



Remote ATtestation procedureS                                 D. Condrey
Internet-Draft                                          Writerslogic Inc
Intended status: Informational                           6 February 2026
Expires: 10 August 2026


          Proof of Process: Collaborative Authorship Extension
                draft-condrey-rats-pop-collaborative-00

Abstract

   This document defines an extension to the Proof of Process (PoP)
   specification for documenting collaborative authorship.  The
   extension enables multiple contributors to independently attest to
   their individual contributions while maintaining a unified Evidence
   chain for the combined document.  This supports use cases including
   academic co-authorship, legal document drafting by teams, and
   creative works with multiple writers.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 10 August 2026.

Copyright Notice

   Copyright (c) 2026 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.





Condrey                  Expires 10 August 2026                 [Page 1]

Internet-Draft              PoP Collaborative              February 2026


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   2
   2.  Motivation  . . . . . . . . . . . . . . . . . . . . . . . . .   2
   3.  Collaboration Section Structure . . . . . . . . . . . . . . .   3
   4.  Collaborator Attestation  . . . . . . . . . . . . . . . . . .   5
     4.1.  Attestation Content . . . . . . . . . . . . . . . . . . .   5
     4.2.  Attestation Timing  . . . . . . . . . . . . . . . . . . .   6
   5.  Verification of Collaborative Evidence  . . . . . . . . . . .   6
   6.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   7
   7.  Collaborative Evidence Example  . . . . . . . . . . . . . . .   7
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   9.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   9
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     10.1.  Normative References . . . . . . . . . . . . . . . . . .   9
     10.2.  Informative References . . . . . . . . . . . . . . . . .   9
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   9

1.  Introduction

   This document defines mechanisms for documenting collaborative
   authorship where multiple contributors produce a single work.  The
   collaborative model enables each contributor to attest to their
   individual contributions while maintaining a unified Evidence chain
   for the combined document.

   This extension is defined as a companion to the main Proof of Process
   specification [I-D.condrey-rats-pop].

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  Motivation

   Modern knowledge work is frequently collaborative:

   *  Academic papers with multiple co-authors

   *  Legal documents drafted by teams

   *  Technical documentation with subject matter experts




Condrey                  Expires 10 August 2026                 [Page 2]

Internet-Draft              PoP Collaborative              February 2026


   *  Creative works with co-writers or editors

   The base Proof of Process Evidence model assumes a single author with
   one signing key.  Without explicit collaboration support, teams must
   either:

   *  Designate one member to generate Evidence, losing attribution for
      other contributors.

   *  Generate separate Evidence packets and link them via provenance,
      losing unified document history.

   *  Share a single signing key, compromising individual
      accountability.

   The collaborative authorship model addresses these limitations by
   enabling multiple contributors to independently attest to their
   contributions within a shared Evidence structure.

3.  Collaboration Section Structure

   The collaboration section is an optional component of the Evidence
   packet, identified by integer key 22.  It documents the participants
   and their respective contributions.

   ; Collaboration section for multi-author works
   ; Key 22 in evidence-packet
   collaboration-section = {
       1 => collaboration-mode,         ; mode
       2 => [+ collaborator],           ; participants
       ? 3 => [+ contribution-claim],   ; contributions
       ? 4 => merge-record,             ; merge-history
       ? 5 => collaboration-policy,     ; governance
   }

   collaboration-mode = &(
       sequential: 1,                   ; One active author at a time
       parallel: 2,                     ; Concurrent editing, merged
       delegated: 3,                    ; Primary author + contributors
       peer-review: 4,                  ; Author + reviewers/editors
   )

   ; Individual collaborator record
   collaborator = {
       1 => cose-key,                   ; collaborator-pubkey
       2 => collaborator-role,          ; role
       ? 3 => tstr,                     ; display-name
       ? 4 => tstr,                     ; identifier (ORCID, etc.)



Condrey                  Expires 10 August 2026                 [Page 3]

Internet-Draft              PoP Collaborative              February 2026


       5 => [+ time-interval],          ; active-periods
       ? 6 => [+ uint],                 ; checkpoint-ranges (indices)
       7 => cose-signature,             ; collaborator-attestation
       ? 8 => contribution-summary,     ; contribution-stats
   }

   collaborator-role = &(
       primary-author: 1,               ; Main/lead author
       co-author: 2,                    ; Equal contributor
       contributing-author: 3,          ; Section/chapter contributor
       editor: 4,                       ; Editorial contributions
       reviewer: 5,                     ; Review comments incorporated
       technical-contributor: 6,        ; Data, code, figures
       translator: 7,                   ; Translation work
   )

   ; Summary of a collaborator's contributions
   contribution-summary = {
       1 => uint,                       ; checkpoints-authored
       2 => uint,                       ; chars-added
       3 => uint,                       ; chars-deleted
       4 => duration,                   ; active-time
       ? 5 => float32,                  ; estimated-contribution-pct
   }

   ; Detailed contribution claims
   contribution-claim = {
       1 => contribution-type,          ; type
       2 => cose-key,                   ; contributor-key
       ? 3 => [+ uint],                 ; checkpoint-indices
       ? 4 => tstr,                     ; description
       ? 5 => float32,                  ; extent (0.0-1.0)
   }

   contribution-type = &(
       original-content: 1,             ; New text/content
       editing: 2,                      ; Revisions to existing content
       research: 3,                     ; Research contribution
       data-analysis: 4,                ; Data/analysis contribution
       figures-tables: 5,               ; Visual elements
       code: 6,                         ; Code contributions
       review-feedback: 7,              ; Review that influenced content
       structural: 8,                   ; Organization/structure
   )

   ; Record of merge operations
   merge-record = {
       1 => [+ merge-event],            ; merges



Condrey                  Expires 10 August 2026                 [Page 4]

Internet-Draft              PoP Collaborative              February 2026


   }

   merge-event = {
       1 => pop-timestamp,              ; merge-time
       2 => uint,                       ; resulting-checkpoint
       3 => [+ cose-key],               ; merged-contributors
       ? 4 => merge-strategy,           ; strategy
       ? 5 => tstr,                     ; merge-note
   }

   merge-strategy = &(
       sequential-append: 1,            ; Sections appended in order
       interleaved: 2,                  ; Content merged throughout
       conflict-resolved: 3,            ; Conflicts manually resolved
       automated: 4,                    ; Automated merge tool
   )

   ; Collaboration governance policy
   collaboration-policy = {
       ? 1 => uint,                     ; min-approvers-for-merge
       ? 2 => bool,                     ; requires-all-signatures
       ? 3 => tstr,                     ; policy-uri
   }

4.  Collaborator Attestation

   Each collaborator provides an independent attestation of their
   contribution.  This enables Verifiers to confirm that each
   participant acknowledged their role.

4.1.  Attestation Content

 collaborator-attestation = COSE_Sign1(
     payload = CBOR_encode({
         1: packet-id,                ; Evidence packet ID
         2: collaborator-pubkey,      ; Attesting collaborator's key
         3: role,                     ; Declared role
         4: active-periods,           ; When contributor was active
         5: checkpoint-ranges,        ; Which checkpoints they authored
         6: contribution-summary,     ; Self-reported contribution stats
         7: attestation-timestamp,    ; When attestation was made
     }),
     key = collaborator-private-key
 )

   The attestation binds the collaborator's identity to specific
   checkpoints and contribution claims, enabling per-contributor
   accountability.



Condrey                  Expires 10 August 2026                 [Page 5]

Internet-Draft              PoP Collaborative              February 2026


4.2.  Attestation Timing

   Collaborator attestations may be collected:

   *  *Incrementally:* Each collaborator signs after their contribution
      period ends.

   *  *At export:* All collaborators sign when the Evidence packet is
      finalized.

   *  *Post-hoc:* Collaborators sign after reviewing the complete
      Evidence (attestation-timestamp will be later than final
      checkpoint).

   The attestation-timestamp enables Verifiers to determine when each
   collaborator endorsed the Evidence.

5.  Verification of Collaborative Evidence

   Verifiers of collaborative Evidence MUST perform additional checks
   beyond single-author verification:

   1.  Verify that all collaborator-attestation signatures are valid.

   2.  Verify that checkpoint-ranges claimed by collaborators do not
       have unexplained gaps (all checkpoints should be attributed).

   3.  Verify that checkpoint-ranges do not overlap for modes that
       prohibit concurrent editing (sequential mode).

   4.  For merge events, verify that the merge-time falls within the
       active-periods of the merged contributors.

   5.  Verify that contribution-summary statistics are plausible given
       the checkpoint data (e.g., chars-added should not exceed total
       chars in attributed checkpoints).

   The Attestation Result SHOULD document:

   *  Number of collaborators and their roles

   *  Whether all collaborator attestations were verified

   *  Any gaps in checkpoint attribution

   *  Consistency of contribution claims





Condrey                  Expires 10 August 2026                 [Page 6]

Internet-Draft              PoP Collaborative              February 2026


6.  Privacy Considerations

   Collaborative Evidence inherently reveals information about multiple
   individuals.  Participants SHOULD consider:

   *  Collaborator public keys may be linkable across documents.
      Contributors may use per-document keypairs for privacy.

   *  Active-periods reveal when each contributor was working, which may
      be sensitive in some contexts.

   *  Contribution percentages may be contentious; participants SHOULD
      agree on methodology before Evidence generation.

   *  Reviewer/editor roles reveal the review process, which may be
      confidential for some publications.

7.  Collaborative Evidence Example

   Academic paper with three co-authors:

   collaboration-section = {
     1: 2,
     2: [
       {
         1: h'alice-cose-key...',
         2: 1,
         3: "Alice Smith",
         4: "orcid:0000-0001-2345-6789",
         5: [
           {1: 1(1704067200), 2: 1(1706745600)},
         ],
         6: (0, 45),
         7: h'alice-attestation...',
         8: {
           1: 46,
           2: 12500,
           3: 800,
           4: 14400.0,
           5: 0.45
         }
       },
       {
         1: h'bob-cose-key...',
         2: 2,
         3: "Bob Jones",
         5: ({1: 1(1705276800), 2: 1(1706140800)}),
         6: (46, 82),



Condrey                  Expires 10 August 2026                 [Page 7]

Internet-Draft              PoP Collaborative              February 2026


         7: h'bob-attestation...',
         8: {1: 37, 2: 8900, 3: 450, 4: 10800.0, 5: 0.32}
       },
       {
         1: h'carol-cose-key...',
         2: 3,
         3: "Carol Lee",
         5: ({1: 1(1706400000), 2: 1(1706745600)}),
         6: (83, 105),
         7: h'carol-attestation...',
         8: {1: 23, 2: 5200, 3: 200, 4: 7200.0, 5: 0.23}
       }
     ],
     3: [
       {1: 1, 2: h'alice-key...', 4: "Introduction, Methods"},
       {1: 4, 2: h'bob-key...', 4: "Results, Data Analysis"},
       {1: 5, 2: h'carol-key...', 4: "Figures and Tables"}
     ],
     4: {
       1: [
         {
           1: 1(1706659200),
           2: 100,
           3: (h'alice-key...', h'bob-key...', h'carol-key...'),
           4: 3,
           5: "Final integration of all sections"
         }
       ]
     }
   }

8.  Security Considerations

   Collaborative authorship introduces additional security
   considerations beyond single-author Evidence:

   *  *Key compromise scope:* Compromise of one collaborator's key
      affects only their claimed checkpoints, not the entire document
      Evidence.

   *  *Collusion attacks:* Multiple collaborators could collude to
      fabricate a document history.  Verifiers SHOULD consider the
      number of independent attestations.

   *  *Contribution disputes:* This format documents claims but cannot
      resolve disputes about who truly authored content.  External
      arbitration may be needed.




Condrey                  Expires 10 August 2026                 [Page 8]

Internet-Draft              PoP Collaborative              February 2026


   *  *Replay of attestations:* Attestations are bound to specific
      packet-ids to prevent reuse across documents.

   Collaborator attestations use COSE signatures as defined in
   [RFC9052].  Full security considerations for the Proof of Process
   format are specified in [I-D.condrey-rats-pop].

9.  IANA Considerations

   This document has no IANA actions.  The collaboration section uses
   key 22 as defined in the main architecture document.

10.  References

10.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, May 2017,
              <https://www.rfc-editor.org/info/rfc8174>.

   [RFC9052]  Schaad, J., "CBOR Object Signing and Encryption (COSE):
              Structures and Process", STD 96, RFC 9052, August 2022,
              <https://www.rfc-editor.org/info/rfc9052>.

10.2.  Informative References

   [I-D.condrey-rats-pop]
              Condrey, D., "Proof of Process: An Evidence Framework for
              Digital Authorship Attestation", Work in Progress,
              Internet-Draft, draft-condrey-rats-pop-00,
              <https://datatracker.ietf.org/doc/html/draft-condrey-rats-
              pop-00>.

Author's Address

   David Condrey
   Writerslogic Inc
   United States
   Email: david@writerslogic.com








Condrey                  Expires 10 August 2026                 [Page 9]
