Question
BCR-2026-006 defines signature context predicates (signingAs, signatureContext, delegatedBy, delegationChain) for expressing the capacity and context in which a signature is made.
BCR-2024-009 defines a pattern for attaching metadata to signatures using double-signing: the outer signature signs both the original content and the metadata on the inner Signature object.
Where should signature context predicates be applied?
Option 1: Assertions on the signer XID
{
Digest(document) [
'signed': Signature
]
} [
'signingAs': "CEO"
'onBehalfOf': XID(corporation)
]
- Simpler structure
- Metadata is separate from the signature itself
- Currently shown in BCR-2026-006 examples
Option 2: Metadata on the Signature object (per BCR-2024-009)
{
Digest(document) [
'signed': {
Signature [
'signingAs': "CEO"
'onBehalfOf': XID(corporation)
]
} [
'signed': Signature
]
]
}
- Cryptographically binds context to the specific signature
- Requires double-signing pattern
- Matches established BCR-2024-009 pattern
Option 3: Either pattern with guidance
Document when to use each approach based on use case requirements.
Context
This affects how BCR-2026-006 examples should be written and what guidance we give implementers.
/cc @wolfmcnally
Question
BCR-2026-006 defines signature context predicates (
signingAs,signatureContext,delegatedBy,delegationChain) for expressing the capacity and context in which a signature is made.BCR-2024-009 defines a pattern for attaching metadata to signatures using double-signing: the outer signature signs both the original content and the metadata on the inner Signature object.
Where should signature context predicates be applied?
Option 1: Assertions on the signer XID
Option 2: Metadata on the Signature object (per BCR-2024-009)
Option 3: Either pattern with guidance
Document when to use each approach based on use case requirements.
Context
This affects how BCR-2026-006 examples should be written and what guidance we give implementers.
/cc @wolfmcnally