## Data Package Digest File
The `datapackage-digest.json` file, included in the root of the WACZ file, contains the following structure:
{
"path": "datapackage.json",
"hash": "sha256:3dd086a0be145d1108bf32a5cac7c4b4c046eb78365792d4bb28e9f43e3c6571",
"signedData": <Signature Data structure>
}
## Signature Data Format
The SignatureData structure is the output of the signing operation.
There can only be one SignatureData object per WACZ file, stored as `signedData` in the root object present in `datapackage-digest.json`.
The SignatureData object MUST conform to one of the two signature formats described in this section:
- [Anonymous Signature](#anonymous-signature)
- [Domain-Ownership Identity + Signed Timestamp](#domain-ownership-identity-signed-timestamp)
The SignatureData object MUST not contain any property that is not listed in either signature format.
### Anonymous Signature
{
"hash": "<sha256 hash of datapackage.json>",
"created": "<ISO 8601 Date>",
"software": "<string>",
"version": "<string>",
"signature": "<base64 encoded signature>",
"publicKey": "<base64 encoded public key (ECDSA)>"
}
With this approach, the WACZ contains just enough to validate that they
signature with the `publicKey`.
To validate authorship of the WACZ, external key management is required, and
this signature is otherwise anonymous.
Currently, this approach is used in decentralized tooling, such as the
ArchiveWeb.page extension.
### Domain-Ownership Identity + Signed Timestamp
{
"hash": <sha256 hash of datapackage.json>,
"created": <ISO 8601 Date>,
"software": <string>,
"version": <string>,
// signature of 'hash' by domainCert
"signature": <base64 encoded signature>,
"domain": <valid hostname>,
"domainCert": <PEM certificate chain>,
// signature of 'signature' by timestampCert
"timeSignature": <base64 encoded signature>,
"timestampCert": <PEM ceriticate chain>,
// optional: cross-signing cert for "signature"
"crossSignedCert": <PEM certificate chain>
}
This approach allows for the WACZ signature to be created by the same private
key as is used to create a TLS certificate for a particular domain.
The creator of the WACZ file is the same as the owner of a particular TLS
certificate, which can be explored via Certificate Transparency logs.
This approach also includes an RFC 3161 timestamp server `timeSignature` of the
first `signature`.
The `timeSignature` includes the timestamped and is designed to further
guarantee that the signature was created close to the specified creation time.
For additional verification, an optional `crossSignedCert` can be provided which
can be used as an alternative to the `domainCert`, in case the domain
certificate has been found to be compromised for any reason. The cross-signed
certificate simply provides a way to provide an alternative trust path not tied
to the domainCert, if it becomes needed for any reason.
The `domainCert`, `timestampCert`, and `crossSignedCert` should include the full
certificate chain to aide in validation.