Skip to main content

Installable ADR and SPEC extension pack for digital-signature and container governance.

Project description

digital-signature-governance-pack

PyPI version Downloads Hits Python versions License CI

GitHub repo

digital-signature-governance-pack is an SSOT Registry pack for digital-signature, advanced electronic signature, container, timestamping, validation, archival, and assurance-language governance.

It gives product, platform, and compliance teams a reusable ADR/SPEC starting point for repositories that need to govern PAdES, XAdES, CAdES, ASiC-S, ASiC-E, validation reports, timestamping, certificate and revocation handling, long-term archival evidence, and constrained eIDAS-facing claim language.

What Is An SSOT Registry Pack?

An SSOT Registry pack is an installable package of governed Architecture Decision Records (ADRs) and Specifications (SPECs) for ssot-registry. The pack supplies reusable decision and requirement documents that downstream repositories can synchronize into their local .ssot registry and link to features, tests, claims, evidence, and releases.

Why This Pack Exists

Digital-signature governance crosses technical standards, cryptographic evidence, validation semantics, archival policy, and assurance wording. Teams need one reviewed source for the decisions and requirements that shape signature-family support, timestamping, validation reports, certificate and revocation handling, long-term evidence, and regulated claim language.

This pack helps teams:

  • apply reviewed digital-signature governance requirements across projects
  • distinguish signature family, baseline level, container, validation, timestamping, and archival requirements
  • keep assurance and regulatory language tied to explicit evidence boundaries
  • give product, platform, compliance, and implementation teams stable ADR and SPEC IDs
  • connect downstream features, tests, claims, evidence, and releases to shared governance records

Domain Focus

The initial review surface is grounded in TrustSig's signature_and_container_standards_matrix.md and covers:

  • ETSI PAdES, XAdES, CAdES, and ASiC family standards
  • baseline levels B-B, B-T, B-LT, and B-LTA
  • PDF signature standards and ISO PDF extensions
  • W3C XML Signature and canonicalization surfaces
  • CMS, timestamping, PKIX, OCSP, ERS, XMLERS, and related RFCs
  • validation result and validation report modeling
  • cryptographic suite policy and algorithm allowlists
  • regulatory-language boundaries for eIDAS-related claims

Included ADRs

  • adr:0900 digital-signature standards targets are reviewed before governance inclusion

Included SPECs

  • spc:0900 digital-signature governance target review

Proposed ADR And SPEC Set

The first detailed proposal is documented in:

Digital Signature ADR/SPEC Proposal

The source standards matrix copied from TrustSig is available at:

Signature and Container Standards Matrix

Install With uv

Install the pack into a project environment:

uv add digital-signature-governance-pack

Install it alongside the SSOT Registry CLI:

uv add ssot-registry digital-signature-governance-pack

Run without adding dependencies to a project:

uvx --from ssot-registry --with digital-signature-governance-pack ssot --help

Install With The SSOT Registry Pack CLI

Pack-enabled SSOT Registry environments can install and synchronize packs through the pack command surface:

uvx --from ssot-registry ssot pack install digital-signature-governance-pack
uvx --from ssot-registry ssot pack sync . digital-signature-governance-pack

Use With The SSOT Registry CLI

After the pack is installed in the same environment as ssot-registry, synchronize ADRs and SPECs into a target repository:

uv run ssot adr sync .
uv run ssot spec sync .

Review the synchronized governance surface:

uv run ssot adr list .
uv run ssot spec list .
uv run ssot spec get . --id spc:0900

Use the IDs from this pack when linking project features, tests, claims, and release evidence in your local .ssot registry.

Programmatic Usage

from digital_signature_governance_pack import load_document_manifest, read_packaged_document_text

adr_manifest = load_document_manifest("adr")
spec_manifest = load_document_manifest("spec")

print(adr_manifest[0]["id"])
print(spec_manifest[0]["id"])

text = read_packaged_document_text("spec", "SPEC-0900-digital-signature-governance-target-review.yaml")
print(text[:120])

Resources

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

digital_signature_governance_pack-0.1.3.tar.gz (14.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file digital_signature_governance_pack-0.1.3.tar.gz.

File metadata

File hashes

Hashes for digital_signature_governance_pack-0.1.3.tar.gz
Algorithm Hash digest
SHA256 0638546aefc51dfcbb5bbf3d3e7846c49e51992af15e70896824a4be0348fde4
MD5 ba04d9bbd58e142b1be274bd774559b3
BLAKE2b-256 a813e2fb58c107f8c3540d4b8c9558800816abb9d9161d0a674d1ff9a5578dae

See more details on using hashes here.

Provenance

The following attestation bundles were made for digital_signature_governance_pack-0.1.3.tar.gz:

Publisher: publish.yml on groupsum/digital-signature-governance-pack

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file digital_signature_governance_pack-0.1.3-py3-none-any.whl.

File metadata

File hashes

Hashes for digital_signature_governance_pack-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 f3508bf52afae29202f5211f3ca0b7535fb6febc9111ebaf7f39fd21c34f3d8e
MD5 c1f6bf1051d66d01bb831828946a1fa3
BLAKE2b-256 7e2386d41fa632a98ea9bbbc1f333e1d3c13ee621b09bb36db6eb692a43b784b

See more details on using hashes here.

Provenance

The following attestation bundles were made for digital_signature_governance_pack-0.1.3-py3-none-any.whl:

Publisher: publish.yml on groupsum/digital-signature-governance-pack

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page