ietf-draft-analyzer/workspace/draft-team/cycles/dynamic-trust-and-reputation/55-review-synthesis-v1.md

Review Synthesis

Blocking findings

• Add an explicit conformance rule that portable trust assertions require authenticated origin and integrity protection; unauthenticated portable assertions must not be treated as conformant input.
• Tighten stale-data handling so clearly expired assertions are rejected rather than merely "downgraded" at implementer discretion.
• Define a firmer minimum portable data shape for trust assertions, including explicit model identification.

Major findings

• Clarify whether trust-event interoperability is core to the document or whether trust events are primarily feeder objects for portable assertions.
• Strengthen the handling of negative assertions by requiring either evidence reference or explanation code when such assertions are exchanged portably.
• Clarify revocation versus supersession.
• Add one compact example of conflicting assertions from different issuers to make receiver processing easier to implement.

Minor findings

• Tighten abstract wording around scoped issuer opinion.
• Make a few terminology definitions more RFC-like.
• Reduce provisional tone in IANA and dependency text.

Conflicts resolved

• No major reviewer conflict exists. All reviewers support the narrow scope.
• The only tension is between remaining model-agnostic and becoming implementable. Resolution: keep algorithm choice open, but define a stronger minimum portable assertion envelope and clearer stale-data behavior.