming Representation (CESR) [CESR-Spec] objects in JSON and other formats. See Section 8. // Note3: SATP describes Gateway secure channel establishment public // key-pair but this isn't represented in the list of message // publickey message types. Gateway Credential type isn't used in // any of the stages afaik. There should be an IANA registry for the // allowed credential types (vLEI, SAML, OAuth, X.509). // // -- Ned Smith 4.1. SATP vLEI Mapping The SATP protocol [I-D.ietf-satp-core] defines a set of SATP flows that are divided into stages. Table 3 maps SATP entities to specific vLEI roles. +===+===================================+===================+ | # | SATP Entity | vLEI Role | +===+===================================+===================+ | 1 | Originator, Beneficiary, Gateway | LEID | | | Owner | | +---+-----------------------------------+-------------------+ | 2 | GatewaySignature, GatewayNetwork, | non-natural | | | GatewayDeviceIdentity | person credential | +---+-----------------------------------+-------------------+ | 3 | Gateway Admin, Network Admin, | ECR | | | Gateway Operations Manager, | | | | Network Operations Manager | | +---+-----------------------------------+-------------------+ Table 3: Mapping SATP Entity to vLEI Role // Note4: The various xxxID messages are tstr values - the // stringified representation of the vLEI credential identifer should // be used here. This is probably an SAID. For a SATP-JSON binding, // the SAID MUST use the text form of the CESR derivation code. For Smith Expires 17 March 2026 [Page 8] Internet-Draft SATP-vLEI September 2025 // a SATP-CBOR or other binary binding the SAID MUST use the binary // form of the CESR derivation code. // // -- Ned Smith 4.1.1. LegalEntityIdentityvLEICredential Credentials The SATP Messages in row 1 of Table 3 is a LegalEntityvLEICredential as defined by the LEvLEIC (https://github.com/GLEIF-IT/vLEI- schema/blob/main/legal-entity-vLEI-credential.json) schema. These messages are realized using a Legal Entity vLEI Credential (LEvLEIC) because these message identify legal entities. Gateway owner identities area form of legal entity as they identify the owner of a gateway rather than the gateway itself. 4.1.2. LegalEntityEngagementContextRolevLEICredential Credentials The SATP Messages in row 3 of Table 3 is a LegalEntityEngagementContextRolevLEICredential as defined by the LEECRvLEIC (https://github.com/GLEIF-IT/vLEI-schema/blob/main/legal- entity-engagement-context-role-vLEI-credential.json) schema. These messages are realized using a LEECRvLEIC because they identify the gateways and hosts within the respective networks involved in transferring digital assets. 4.1.3. Other vLEI Deployment Considerations SATP deployments could utilize other vLEI roles. For example, an ECR role might be defined for a SATP Gateway Operations Manager or Network Administrator. See row 3 Table 3. Although SATP Stage 1 messages don't directly refer to ECR credentials, the credentials referenced could link to ECR credentials which in turn link to ECRA credentials etc... 4.2. Key Structures Keys embedded in hardware or firmware may not easily be converted to an interoperablel format, hence support for multiple key formats ensures the SATP protocols can be implemented by a wide variety of systems. The SATP PublicKey messages SHALL be encoded using JSON Web Key (JWK) [RFC7517], COSE key [STD96], PKIX key in PEM or DER, or as ACDC [ACDC-Spec] credentials. Other key formats SHOULD be allowed but are out of scope for RFCthis. Smith Expires 17 March 2026 [Page 9] Internet-Draft SATP-vLEI September 2025 4.3. SATP Message Wrapper Schema The following CDDL [RFC8610] defines the wrapper and application to SATP fields. 4.3.1. SATP Transfer Initiation (Stage 1) Message Binding The SATP stage 1 messages containing identifiers use a vLEI wrapper that contains a payload and payload content identifier. Other stage 1 messages are public key values that use a key wrapper that disambiguates the key type and format or can be expressed as a wrapped vLEI. satp-message = { ? verifiedOriginatorEntityId: wrapped-vlei ? verifiedBeneficiaryEntityId: wrapped-vlei ? senderGatewayOwnerId: wrapped-vlei ? receiverGatewayOwnerId: wrapped-vlei ? senderGatewayId: wrapped-vlei ? recipientGatewayId: wrapped-vlei ? senderGatewayNetworkId: wrapped-vlei ? recipientGatewayNetworkId: wrapped-vlei ? originatorPubkey: wrapped-vlei / wrapped-key ? beneficiaryPubkey: wrapped-vlei / wrapped-key ? senderGatewaySignaturePublicKey: wrapped-vlei / wrapped-key ? receiverGatewaySignaturePublicKey: wrapped-vlei / wrapped-key ? senderGatewayDeviceIdentityPubkey: wrapped-vlei / wrapped-key ? receiverGatewayDeviceIdentityPubkey: wrapped-vlei / wrapped-key } 4.3.2. vLEI Wrapper ; ===================================================================== ; --- Wrapped vLEI Payloads --- ; ===================================================================== wrapped-vlei = { content: content-ref payload: bstr / tstr } 4.3.3. Content References Smith Expires 17 March 2026 [Page 10] Internet-Draft SATP-vLEI September 2025 content-ref = non-empty<{ ? mt: vlei-media-type ; TBA ? cf: uint ; TBA content format id ? cbt: bool ; payload contains CBOR tagged content in the TN() range if true, if false not cbor tagged and "mt" is required ? oid: tstr ; generated from content-format-id e.g., "1.3.6.1.4.1.37476.2.1.5" }> 4.3.4. Key Wrappers ; ===================================================================== ; --- Wrapped Key Definitions --- ; ===================================================================== wrapped-key = $key-type $key-type /= cose-key $key-type /= jwk-key $key-type /= pkix-key cose-key = { content: "application/cose;cose-type=cose-key" / uint, encoding: "cbor" / "base64uri" / "text", payload: bstr / tstr } jwk-key = { content: "application/jwk+json" / uint, payload: tstr } pkix-key = { content: "application/pkix-cert" / uint, encoding: "PEM" / "DER", payload: tstr / bstr } 4.4. vLEI Media Types vLEI credentials are expressed as Authentic Chained Data Containers (ACDC) [ACDC-Spec]. Section Section 8 request IANA assignment of media types [STD91] and content format identifiers [RFC7252]. SATP core [I-D.ietf-satp-core] anticipates JSON encoded message. vLEI credentials can subsequently be JSON encoded while also being CESR [CESR-Spec] compliant. CESR defines JSON, CBOR, MSGPK and native CESR variants. The follwing media types MAY be used when building credential payloads for SATP: Smith Expires 17 March 2026 [Page 11] Internet-Draft SATP-vLEI September 2025 +========================+ | Media Types | +========================+ | application/cesr+json | +------------------------+ | application/cesr+cbor | +------------------------+ | application/cesr+msgpk | +------------------------+ | application/cesr | +------------------------+ Table 4: vLEI media types The media types in Table 4 have start codes that comply with the media type's structured syntax suffix, but require CESR-aware parsers that can detect them. The "cesr" subtype informs parsers that they have to do start code look-ahead processing. The "cesr" subtype also informs parsers that the CESR stream may contain a variety of objects including ACDCs, AIDs, and SAIDs (as mentioned in previous sections of RFCthis). 4.4.1. Profile Optonal Parameter The media type assignments have an optional parameter named "profile=" that MAY be any value. It can be used to identify a vLEI profile such as vLEI credential type. It SHOULD be expressed in URI format as illustrated in Table 5. Smith Expires 17 March 2026 [Page 12] Internet-Draft SATP-vLEI September 2025 +===================================================+=====================+ |Profile name |Profile ID | +===================================================+=====================+ |QualifiedvLEIIssuervLEICredential (QVI) |profile=urn:vlei:qvi | +---------------------------------------------------+---------------------+ |LegalEntityvLEICredential (LEID) |profile=urn:vlei:leid| +---------------------------------------------------+---------------------+ |ECRAuthorizationvLEICredential (ECRA) |profile=urn:vlei:ecra| +---------------------------------------------------+---------------------+ |LegalEntityEngagementContextRolevLEICredential |profile=urn:vlei:ecr | |(ECR) | | +---------------------------------------------------+---------------------+ |OORAuthorizationvLEICredential (OORA) |profile=urn:vlei:oora| +---------------------------------------------------+---------------------+ |LegalEntityOfficialOrganizationalRolevLEICredential|profile=urn:vlei:oor | |(OOR) | | +---------------------------------------------------+---------------------+ Table 5: vLEI profiles The various vLEI credential types can be specified in a media type using the profile option. Table 5 summarizes the profile identifiers for the various vLEI credential types. A comprehensive listing of vLEI profiles is provided even though some of the vLEI credential types are not anticipated by the vLEI binding to SATP at this time. 4.4.2. Encoding Optonal Parameter The media type assignments have an optional encoding ("encoding=") parameter that can be used to tunnel an alternative encoding. Typically, encodings fall into two broad categories; text or binary. An encoding MAY be any value, but RFCthis anticipates the following: * "base64uri" -- the payload is binary, as indicated by the media- type, but base64 encoded when the bounding protocol is a text stream. See Section 5, [RFC4648]. 4.4.3. Charset Optonal Parameter The media type assignments have an optional character set ("charset=") parameter that can be used to identify the character encoding scheme when the payload is a text encoding. By default "utf-8" is assumed. Alternative character set encodings MUST populate "charset=". Smith Expires 17 March 2026 [Page 13] Internet-Draft SATP-vLEI September 2025 5. Verification of vLEI Payloads TODO 6. Implementation Status TODO 7. Security Considerations The following security properties are assumed for all payloads identified by media types defined in RFCthis: * ACDC payloads are cryptographically signed. * CESR payloads are cryptographically signed and self-framing. * Signature verification is required to ensure authenticity and integrity. * Credential provenance must be anchored to a trusted root. For example, the GLEIF Root AID via ACDC edges (see [GLEIF-vLEI-EGF]). * vLEIs must be validated against the vLEI schema. See [GLEIF-vLEI-TechReq-Part3]. 8. IANA Considerations 8.1. Media Type Assignment IANA is requested to add the following media types to the "Media Types" registry [IANA.media-types]. 8.1.1. application/cesr+json This media type indicates the payload is a JSON formatted vLEI. _Type name:_ * application _Subtype name:_ * cesr+json _Required parameters:_ * None Smith Expires 17 March 2026 [Page 14] Internet-Draft SATP-vLEI September 2025 _Optional parameters:_ * profile — Indicates the payload conforms to a specific vLEI credential type. * encoding — Indicates the ACDC stream is text or binary. If binary, encoding MUST make the payload text-safe (e.g., encoding=base64uri). Defaults to text. * charset — Indicates character set for text encodings. Defaults to UTF-8. _Encoding considerations:_ * 8-bit; JSON text encoding defaults to UTF-8. * Binary payloads are text-safe encoded for use in JSON streams. _Security considerations:_ * See Section 7. _Interoperability considerations:_ * Binary payloads must be base64 encoded to make payloads compatible with text streams. * Section 9.4 and 9.5 in the CESR specification (cold start) in CESR * Section 11.5 Version String Field in CESR _Published specification:_ * RFCthis * Key Event Receipt Infrastructure (KERI) — [KERI-Spec] * Authentictic Chained Data Containers (ACDC) — [ACDC-Spec] * Composable Event Streaming Representation (CESR) — [CESR-Spec] * GLEIF vLEI Credential Schema Registry — [GLEIF-vLEI-TechReq-Part3] _Applications that use this media type:_ * GLEIF vLEI issuance and verification systems. * SATP-compliant credential exchange platforms. Smith Expires 17 March 2026 [Page 15] Internet-Draft SATP-vLEI September 2025 * Forensic credential chaining and audit systems. _Fragment identifier considerations:_ * None _Additional information:_ * _Magic number(s):_ None * _File extension(s):_ .acdcjson * _Macintosh file type code(s):_ None _Person & email address to contact for further information:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Intended usage:_ * COMMON _Author:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Change controller:_ * IETF / GLEIF 8.1.2. application/cesr+cbor _Type name:_ * application _Subtype name:_ * cesr+cbor Smith Expires 17 March 2026 [Page 16] Internet-Draft SATP-vLEI September 2025 _Required parameters:_ * None _Optional parameters:_ * profile — Indicates the payload conforms to a specific vLEI credential type. * encoding — Indicates the ACDC stream is text or binary. Defaults to cbor. * charset — Indicates character set for text encodings. Defaults to UTF-8. _Encoding considerations:_ * ACDC streams are CBOR encoded for use with binary transports. If the transport is a text stream the encoding option should be specified. _Security considerations:_ * See Section 7. _Interoperability considerations:_ None. _Published specification:_ * RFCthis * Key Event Receipt Infrastructure (KERI) — [KERI-Spec] * Authentictic Chained Data Containers (ACDC) — [ACDC-Spec] * Composable Event Streaming Representation (CESR) — [CESR-Spec] * GLEIF vLEI Credential Schema Registry — [GLEIF-vLEI-TechReq-Part3] _Applications that use this media type:_ * GLEIF vLEI issuance and verification systems * SATP-compliant credential exchange platforms * Forensic credential chaining and audit systems Smith Expires 17 March 2026 [Page 17] Internet-Draft SATP-vLEI September 2025 _Fragment identifier considerations:_ * None _Additional information:_ * Magic number(s): None * File extension(s): .acdcbor * Macintosh file type code(s): None _Person & email address to contact for further information:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Intended usage:_ * COMMON _Author:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Change controller:_ * IETF / GLEIF 8.1.3. application/cesr+msgpk _Type name:_ * application _Subtype name:_ * cesr+msgpk _Required parameters:_ Smith Expires 17 March 2026 [Page 18] Internet-Draft SATP-vLEI September 2025 * None _Optional parameters:_ * profile — Indicates the payload conforms to a specific vLEI credential type. * encoding — Indicates the ACDC stream is text or binary. Defaults to msgpk. * charset — Indicates character set for text encodings. Defaults to UTF-8. _Encoding considerations:_ * ACDC streams are MSGPK encoded for use with binary transports. If the transport is a text stream the encoding option should be specified. _Security considerations:_ * See Section 7. _Interoperability considerations:_ None. _Published specification:_ * RFCthis * Key Event Receipt Infrastructure (KERI) — [KERI-Spec] * Authentictic Chained Data Containers (ACDC) — [ACDC-Spec] * Composable Event Streaming Representation (CESR) — [CESR-Spec] * GLEIF vLEI Credential Schema Registry — [GLEIF-vLEI-TechReq-Part3] _Applications that use this media type:_ * GLEIF vLEI issuance and verification systems * SATP-compliant credential exchange platforms * Forensic credential chaining and audit systems _Fragment identifier considerations:_ Smith Expires 17 March 2026 [Page 19] Internet-Draft SATP-vLEI September 2025 * None _Additional information:_ * Magic number(s): None * File extension(s): .acdcmsgpk * Macintosh file type code(s): None _Person & email address to contact for further information:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Intended usage:_ * COMMON _Author:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Change controller:_ * IETF / GLEIF 8.1.4. application/cesr _Type name:_ * application _Subtype name:_ * cesr _Required parameters:_ * None Smith Expires 17 March 2026 [Page 20] Internet-Draft SATP-vLEI September 2025 _Optional parameters:_ * profile — Indicates the payload conforms to a specific vLEI credential type. * encoding — Indicates the CESR stream is text or binary. Defaults to text. encoding=binary indicates the CESR stream is binary encoded. * charset — Indicates character set for text encodings. Defaults to UTF-8. _Encoding considerations:_ * CESR defaults to UTF-8 text encoding and is self-framing. * CESR can also be a binary stream. When used in binary mode the encoding option MUST be specified (e.g., encoding=binary). _Security considerations:_ * See Section 8. _Interoperability considerations:_ None. _Published specification:_ * RFCthis * Key Event Receipt Infrastructure (KERI) — [KERI-Spec] * Authentictic Chained Data Containers (ACDC) — [ACDC-Spec] * Composable Event Streaming Representation (CESR) — [CESR-Spec] * GLEIF vLEI Credential Schema Registry — [GLEIF-vLEI-TechReq-Part3] _Applications that use this media type:_ * GLEIF vLEI issuance and verification systems * SATP-compliant credential exchange platforms * Forensic credential chaining and audit systems _Fragment identifier considerations:_ Smith Expires 17 March 2026 [Page 21] Internet-Draft SATP-vLEI September 2025 * None _Additional information:_ * Magic number(s): None * File extension(s): .acdccesr * Macintosh file type code(s): None _Person & email address to contact for further information:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Intended usage:_ * COMMON _Author:_ * N. Smith ned.smith.ietf@outlook.com (mailto:ned.smith.ietf@outlook.com) * GLEIF IT Team vlei-support@gleif.org (mailto:vlei- support@gleif.org) _Change controller:_ * IETF / GLEIF 8.2. CoAP Content-Format ID Assignments IANA is requested to assign the following Content-Format numbers in the "CoAP Content-Formats" sub-registry, within the "Constrained RESTful Environments (CoRE) Parameters" Registry [IANA.core-parameters]: +==================================+=========+=======+===========+ | Content-Type | Content | ID | Reference | | | Coding | | | +==================================+=========+=======+===========+ | application/cesr+json | - | TBA1 | RFCthis | +----------------------------------+---------+-------+-----------+ | application/cesr+cbor | - | TBD2 | RFCthis | Smith Expires 17 March 2026 [Page 22] Internet-Draft SATP-vLEI September 2025 +----------------------------------+---------+-------+-----------+ | application/cesr+msgpk | - | TBD3 | RFCthis | +----------------------------------+---------+-------+-----------+ | application/cesr | - | TBD4 | RFCthis | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA10 | RFCthis | | cesr+json;profile=urn:vlei:leid | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA11 | RFCthis | | cesr+json;profile=urn:vlei:ecr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA12 | RFCthis | | cesr+json;profile=urn:vlei:oor | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA13 | RFCthis | | cesr+json;profile=urn:vlei:lar | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA14 | RFCthis | | cesr+json;profile=urn:vlei:qvi | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA15 | RFCthis | | cesr+json;profile=urn:vlei:vra | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA20 | RFCthis | | cesr+cbor;profile=urn:vlei:leid | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA21 | RFCthis | | cesr+cbor;profile=urn:vlei:ecr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA22 | RFCthis | | cesr+cbor;profile=urn:vlei:oor | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA23 | RFCthis | | cesr+cbor;profile=urn:vlei:lar | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA24 | RFCthis | | cesr+cbor;profile=urn:vlei:qvi | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA25 | RFCthis | | cesr+cbor;profile=urn:vlei:vra | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA30 | RFCthis | | cesr+msgpk;profile=urn:vlei:leid | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA31 | RFCthis | | cesr+msgpk;profile=urn:vlei:ecr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA32 | RFCthis | Smith Expires 17 March 2026 [Page 23] Internet-Draft SATP-vLEI September 2025 | cesr+msgpk;profile=urn:vlei:oor | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA33 | RFCthis | | cesr+msgpk;profile=urn:vlei:lar | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA34 | RFCthis | | cesr+msgpk;profile=urn:vlei:qvr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA35 | RFCthis | | cesr+msgpk;profile=urn:vlei:vra | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA40 | RFCthis | | cesr;profile=urn:vlei:leid | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA41 | RFCthis | | cesr;profile=urn:vlei:ecr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA42 | RFCthis | | cesr;profile=urn:vlei:oor | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA43 | RFCthis | | cesr;profile=urn:vlei:lar | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA44 | RFCthis | | cesr;profile=urn:vlei:qvr | | | | +----------------------------------+---------+-------+-----------+ | application/ | - | TBA45 | RFCthis | | cesr;profile=urn:vlei:vra | | | | +----------------------------------+---------+-------+-----------+ Table 6: New Content-Formats 9. References 9.1. Normative References [REQ-LEVEL] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Smith Expires 17 March 2026 [Page 24] Internet-Draft SATP-vLEI September 2025 [I-D.ietf-satp-core] Hargreaves, M., Hardjono, T., Belchior, R., Ramakrishna, V., and A. Chiriac, "Secure Asset Transfer Protocol (SATP) Core", Work in Progress, Internet-Draft, draft-ietf-satp- core-11, 7 August 2025, . [RFC7159] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data Interchange Format", RFC 7159, DOI 10.17487/RFC7159, March 2014, . [RFC7517] Jones, M., "JSON Web Key (JWK)", RFC 7517, DOI 10.17487/RFC7517, May 2015, . [RFC2585] Housley, R. and P. Hoffman, "Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP", RFC 2585, DOI 10.17487/RFC2585, May 1999, . [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, . [STD96] Schaad, J., "CBOR Object Signing and Encryption (COSE): Structures and Process", STD 96, RFC 9052, DOI 10.17487/RFC9052, August 2022, . [STD91] Freed, N., Klensin, J., and T. Hansen, "Media Type Specifications and Registration Procedures", BCP 13, RFC 6838, DOI 10.17487/RFC6838, January 2013, . [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained Application Protocol (CoAP)", RFC 7252, DOI 10.17487/RFC7252, June 2014, . [RFC8610] Birkholz, H., Vigano, C., and C. Bormann, "Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures", RFC 8610, DOI 10.17487/RFC8610, June 2019, . Smith Expires 17 March 2026 [Page 25] Internet-Draft SATP-vLEI September 2025 [GLEIF-vLEI-TechReq-Part1] Global Legal Entity Identifier Foundation, "Technical Requirements Part 1: KERI Infrastructure", GLEIF vLEI-EGF- TechReq-Part1-v1.3, 16 April 2025, . [GLEIF-vLEI-TechReq-Part2] Global Legal Entity Identifier Foundation, "Technical Requirements Part 2: vLEI Credentials", GLEIF vLEI-EGF- TechReq-Part2-v1.1, 15 December 2023, . [GLEIF-vLEI-TechReq-Part3] Global Legal Entity Identifier Foundation, "Technical Requirements Part 3: vLEI Credential Schema Registry", GLEIF vLEI-EGF-TechReq-Part3-v1.1, 15 December 2023, . [ISO17442-3] International Organization for Standardization, "Financial services — Legal entity identifier (LEI) — Part 3: Verifiable LEIs (vLEIs)", ISO 17442-3:2024, 2024, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [IANA.media-types] IANA, "Media Types", . [IANA.core-parameters] IANA, "Constrained RESTful Environments (CoRE) Parameters", . 9.2. Informative References Smith Expires 17 March 2026 [Page 26] Internet-Draft SATP-vLEI September 2025 [I-D.ietf-satp-architecture] Hardjono, T., Hargreaves, M., Smith, N., and V. Ramakrishna, "Secure Asset Transfer (SAT) Interoperability Architecture", Work in Progress, Internet-Draft, draft- ietf-satp-architecture-08, 31 July 2025, . [ISO17442-1] International Organization for Standardization, "Financial services — Legal entity identifier (LEI) — Part 1: Assignment", ISO 17442-1:2020, 2020, . [KERI-Spec] Trust Over IP Foundation, "Key Event Receipt Infrastructure (KERI) Specification, v0.9, Draft", TOIP TSWG-KERI-2023, 2023, . [ACDC-Spec] Trust Over IP Foundation, "Authentic Chained Data Containers (ACDC) Specification, v0.9, Draft", TOIP TSWG- ACDC-2023, 2023, . [CESR-Spec] Trust Over IP Foundation, "Composable Event Streaming Representation (CESR) Proof Format Specification, v0.9, Draft", TOIP TSWG-CESR-2023, 2023, . [GLEIF-vLEI-EGF] Global Legal Entity Identifier Foundation, "Verifiable LEI (vLEI) Ecosystem Governance Framework: Primary and Controlled Documents", GLEIF vLEI-EGF-v3.0, 16 April 2025, . [ACM-Calculus] Abadi, M., Burrows, M., Lampson, B., and G. Plotkin, "A Calculus for Access Control in Distributed Systems", ACM TOPLAS 15(4), pp. 706–734, October 1993, . [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, . Smith Expires 17 March 2026 [Page 27] Internet-Draft SATP-vLEI September 2025 [ISO17442-1_2020] International Organization for Standardization, "Financial services — Legal entity identifier (LEI) — Part 1: Assignment", ISO 17442-1:2020, 2020, . [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, . Appendix A. Full CDDL start = satp-message non-empty = (M) .and ({ + any => any }) satp-message = { ? verifiedOriginatorEntityId: wrapped-vlei ? verifiedBeneficiaryEntityId: wrapped-vlei ? senderGatewayOwnerId: wrapped-vlei ? receiverGatewayOwnerId: wrapped-vlei ? senderGatewayId: wrapped-vlei ? recipientGatewayId: wrapped-vlei ? senderGatewayNetworkId: wrapped-vlei ? recipientGatewayNetworkId: wrapped-vlei ? originatorPubkey: wrapped-vlei / wrapped-key ? beneficiaryPubkey: wrapped-vlei / wrapped-key ? senderGatewaySignaturePublicKey: wrapped-vlei / wrapped-key ? receiverGatewaySignaturePublicKey: wrapped-vlei / wrapped-key ? senderGatewayDeviceIdentityPubkey: wrapped-vlei / wrapped-key ? receiverGatewayDeviceIdentityPubkey: wrapped-vlei / wrapped-key } wrapped-vlei = { content: content-ref payload: bstr / tstr } content-ref = non-empty<{ ? mt: vlei-media-type ; TBA ? cf: uint ; TBA content format id ? cbt: bool ; payload contains CBOR tagged content in the TN() range if true, if false not cbor tagged and "mt" is required ? oid: tstr ; generated from content-format-id e.g., "1.3.6.1.4.1.37476.2.1.5" Smith Expires 17 March 2026 [Page 28] Internet-Draft SATP-vLEI September 2025 }> wrapped-key = $key-type $key-type /= cose-key $key-type /= jwk-key $key-type /= pkix-key cose-key = { content: "application/cose;cose-type=cose-key" / uint, encoding: "cbor" / "base64uri" / "text", payload: bstr / tstr } jwk-key = { content: "application/jwk+json" / uint, payload: tstr } pkix-key = { content: "application/pkix-cert" / uint, encoding: "PEM" / "DER", payload: tstr / bstr } vlei-media-type = "application/cesr+json;profile=urn:vlei:leid" / "application/cesr+json;profile=urn:vlei:ecr" / "application/cesr+json;profile=urn:vlei:ecr;charset=utf-16le" / "application/cesr+json;profile=urn:vlei:oor" / "application/cesr+json;profile=urn:vlei:ecra" / "application/cesr+json;profile=urn:vlei:qvi" / "application/cesr+json;profile=urn:vlei:oora" / "application/cesr+json;profile=urn:vlei:oora;encoding=base64uri" / "application/cesr+cbor;profile=urn:vlei:leid" / "application/cesr+cbor;profile=urn:vlei:leid;encoding=text" / "application/cesr+cbor;profile=urn:vlei:ecr" / "application/cesr+cbor;profile=urn:vlei:ecr;encoding=base64uri" / "application/cesr+cbor;profile=urn:vlei:ecr;encoding=text" / "application/cesr+cbor;profile=urn:vlei:oor" / "application/cesr+cbor;profile=urn:vlei:oor;encoding=text" / "application/cesr+cbor;profile=urn:vlei:ecra" / "application/cesr+cbor;profile=urn:vlei:ecra;encoding=text" / "application/cesr+cbor;profile=urn:vlei:qvi" / "application/cesr+cbor;profile=urn:vlei:qvi;encoding=text" / "application/cesr+cbor;profile=urn:vlei:oora" / "application/cesr+cbor;profile=urn:vlei:oora;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:leid" / Smith Expires 17 March 2026 [Page 29] Internet-Draft SATP-vLEI September 2025 "application/cesr+msgpk;profile=urn:vlei:leid;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:ecr" / "application/cesr+msgpk;profile=urn:vlei:ecr;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:oor" / "application/cesr+msgpk;profile=urn:vlei:oor;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:ecra" / "application/cesr+msgpk;profile=urn:vlei:ecra;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:qvi" / "application/cesr+msgpk;profile=urn:vlei:qvi;encoding=text" / "application/cesr+msgpk;profile=urn:vlei:oora" / "application/cesr+msgpk;profile=urn:vlei:oora;encoding=text" / "application/cesr;profile=urn:vlei:leid" / "application/cesr;profile=urn:vlei:leid;encoding=binary" / "application/cesr;profile=urn:vlei:leid;encoding=base64uri" / "application/cesr;profile=urn:vlei:leid;charset=utf-16le" / "application/cesr;profile=urn:vlei:ecr" / "application/cesr;profile=urn:vlei:ecr;encoding=binary" / "application/cesr;profile=urn:vlei:oor" / "application/cesr;profile=urn:vlei:oor;encoding=binary" / "application/cesr;profile=urn:vlei:ecra" / "application/cesr;profile=urn:vlei:ecra;encoding=binary" / "application/cesr;profile=urn:vlei:qvi" / "application/cesr;profile=urn:vlei:qvi;bencoding=binary" / "application/cesr;profile=urn:vlei:oora" / "application/cesr;profile=urn:vlei:oora;encoding=binary" Appendix B. Examples in JSON The following SATP wrapper examples show synthetic vLEI data: { "verifiedOriginatorEntityId": { "content": { "mt": "application/cesr+json;profile=urn:vlei:leid" // JSON serialization of an ACDC credential (LEID profile) }, "payload": "ACDC10JSON...SAID...i:did:keri:..." // literal ACDC JSON text, not base64 } } Smith Expires 17 March 2026 [Page 30] Internet-Draft SATP-vLEI September 2025 { "verifiedBeneficiaryEntityId": { "content": { "mt": "application/cesr;profile=urn:vlei:leid;encoding=binary" }, "payload": "QUNEQzEwQ0JPUkJhc2U2NEVuY29kZWQvLi4u" // base64 of binary CESR serialization of SAID credential (LEID profile) } } { "senderGatewayOwnerId": { "content": { "mt": "application/cesr+msgpk;profile=urn:vlei:leid" // cf, cbt, oid omitted here — optional in schema }, "payload": "ACDC10MSGP...SAID...i:did:keri:..." // MessagePack serialization of an ACDC credential (LEID profile) } } { "receiverGatewayOwnerId": { "content": { "mt": "application/cesr;profile=urn:vlei:leid;encoding=base64uri" // could also include cf, cbt, oid if known }, "payload": "QUNEQzEwQ0VTUkJhc2U2NEVuY29kZWQvLi4u" // ⟶ Base64 of binary CESR stream encoding of SAID credential } } { "senderGatewayId": { "content": { "mt": "application/cesr;profile=urn:vlei:ecr" // cf, cbt, oid omitted — optional in schema }, "payload": "ACDC10CESR...SAID...i:did:keri:..." // CESR-encoded ACDC credential (ECR profile) as plain text } } Smith Expires 17 March 2026 [Page 31] Internet-Draft SATP-vLEI September 2025 { "recipientGatewayId": { "content": { "mt": "application/cesr+cbor;profile=urn:vlei:ecr", // from vlei-media-type enum "cf": 0, "oid": "1.2.3.4.6" // actual OID for this credential type }, "payload": "ACDC10CBORTESTSAIDi:did:keri:EXAMPLERGWNETID" // raw CBOR bytes or base64/base64url string, but not CBOR-tagged } } { "senderGatewayNetworkId": { "content": { "mt": "application/cesr+cbor;profile=urn:vlei:ecr;encoding=base64uri", "cbt": false // no TN() CBOR tag; just base64 of raw CBOR }, "payload": "oWJ0ZXN0LWVjci1jcmVkZW50aWFs..." // base64 of the CBOR-encoded ACDC (ECR profile) } } { "senderGatewayNetworkId": { "content": { "mt": "application/cesr+cbor;profile=urn:vlei:ecr;encoding=base64uri", "cbt": false // no TN() CBOR tag; just base64 of raw CBOR }, "payload": "gEEBAQ..." // base64 of CBOR-encoded ACDC (ECR profile) } } The following SATP wrapper examples show synthetic key data: Smith Expires 17 March 2026 [Page 32] Internet-Draft SATP-vLEI September 2025 { "originatorPubkey": { "content": "application/jwk+json", "payload": "{ \"kty\": \"EC\", \"crv\": \"P-256\", \"x\": \"...\", \"y\": \"...\" }" }, "beneficiaryPubkey": { "content": "application/cose;cose-type=cose-key", "encoding": "base64uri", // explicitly flagging representation "payload": "aEtNQnBRLi4u" // base64 of CBOR COSE_Key bytes }, "senderGatewaySignaturePublicKey": { "content": "application/jwk+json", "payload": "{ \"kty\": \"RSA\", \"n\": \"...\", \"e\": \"AQAB\" }" }, "receiverGatewaySignaturePublicKey": { "content": "application/cose;cose-type=cose-key", "encoding": "base64uri", "payload": "aEtNQ3BBLi4u" }, "senderGatewayDeviceIdentityPubkey": { "content": "application/pkix-cert", "encoding": "PEM", "payload": "-----BEGIN CERTIFICATE-----\nMIIB...==\n-----END CERTIFICATE-----" }, "receiverGatewayDeviceIdentityPubkey": { "content": "application/pkix-cert", "encoding": "DER", "payload": "MIIB..." // base64 DER } } Acknowledgments TODO acknowledge. Author's Address Ned Smith Independent Email: ned.smith.ietf@outlook.com Smith Expires 17 March 2026 [Page 33]