Open Issues Need Help
View All on GitHubAI Summary: This GitHub issue proposes the creation of a `compliance.txt` file, to be hosted at `/.well-known/`, serving as a standardized discovery layer for an organization's compliance proofs. Currently, there's no unified way for verifiers to discover what an organization can prove from their domain, leading to inefficient out-of-band coordination. This new file aims to provide a machine-readable way to point to compliance-related evidence, similar to how `security.txt` or `did.json` function.
Complexity:
3/5
enhancement good first issue
Compliance trust shouldn't require emailing PDFs and hoping nobody tampered with them. Corsair signs compliance findings as verifiable digital certificates that anyone can check with a standard JWT library.
TypeScript
#bun#compliance#did-web#ed25519#grc#jwt#scitt#soc2#typescript#verifiable-credentials