| Internet-Draft | SPICE Traceability CWT Claims | November 2024 |
| Prorock | Expires 9 May 2025 | [Page] |
This document proposes additional claims for CBOR Web Tokens (CWT) to support traceability of physical goods across supply chains, focusing on items such as bills of lading, transport modes, and container manifests. These claims aim to standardize the encoding of essential logistics and transport metadata, facilitating enhanced transparency and accountability in global supply chains.¶
This note is to be removed before publishing as an RFC.¶
The latest revision of this draft can be found at https://mprorock.github.io/draft-prorock-spice-cwt-traceability-claims/draft-prorock-spice-cwt-traceability-claims.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-prorock-spice-cwt-traceability-claims/.¶
Discussion of this document takes place on the Secure Patterns for Internet CrEdentials mailing list (mailto:spice@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/spice/. Subscribe at https://www.ietf.org/mailman/listinfo/spice/.¶
Source for this draft and an issue tracker can be found at https://github.com/mprorock/draft-prorock-spice-cwt-traceability-claims.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 9 May 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
This document defines a set of claims for CBOR Web Tokens (CWT) intended to enable the traceability of physical goods across various stages of transportation and storage. These claims capture critical information necessary for documenting the movement of goods in supply chains, thereby supporting regulatory compliance and operational efficiency.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
These claims are designed to enhance transparency in supply chain tracking but should be handled securely to prevent unauthorized access to sensitive data. Confidentiality and integrity of these claims must be considered, particularly when shared across untrusted or unsecured networks. Use of selective disclosure techniques and careful consideration of data minimization requirements SHOULD be considered when using these claims.¶
IANA is requested to add the following entries to the CWT claims registry (https://www.iana.org/assignments/cwt/cwt.xhtml).¶
The following completed registration template per RFC8392 is provided:¶
Name: product_id Label: TBD Value Type: text string Value Registry: (empty) Description: A unique identifier for the physical product(s) or shipment being tracked. May correspond to SKU, product ID, or batch number. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: shipment_id Label: TBD Value Type: text string Value Registry: (empty) Description: Unique identifier assigned to a specific shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: bill_of_lading_number Label: TBD Value Type: text string Value Registry: (empty) Description: Identifier for the bill of lading associated with the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: transport_mode Label: TBD Value Type: text string (recommended values: “air,” “sea,” “rail,” “truck”) Value Registry: (empty) Description: Mode of transport used for the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: container_id Label: TBD Value Type: text string Value Registry: (empty) Description: Unique identifier for the container used in the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: origin_location Label: TBD Value Type: text string Value Registry: (empty) Description: Geographical origin of the goods, represented as a location code (e.g., ISO country code) or specific address. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: destination_location Label: TBD Value Type: text string Value Registry: (empty) Description: Final destination of the goods in the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: carrier_id Label: TBD Value Type: text string Value Registry: (empty) Description: Identifier for the carrier or logistics provider responsible for the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: estimated_delivery_date Label: TBD Value Type: text string (ISO8601 format) Value Registry: (empty) Description: Expected delivery date for the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: customs_declaration_number Label: TBD Value Type: text string Value Registry: (empty) Description: Identifier for the customs declaration associated with the shipment. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: commodity_description Label: TBD Value Type: text string Value Registry: (empty) Description: Description of the commodity or goods being transported. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: hs_code Label: TBD Value Type: text string Value Registry: (empty) Description: Harmonized System (HS) code for the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: gross_weight Label: TBD Value Type: integer Value Registry: (empty) Description: Gross weight of the shipment, in kilograms. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: temperature_requirement_min Label: TBD Value Type: float Value Registry: (empty) Description: Minimum temperature (in Celsius) required for transport or storage of the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: temperature_requirement_max Label: TBD Value Type: float Value Registry: (empty) Description: Maximum temperature (in Celsius) required for transport or storage of the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: last_known_location Label: TBD Value Type: text string Value Registry: (empty) Description: Most recent location update for the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: tariff_code Label: TBD Value Type: text string Value Registry: (empty) Description: Tariff code applicable to the goods, including national tariff classifications or specific duty codes. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: country_of_origin Label: TBD Value Type: text string (ISO 3166-1 alpha-2 country code) Value Registry: (empty) Description: The country where the goods were produced or manufactured. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: customs_value Label: TBD Value Type: float Value Registry: (empty) Description: Declared value of the goods for customs purposes, typically in the transaction currency. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: currency_code Label: TBD Value Type: text string (ISO 4217 currency code) Value Registry: (empty) Description: Currency code for the customs value and other monetary amounts, as per ISO 4217. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: license_number Label: TBD Value Type: text string Value Registry: (empty) Description: License or permit number required for the import or export of the goods. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: sanctions_reference Label: TBD Value Type: text string Value Registry: (empty) Description: Reference to applicable sanctions lists or regulations affecting the goods or involved parties. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: legal_jurisdiction Label: TBD Value Type: text string Value Registry: (empty) Description: Legal jurisdiction(s) governing the transaction, represented as country codes or specific legal identifiers. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: importer_code Label: TBD Value Type: text string Value Registry: (empty) Description: Code identifying the importer, such as a VAT number or EORI number. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: exporter_code Label: TBD Value Type: text string Value Registry: (empty) Description: Code identifying the exporter, such as a VAT number or EORI number. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: incoterms Label: TBD Value Type: text string Value Registry: (empty) Description: International commercial terms defining responsibilities between buyer and seller, e.g., "FOB," "CIF." Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: regulatory_compliance_codes Label: TBD Value Type: array of text strings Value Registry: (empty) Description: Codes indicating compliance with specific regulations or standards (e.g., safety certifications, environmental standards). Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: additional_documents_required Label: TBD Value Type: array of text strings Value Registry: (empty) Description: List of additional documents required for customs clearance, such as certificates of origin or inspection reports. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: freight_charges Label: TBD Value Type: float Value Registry: (empty) Description: Transportation costs associated with the shipment, used for customs valuation. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: insurance_charges Label: TBD Value Type: float Value Registry: (empty) Description: Insurance costs for the shipment, used in determining customs value. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: packing_costs Label: TBD Value Type: float Value Registry: (empty) Description: Costs associated with packing the goods, relevant for customs valuation. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: place_of_loading Label: TBD Value Type: text string Value Registry: (empty) Description: Location where the goods were loaded for shipment, often a port or warehouse. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: place_of_discharge Label: TBD Value Type: text string Value Registry: (empty) Description: Location where the goods are scheduled to be unloaded. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: consignee_information Label: TBD Value Type: map Value Registry: (empty) Description: Information about the consignee, including name, address, and contact details. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: consignor_information Label: TBD Value Type: map Value Registry: (empty) Description: Information about the consignor, including name, address, and contact details. Reference: RFC XXXX¶
The following completed registration template per RFC8392 is provided:¶
Name: customs_declaration_date Label: TBD Value Type: text string (ISO8601 date format) Value Registry: (empty) Description: Date when the customs declaration was made. Reference: RFC XXXX¶
TODO acknowledge.¶