How one would implement "shallow trust" and "deep trust" is not clear to me. I think this stems from the fact that Endorsements are secure statements and Reference Values are not. Should "shallow trust" be limited to conveying Reference Values?

[thomas-fossati]

[thomas-fossati]

Not sure about the underlying assumption that:

"Endorsements are secure statements and Reference Values are not”

I interpret "secure statement” as meaning “a statement that is signed by a trusted source”. Therefore, I am unsure why endorsements (i.e., statements about the actual state of an attester) would be different from reference values (i.e., statements about the expected state of an attester) in terms of their security.

@carl-wallace can you please explain what you mean by “secure statement” in this context?

See also #80 (comment)

[carl-wallace]

I was parroting RFC 9334 section 4.2. Endorsements are by definition "secure" and references values are not (but could be should one choose).

[paulhowardarm]

@carl-wallace to review latest §8.3 (sec cons for aggregators)

[paulhowardarm]

SUGGESTION: Small addition to §2 just to reinforce what "shallow" and "deep" mean (i.e. it's not about the depth of trust placed in the aggregator, because that would result in the reverse interpretation - "depth" is actually about the depth to which the supply chain is interrogated)