2.1 Introduction

The base format is an array of JavaScript Object Notation (JSON) objects. Each object represents a single secure sub-system device and is signed to allow cryptographic verification of its origin. The format is intentionally "flattened," meaning that common information is repeated for each secure sub-system device. This approach facilitates parallel processing of manifest files and allows for the division of entries into smaller manifests when necessary.

This format leverages the JavaScript Object Signing and Encryption (JOSE) standards to represent keys (using JSON Web Key – JWK), certificates (using the x5c member in a JWK) and to provide signing capabilities (using JSON Web Signature – JWS).

Within the object definitions, member values may reference the name of another JSON object or may simply be example values.