Skip to content

cynsta/aap-spec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
conformance
conformance
 
 
docs
docs
 
 
schemas
schemas
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 

Repository files navigation

AAP Core Specification (aap-spec)

Normative specification repository for the AAP Core tamper-evident evidence package standard.

aap-spec is implementation-neutral. It defines the wire format, integrity model, and conformance artifacts required for interoperable package creation and verification.

Reference implementation code lives in ../aap-python and is explicitly non-normative.

What This Repository Contains

  • Normative standard text (docs/STANDARD.md)
  • Versioned JSON Schemas (schemas/)
  • Conformance vectors for validation tooling (conformance/)

Scope

In scope:

  • Package structure and required artifacts
  • Manifest schema and semantic requirements
  • Integrity and linkage requirements (hashes, chains, Merkle roots, timestamp evidence)
  • Profile extension model and compatibility expectations

Out of scope:

  • Any single required language runtime, SDK, or CLI
  • Product-specific profile semantics beyond core extension rules
  • Policy decisions outside of core format verification

Repository Layout

  • docs/STANDARD.md: normative AAP Core v1.0 specification
  • schemas/manifest-1.0.schema.json: normative manifest schema
  • schemas/profile-*.schema.json: profile schema extensions
  • conformance/manifest/cases.json: canonical conformance case index
  • conformance/manifest/valid/*.json: positive vectors
  • conformance/manifest/invalid/*.json: negative vectors

Versioning and Compatibility

  • Spec and schema versions are aligned within a major line (1.x).
  • Backward-incompatible changes require a new major version.
  • Backward-compatible clarifications and additive constraints are published as minor/patch updates.

Conformance Expectations

An implementation is considered AAP Core compatible for a given version when it:

  1. Produces manifests that validate against the matching JSON Schema.
  2. Satisfies all normative requirements in docs/STANDARD.md.
  3. Passes applicable vectors under conformance/.

Related Repositories

  • ../aap-python: Python reference implementation and CLI

Governance

  • Spec status: Draft, normative for v1.0 artifacts in this repository
  • Stewardship: Cynsta (https://cynsta.com)
  • Contribution process: CONTRIBUTING.md
  • Security reporting: SECURITY.md
  • Release notes: CHANGELOG.md

License

This project is licensed under the MIT License. See LICENSE for the full text.

About

Normative AAP Core specification, schemas, and conformance vectors

Topics

json-schema specification standard digital-forensics aap audit-trail conformance tamper-evident

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors