Item links

DiME, the open and trust-based data format building secure Application-based Public-Key Infrastructures (APKIs) in a breeze.

In many application usages it may be necessary to refer to previously send messages or other items. An example of this is when requesting data collection where it must be possible from the response trace back to the original request. Another example may be chat messages or sign-offs to sensitive operations.

DiME support cryptographic linking between items. This allows items to be linked together and those links can later be verified to be intact.

The claim field ‘lnk’ is used to hold item links, and may look like this:

"lnk": "KEY.c0eb7bed-591e-4021-970d-e881147fa48d.7df0f3f6122413e83beb5347408d909151d5f956fe973a08357ceaf1c0b83b19:MSG.de9cc81d-32cb-4f6b-b90e-db87e003114a.f281b30d6179b94e6182746d0f31c755d8ddc035a1ac740c55283c78ed3282a1"

In the above example, two items have been linked, one key and one message. An item link consists of the following components, separated by a dot (‘.’):

  • Item type – the header used for specific DiME item

  • Unique identifier – the unique identifier of the item, as an UUID

  • Item thumbprint – a secure hash of the item being linked

Several items may be linked to one item, each item link is separated by a colon (‘:’). Note that to protect the integrity of item links the carrying item needs to be signed.

The DiME tag item is closely related to item links, providing a way to separately link items to prove verification, processing or other operations.

Last updated