Address domain sovereignty concerns in Identity Resolver specification (!627) · Merge requests · United Nations / UNECE / UNCEFACT / spec-untp

Harley Thomas requested to merge domain-sovereignty into main Feb 09, 2026

This MR addresses concerns raised in issue #269 (closed) regarding domain sovereignty and assumptions about URL patterns, link types, and media types in the Identity Resolver specification.

Key Changes:

Added warning box after "Common Requirements" alerting readers early to domain sovereignty principles with link to detailed guidance
Added comprehensive "Domain Sovereignty and URI Interpretation" section before Requirements, covering:

IETF BCP 190 principles
Verification approach for clients
Best practices for resolver operators and clients

Updated "Resolution mechanism" to emphasize that URL structure conformance doesn't guarantee IDR service and recommend /.well-known/resolver verification
Added clarifying notes in IDR LinkSet Response section about link type/media type being hints, not guarantees
Added requirement IDR-14 formalizing domain sovereignty awareness obligations

Impact:

Clarifies that link types and media types are hints, not guarantees of content
Emphaises need to validate actual content after dereferencing
Highlights /.well-known/resolver as proper service declaration method (ISO/IEC 18975)
Provides concrete examples of why assumptions are dangerous
Maintains spec readability by placing detailed guidance after conceptual model

Closes #269 (closed)

Address domain sovereignty concerns in Identity Resolver specification

Merge request reports