This section provides additional guidance on practical considerations for implementors.
The specification is currently in Rough Draft, working toward Working Draft. After Working Draft, the specification will become a Final Specification (e.g., 1.0).
- During Rough Draft, no part of the specification is considered stable
- During Working Draft, features may be added, and issues fixed. Breaking changes may occur, but as an irregularity
- During Final Specification, the specification will only be updated with errata, grammatical fixes, and clearly marked "clarifying text"
Once a Final Specification is released (e.g., 1.0), a new version of the spec (e.g., 1.1) may be started at the rough draft phase.
The media types for schematics will be defined when the specification enters Working Draft status. Preliminarily, the media types will be of the form:
application/oam.TYPE.v1+json
, whereTYPE
is replaced by the name of the type (e.g.component
).
This specification, in its current form, does not mandate a specific set of security policies. However, it does provide guidance on certain aspects of security:
- OCI/Docker images MUST be referenced by SHA wherever possible
- File formats MUST be converted to a canonical format so that they can be hashed
When these two conditions are satisfied, systems can be constructed in which a digest verification of schematics will preserve the immutability of all components of the system. To wit, if a schematic references an image with a hash, then the process to verify the digest of the schematic also ensures that the image pulled has the same reference used to generate the schematic.
Other security details, such as network transport security or securing data at rest, are considered beyond the scope of this specification.
Previous | Next |
---|---|
7. Application Configuration | 9. Design Principles |