From 3c7c68b7d9ef4b97ea4bc5db51bac6caa844e8fb Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Mon, 29 Dec 2025 14:14:56 -0700 Subject: [PATCH 1/8] start to add reciever info --- openid-caep-interoperability-profile-1_0.md | 78 ++++++++++++++++----- 1 file changed, 61 insertions(+), 17 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 4b19aec..5bd5c7b 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -154,7 +154,8 @@ transmitter APIs, as per [RFC6125]{{RFC6125}}. ## CAEP specification version -This specification supports CAEP {{CAEP}} events from OpenID Continuous Access Evaluation Profile 1.0. +This specification supports CAEP {{CAEP}} events from OpenID Continuous Access +Evaluation Profile 1.0. ## Transmitters {#common-transmitters} @@ -170,7 +171,7 @@ value MUST be `1_0` or greater The Transmitter Configuration Metadata MUST include the `delivery_methods_supported` field. -### JWKS URI {#jwks-uri} +### JWKS URI {#transmitter-jwks-uri} The Transmitter Configuration Metadata MUST include the `jwks_uri` field, and its value MUST provide the current signing key of the Transmitter. @@ -213,11 +214,11 @@ field and its value MUST include the value } ~~~ -### Streams {#common-stream-configuration} +### Streams {#transmitter-common-stream-configuration} -In all streams created by the Transmitter, the following MUST be true: +For all streams requests received by the Trasmitter, the following MUST be true: -#### Delivery {#common-delivery} +#### Delivery {#transmitter-common-delivery} A Transmitter MUST be able to accept a Create Stream request that includes either of the following delivery methods: @@ -239,33 +240,76 @@ authorization with the Transmitter. The Transmitter MAY support multiple streams with the same Receiver **Reading Stream Configuration** -: A Receiver MUST be able to obtain current Stream configuration from the -Transmitter by providing a valid authorization +: A Transmitter MUST be able to provide current Stream configuration to the +Receiver when requested with valid authorization **Getting the Stream Status** -: A Receiver MUST be able to obtain the current Stream status from the -Transmitter by providing a valid authorization +: A Transmitter MUST be able to provide the current Stream status to the +Receiver when requested with valid authorization **Stream Verification** -: A Receiver MUST be able to verify the liveness of the Stream by requesting -that the Transmitter send it a Stream Verification event by providing a valid -authorization +: A Transmitter MUST be able to support a Stream Verification event from a +Receiver when requested with valid authorization. -## Receivers {#common-receivers} +## Receivers Receivers MUST implement the following features: ### Delivery Methods {#common-receiver-delivery} -Receivers MUST be able to accept events using the Push-Based Security Event -Token (SET) Delivery Using HTTP {{RFC8935}} specification and the Poll-Based -Security Event Token (SET) Delivery Using HTTP {{RFC8936}} specification. +Receivers MUST be able to accept events using: + +* Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} +* Poll-Based Security Event Token (SET) Delivery Using HTTP {{RFC8936}} + +### JWKS URI {#receiver-jwks-uri} + +The Receiver MUST obtain the signature key through the "jwks_uri" from the +Transmitters Configuration Metadata as defined in Section 7.1 of {{SSF}} + +### Authorization Schemes {#receivers-authorization-schemes} + +The Receiver MUST use OAuth 2.0 {{RFC6749}} as the authorization when making +requests to the Transmitter's stream configuration APIs. ### Implicitly Added Subjects {#common-receiver-subjects} -Receivers MUST assume that all subjects are implicitly included in a Stream, +The Receiver MUST assume that all subjects are implicitly included in a Stream, without any `AddSubject` method invocations. +### Streams {#receiver-common-stream-configuration} + +In all streams created by the Receiver, the following MUST be true: + +#### Delivery {#common-delivery} + +A Receiver MUST send a Create Stream request that includes +either of the following delivery methods: + +* urn:ietf:rfc:8935 (Push) +* urn:ietf:rfc:8936 (Poll) + +#### Stream Control {#receivers-stream-control} + +The following Stream Configuration API Methods MUST be supported: + +**Creating a Stream** +: Receivers MUST be able to create a Stream with the Transmitter using valid +authorization. + +**Reading Stream Configuration** +: A Receiver MUST be able to obtain current Stream configuration from the +Transmitter using valid authorization + +**Getting the Stream Status** +: A Receiver MUST be able to obtain the current Stream status from the +Transmitter using valid authorization + +**Stream Verification** +: A Receiver MUST be able to verify the liveness of the Stream by requesting +that the Transmitter send a Stream Verification event using valid +authorization + ## Event Subjects {#common-event-subjects} The following subject identifier formats from "Subject Identifiers for Security From 7a3c6d3ef45fe1346fcdbf9956e45e61268653f2 Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Mon, 29 Dec 2025 14:17:06 -0700 Subject: [PATCH 2/8] typo --- openid-caep-interoperability-profile-1_0.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 5bd5c7b..0312da9 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -216,7 +216,7 @@ field and its value MUST include the value ### Streams {#transmitter-common-stream-configuration} -For all streams requests received by the Trasmitter, the following MUST be true: +For all streams requests received by the Transmitter, the following MUST be true: #### Delivery {#transmitter-common-delivery} @@ -240,7 +240,7 @@ authorization with the Transmitter. The Transmitter MAY support multiple streams with the same Receiver **Reading Stream Configuration** -: A Transmitter MUST be able to provide current Stream configuration to the +: A Transmitter MUST be able to provide current Stream configuration to the Receiver when requested with valid authorization **Getting the Stream Status** From c1c177d24d53de9b210d1fd7e1954a1ff158ad43 Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Mon, 5 Jan 2026 09:20:48 -0700 Subject: [PATCH 3/8] add delete requirements --- openid-caep-interoperability-profile-1_0.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 0312da9..700cd55 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -251,7 +251,12 @@ Receiver when requested with valid authorization : A Transmitter MUST be able to support a Stream Verification event from a Receiver when requested with valid authorization. -## Receivers +**Deleting a Stream** +: A Transmitter MUST support a Stream deletion request from a Receiver +to its Configuration Endpoint, as defined in {{SSF}} Section 8.1.1.5, when +requested with valid authorization. + +## Receivers {#common-receivers} Receivers MUST implement the following features: @@ -310,6 +315,11 @@ Transmitter using valid authorization that the Transmitter send a Stream Verification event using valid authorization +**Deleting a Stream** +: Receivers MUST be able to delete a Stream by making a delete request to the +Transmitter's Configuration Endpoint, as defined in {{SSF}} Section 8.1.1.5, +using valid authorization. + ## Event Subjects {#common-event-subjects} The following subject identifier formats from "Subject Identifiers for Security From 43fdfe7bef8025e00c441ad4dea69d4428921198 Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Tue, 27 Jan 2026 12:27:32 -0700 Subject: [PATCH 4/8] rewording with review comments --- openid-caep-interoperability-profile-1_0.md | 174 ++++++++++++-------- 1 file changed, 105 insertions(+), 69 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 700cd55..4d3cbf4 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -159,12 +159,12 @@ Evaluation Profile 1.0. ## Transmitters {#common-transmitters} -Transmitters MUST implement the following features: +Transmitters MUST implement the following features. ### Spec Version {#spec-version} -The Transmitter Configuration Metadata MUST have a `spec_version` field, and its -value MUST be `1_0` or greater +The Transmitter Configuration Metadata MUST include a `spec_version` field, and +its value MUST be `1_0` or greater. ### Delivery Method {#delivery-method} @@ -174,108 +174,130 @@ The Transmitter Configuration Metadata MUST include the ### JWKS URI {#transmitter-jwks-uri} The Transmitter Configuration Metadata MUST include the `jwks_uri` field, and -its value MUST provide the current signing key of the Transmitter. +upon resolution, its value MUST provide the current signing key(s) of the +Transmitter. ### Configuration Endpoint {#configuration-endpoint} The Transmitter Configuration Metadata MUST include the `configuration_endpoint` -field. The specified endpoint MUST support the `POST` method in order to be able -to create a stream. +field as defined in {{SSF}} Section 7.1. + +The endpoint identified by configuration_endpoint is used to perform Stream +Configuration operations as defined in {{SSF}} Section 8.1.1. ### Status Endpoint {#status-endpoint} The Transmitter Configuration Metadata MUST include the `status_endpoint` field. -The specified endpoint MUST support the `GET` and `POST` methods in order to get -and update the stream status respectively. The Transmitter MUST support the -following values in an Update Stream Status request: + +The endpoint identified by status_endpoint MUST support Read Stream Status (HTTP +GET) and Update Stream Status (HTTP POST) operations as defined in {{SSF}} +Sections 8.1.2.1 and 8.1.2.2 respectively. + +The Transmitter MUST support the following values in an Update Stream Status +request: * `enabled` * `paused` * `disabled` -For streams that are `paused`, the Transmitter MUST specify (offline) the -resource constraints on how many events it can keep, or for how long. The way a -Transmitter specifies this information is outside the scope of the SSF spec. +For streams that are `paused`, the Transmitter MUST specify (out-of-band) any +resource constraints on how many events it can retain or for how long. The +mechanism for conveying this information is outside the scope of this profile. ### Verification Endpoint {#verification-endpoint} The Transmitter Configuration Metadata MUST include the `verification_endpoint` -field. The specified endpoint MUST provide a way to request verification events -to be sent. +field. + +The endpoint identified by `verification_endpoint` MUST support Stream +Verification as defined in {{SSF}} Section 8.1.4. ### Authorization Schemes The Transmitter Configuration Metadata MUST include the `authorization_schemes` -field and its value MUST include the value +field and its value MUST include the value: -~~~json +```json { - "spec_urn": "urn:ietf:rfc:6749" + "spec_urn": "urn:ietf:rfc:6749" } -~~~ +``` ### Streams {#transmitter-common-stream-configuration} -For all streams requests received by the Transmitter, the following MUST be true: +This profile defines additional interoperability requirements for specific SSF +Stream Management API operations. Transmitters MUST support all mandatory +behaviors defined by {{SSF}}, in addition to the requirements specified in this +section. + +For all Stream Management API requests received by the Transmitter, the +following MUST be true. #### Delivery {#transmitter-common-delivery} -A Transmitter MUST be able to accept a Create Stream request that includes -either of the following delivery methods: +The Transmitter MUST support Create Stream requests whose `delivery.method` is +set to one of the following values: + +* `urn:ietf:rfc:8935` (Push) +* `urn:ietf:rfc:8936` (Poll) -* urn:ietf:rfc:8935 (Push) -* urn:ietf:rfc:8936 (Poll) +When a Receiver makes a Create Stream request as defined in {{SSF}} Section +8.1.1.1 with valid authorization, the Transmitter MUST process the request as +specified in {{SSF}}. -The `delivery` field MUST be present in the Configuration of any Stream -generated by the Transmitter, and its value MUST include one of the two delivery -methods listed above. +Upon successful creation of a Stream, the Transmitter MUST include a `delivery` +field in the resulting Stream Configuration, and its `method` value MUST be one +of the delivery methods listed above. #### Stream Control -The following Stream Configuration API Methods MUST be supported: +*Create Stream** +: The Transmitter MUST support the Create Stream operation as defined in +{{SSF}} Section 8.1.1.1 when invoked by a Receiver with valid authorization. -**Creating a Stream** -: Receivers MUST be able to create a Stream with the Transmitter using valid -authorization with the Transmitter. The Transmitter MAY support multiple streams -with the same Receiver +**Read Stream Configuration** +: The Transmitter MUST support the Read Stream Configuration operation as +defined in {{SSF}} Section 8.1.1.2 when invoked by a Receiver with valid +authorization. -**Reading Stream Configuration** -: A Transmitter MUST be able to provide current Stream configuration to the -Receiver when requested with valid authorization +**Get Stream Status** +: The Transmitter MUST support the Read Stream Status operation as defined in +{{SSF}} Section 8.1.2.1 when invoked by a Receiver with valid authorization. -**Getting the Stream Status** -: A Transmitter MUST be able to provide the current Stream status to the -Receiver when requested with valid authorization +**Update Stream Status** +: The Transmitter MUST support the Update Stream Status operation as defined in +{{SSF}} Section 8.1.2.2 when invoked by a Receiver with valid authorization. **Stream Verification** -: A Transmitter MUST be able to support a Stream Verification event from a -Receiver when requested with valid authorization. +: The Transmitter MUST support Stream Verification as defined in +{{SSF}} Section 8.1.4.2 and MUST generate a Verification Event as defined in +{{SSF}} Section 8.1.4.1 when requested by a Receiver with valid authorization. **Deleting a Stream** -: A Transmitter MUST support a Stream deletion request from a Receiver -to its Configuration Endpoint, as defined in {{SSF}} Section 8.1.1.5, when -requested with valid authorization. +: The Transmitter MUST support the Delete Stream operation as defined in +{{SSF}} Section 8.1.1.5 when invoked by a Receiver with valid authorization. ## Receivers {#common-receivers} -Receivers MUST implement the following features: +Receivers MUST implement the following features. ### Delivery Methods {#common-receiver-delivery} -Receivers MUST be able to accept events using: +Receivers MUST be able to accept events using at least one of the following +delivery mechanisms: * Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} * Poll-Based Security Event Token (SET) Delivery Using HTTP {{RFC8936}} ### JWKS URI {#receiver-jwks-uri} -The Receiver MUST obtain the signature key through the "jwks_uri" from the -Transmitters Configuration Metadata as defined in Section 7.1 of {{SSF}} +The Receiver MUST obtain the Transmitter’s signing key(s) using the `jwks_uri` +from the Transmitter Configuration Metadata, as defined in {{SSF}} Section 7.1. ### Authorization Schemes {#receivers-authorization-schemes} -The Receiver MUST use OAuth 2.0 {{RFC6749}} as the authorization when making -requests to the Transmitter's stream configuration APIs. +The Receiver MUST use OAuth 2.0 {{RFC6749}} when making Stream Management API +requests to the Transmitter. ### Implicitly Added Subjects {#common-receiver-subjects} @@ -284,41 +306,55 @@ without any `AddSubject` method invocations. ### Streams {#receiver-common-stream-configuration} -In all streams created by the Receiver, the following MUST be true: +This profile defines additional interoperability requirements for specific SSF +Stream Management API operations. Receivers MUST support all mandatory +behaviors defined by {{SSF}}, in addition to the requirements specified in this +section. + +For Stream Management API requests initiated by the Receiver, and for Streams +created by the Receiver, the following MUST be true. #### Delivery {#common-delivery} -A Receiver MUST send a Create Stream request that includes -either of the following delivery methods: +When creating a Stream using the Create Stream operation defined in {{SSF}} +Section 8.1.1.1, the Receiver MUST include a `delivery` object whose `method` +value is one of the following or omit the value. + +* `urn:ietf:rfc:8935` (Push) +* `urn:ietf:rfc:8936` (Poll) -* urn:ietf:rfc:8935 (Push) -* urn:ietf:rfc:8936 (Poll) +If the Create Stream request does not include the `delivery` property, it is +assumed to be delivery method of `urn:ietf:rfc:8936` (Poll), as +defined in {{SSF}}. #### Stream Control {#receivers-stream-control} -The following Stream Configuration API Methods MUST be supported: +The following Stream Management operations MUST be supported by the Receiver. -**Creating a Stream** -: Receivers MUST be able to create a Stream with the Transmitter using valid -authorization. +**Create Stream** +: The Receiver MUST be able to invoke the Create Stream operation as defined in +{{SSF}} Section 8.1.1.1 using valid authorization. + +**Read Stream Configuration** +: The Receiver MUST be able to invoke the Read Stream Configuration operation as +defined in {{SSF}} Section 8.1.1.2 using valid authorization. -**Reading Stream Configuration** -: A Receiver MUST be able to obtain current Stream configuration from the -Transmitter using valid authorization +**Get Stream Status** +: The Receiver MUST be able to invoke the Read Stream Status operation as +defined in {{SSF}} Section 8.1.2.1 using valid authorization. -**Getting the Stream Status** -: A Receiver MUST be able to obtain the current Stream status from the -Transmitter using valid authorization +**Update Stream Status** +: The Receiver MUST be able to invoke the Update Stream Status operation as +defined in {{SSF}} Section 8.1.2.2 using valid authorization. **Stream Verification** -: A Receiver MUST be able to verify the liveness of the Stream by requesting -that the Transmitter send a Stream Verification event using valid -authorization +: The Receiver MUST be able to initiate Stream Verification as defined in +{{SSF}} Section 8.1.4.2 using valid authorization, and MUST be able to process +the resulting Verification Event as defined in {{SSF}} Section 8.1.4.1. **Deleting a Stream** -: Receivers MUST be able to delete a Stream by making a delete request to the -Transmitter's Configuration Endpoint, as defined in {{SSF}} Section 8.1.1.5, -using valid authorization. +: The Receiver MUST be able to invoke the Delete Stream operation as defined in +{{SSF}} Section 8.1.1.5 using valid authorization. ## Event Subjects {#common-event-subjects} From 184b3c0fa0a3a04cace1e464c4c52bef48e55918 Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Tue, 27 Jan 2026 12:34:48 -0700 Subject: [PATCH 5/8] fix typos --- openid-caep-interoperability-profile-1_0.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 4d3cbf4..5b4b8bf 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -182,7 +182,7 @@ Transmitter. The Transmitter Configuration Metadata MUST include the `configuration_endpoint` field as defined in {{SSF}} Section 7.1. -The endpoint identified by configuration_endpoint is used to perform Stream +The endpoint identified by `configuration_endpoint` is used to perform Stream Configuration operations as defined in {{SSF}} Section 8.1.1. ### Status Endpoint {#status-endpoint} @@ -251,7 +251,7 @@ of the delivery methods listed above. #### Stream Control -*Create Stream** +**Create Stream** : The Transmitter MUST support the Create Stream operation as defined in {{SSF}} Section 8.1.1.1 when invoked by a Receiver with valid authorization. @@ -283,8 +283,8 @@ Receivers MUST implement the following features. ### Delivery Methods {#common-receiver-delivery} -Receivers MUST be able to accept events using at least one of the following -delivery mechanisms: +Receivers MUST be able to accept events using any one of the two delivery +mechanisms: * Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} * Poll-Based Security Event Token (SET) Delivery Using HTTP {{RFC8936}} @@ -318,7 +318,7 @@ created by the Receiver, the following MUST be true. When creating a Stream using the Create Stream operation defined in {{SSF}} Section 8.1.1.1, the Receiver MUST include a `delivery` object whose `method` -value is one of the following or omit the value. +value is one of the following, or omit the `delivery` object. * `urn:ietf:rfc:8935` (Push) * `urn:ietf:rfc:8936` (Poll) From fef52c0f047bcf9fb8cb6455474cf917bf9f6af5 Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Wed, 4 Feb 2026 09:04:05 -0700 Subject: [PATCH 6/8] remove update --- openid-caep-interoperability-profile-1_0.md | 24 ++------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 5b4b8bf..0733d03 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -189,20 +189,8 @@ Configuration operations as defined in {{SSF}} Section 8.1.1. The Transmitter Configuration Metadata MUST include the `status_endpoint` field. -The endpoint identified by status_endpoint MUST support Read Stream Status (HTTP -GET) and Update Stream Status (HTTP POST) operations as defined in {{SSF}} -Sections 8.1.2.1 and 8.1.2.2 respectively. - -The Transmitter MUST support the following values in an Update Stream Status -request: - -* `enabled` -* `paused` -* `disabled` - -For streams that are `paused`, the Transmitter MUST specify (out-of-band) any -resource constraints on how many events it can retain or for how long. The -mechanism for conveying this information is outside the scope of this profile. +The endpoint identified by status_endpoint MUST support the Read Stream Status +(HTTP GET) operation as defined in {{SSF}} Sections 8.1.2.1. ### Verification Endpoint {#verification-endpoint} @@ -264,10 +252,6 @@ authorization. : The Transmitter MUST support the Read Stream Status operation as defined in {{SSF}} Section 8.1.2.1 when invoked by a Receiver with valid authorization. -**Update Stream Status** -: The Transmitter MUST support the Update Stream Status operation as defined in -{{SSF}} Section 8.1.2.2 when invoked by a Receiver with valid authorization. - **Stream Verification** : The Transmitter MUST support Stream Verification as defined in {{SSF}} Section 8.1.4.2 and MUST generate a Verification Event as defined in @@ -343,10 +327,6 @@ defined in {{SSF}} Section 8.1.1.2 using valid authorization. : The Receiver MUST be able to invoke the Read Stream Status operation as defined in {{SSF}} Section 8.1.2.1 using valid authorization. -**Update Stream Status** -: The Receiver MUST be able to invoke the Update Stream Status operation as -defined in {{SSF}} Section 8.1.2.2 using valid authorization. - **Stream Verification** : The Receiver MUST be able to initiate Stream Verification as defined in {{SSF}} Section 8.1.4.2 using valid authorization, and MUST be able to process From 26f34f8f7c28e9b3b44e07958abe6eb02e58409a Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Mon, 9 Feb 2026 14:18:25 -0700 Subject: [PATCH 7/8] review comments --- openid-caep-interoperability-profile-1_0.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 0733d03..1def3a2 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -182,8 +182,8 @@ Transmitter. The Transmitter Configuration Metadata MUST include the `configuration_endpoint` field as defined in {{SSF}} Section 7.1. -The endpoint identified by `configuration_endpoint` is used to perform Stream -Configuration operations as defined in {{SSF}} Section 8.1.1. +The endpoint identified by `configuration_endpoint` is used to perform the +Create Stream operation as defined in {{SSF}} Section 8.1.1. ### Status Endpoint {#status-endpoint} @@ -268,7 +268,7 @@ Receivers MUST implement the following features. ### Delivery Methods {#common-receiver-delivery} Receivers MUST be able to accept events using any one of the two delivery -mechanisms: +methods: * Push-Based Security Event Token (SET) Delivery Using HTTP {{RFC8935}} * Poll-Based Security Event Token (SET) Delivery Using HTTP {{RFC8936}} From 38da9f553d1ea5c9f2e37ab7e908a78cc6438cef Mon Sep 17 00:00:00 2001 From: Jen Schreiber Date: Thu, 12 Feb 2026 17:01:54 -0700 Subject: [PATCH 8/8] fix wording --- openid-caep-interoperability-profile-1_0.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/openid-caep-interoperability-profile-1_0.md b/openid-caep-interoperability-profile-1_0.md index 1def3a2..c8aadbb 100644 --- a/openid-caep-interoperability-profile-1_0.md +++ b/openid-caep-interoperability-profile-1_0.md @@ -213,10 +213,9 @@ field and its value MUST include the value: ### Streams {#transmitter-common-stream-configuration} -This profile defines additional interoperability requirements for specific SSF -Stream Management API operations. Transmitters MUST support all mandatory -behaviors defined by {{SSF}}, in addition to the requirements specified in this -section. +Transmitters MUST support all required properties and API contracts defined by +{{SSF}} Stream Management API operations, in addition to the requirements +specified in this section. For all Stream Management API requests received by the Transmitter, the following MUST be true. @@ -290,10 +289,9 @@ without any `AddSubject` method invocations. ### Streams {#receiver-common-stream-configuration} -This profile defines additional interoperability requirements for specific SSF -Stream Management API operations. Receivers MUST support all mandatory -behaviors defined by {{SSF}}, in addition to the requirements specified in this -section. +Receivers MUST support all required properties and API contracts defined by +{{SSF}} Stream Management API operations, in addition to the requirements +specified in this section. For Stream Management API requests initiated by the Receiver, and for Streams created by the Receiver, the following MUST be true.