fix: onboarding sequence diagrams aligned with normative texts

docs/en/conf.py

@@ -4,7 +4,7 @@
 settings_project_name = "IT-Wallet Technical Documentation"
 # settings_copyright_copyleft = 'Dipartimento per la Trasformazione Digitale'
 settings_editor_name = 'Dipartimento per la Trasformazione Digitale'
-settings_doc_version = '1.2.0'
+settings_doc_version = '1.2.1'
 settings_doc_release = "versione-corrente"
 settings_basename = 'eid-wallet-it-docs'
 settings_file_name = 'eid-wallet-it-docs'

docs/en/onboarding-high-level.rst

@@ -22,7 +22,7 @@ The onboarding framework MUST provide specialized onboarding processes that matc
 .. plantuml:: plantuml/trust-infrastructure-overview.puml
     :width: 99%
     :alt: IT-Wallet onboarding system overview showing dual-path registration processes and trust infrastructure
-    :caption: `IT-Wallet Onboarding System Overview. <https://www.plantuml.com/plantuml/svg/trust-infrastructure-overview>`_
+    :caption: `IT-Wallet Onboarding System Overview. <https://www.plantuml.com/plantuml/svg/hLL_RnCv4Fr_FyLSE954eir1MbJGWSYb0I8LDKe25H9IDB4d6qkElRAzoOKJt_titUtYP0la3o9Lwevddj-y-U4trg5n-KQ2CxbrPqAj35h_FtEveJEz9RCLj4l-48h9d1FyFRpe3IyMGxt9j2BbNYVlnzUZnMm-cevkvvydequtQTyCFjz-d2zkHc_dY-dutVkvDoPjkAQLK0IpoNGy7yqYJ9Tdo4s_jzBAdU6EhDxGsMMFaN5Y9HWwUlrhRuuEbsXFSMKwjIUu2RvWQFW9dZkKajol77j2MITSxeHMhuCWGo-vte1rUqas6N0-ahGXvUQOTbhqhoEZKBQUm9_BTAYbDgzQZruKls0Bo9LrjnQE2ZzjE9dAcXhQjxh7i9aH6pJxGzIdJvzVBVb9g8_-MbvSNLqqWHsnzI7gSxRizrUdeLxWLV_PYoPg6bfGeM9qY7qrwB-uUdiQzkNbi_xbm6CdJZX9C9wVtHK5Wrkrr6YuK2dCzjRH1cwhZW_bcPHImO0vRMpoZyuLzz-TIi8dq3hqQ7bBg_jV0lutzAnGA38TjDuyoDsQb1CCPZetZ0hVQtJeBz5RmQcCVbTa6v87GwcmpWZouPdHAx9MQ8KIj4bHYQyOkiYV4SyPkl8ewYyRP72OsbTrOQpdxUXLwtvGMjqZfYRp5AOazq6F2HedIfv3GpoGHmcVoFY9hDZUnanW6uwAK2vIuRmpg-CihBG16wHb1CWOsOXWfMVCCKneWzykyAig5ybMssPQLhato6N1FTGvAZvccHIiSd0Qc73YAwcV4oidlK6DYKETnjRcP8xLcvK2FC1FUFyVIHTgnK4hGDz4sjFmCLk2KCQVKgtML-Zxv5l1jmrLwcDbNPWfw0Z5XI7coltVK3oaTHGJo7_GIo6fTqTB66HPaMKfNfr0gPE5dN1hEBm4tDheF5t3tQJc7ssxfjPX5kT5vFZWUVe-aGNkGeHJp-KXtuTdKzVplx3xCAUDXH3YfkKe5gKwgE47L9YIXL0fjmSJ-w7YLRfa7IwbiEimrtNoF4Tvbg5RXzuCyq1HuqLRBz8Z6k-g0O_IMH6dylf5nIKigRUr5QQLjLMh55lk_mUzWWgAU9cS80kTwUG9tFc_uRZhhJwd89FEAd2KLRvRb88Nff-sP_IwFvmDsZYBmGngVeyX6geXEfGw3GaS9z7OkaLLS8j2UlOKJHcuVKRbbkB2iY3__gGD-YtnlpOyFOS1tmWLhYx7yw1fEYXbBMGtcPBy_eWqUh21zKN5O2796qfHzhmwkKIdVRAOXGtdn-TNuC_EOUwpKOAXREBMHpscDvaKeGDZx7O0Dzdl9bq1xtu_C9J8JFn-oacrKdrZJj2jYwzmr_4zXstSn_FxY9TVr3KwXEDBXyTT-HWiMzC6RJmdROZcEi01_932mtkXlpoFCIfAvLeOnJihaFe--n0DhYsNS_-y-R3SJM1Jh4VUJUwBMpmd5zvvV93q5nLxXzl61mz6k0HkSB-OXjvZebj-VGnbtMNrbxyXqZesxqIWMK74RqKr9rr_U1ljiO_MCqdQIZk2i0hY6hw4rlNzXl1o7HUh5OSrTG_XfSAVwYtfKQ8oL5l20oLlIF5y8_y7>`_
 
 All Primary Actors MUST undergo administrative registration for legal and regulatory compliance, followed by specialized technical registration processes that MUST reflect their operational roles in the Digital Credential ecosystem.
 

docs/en/plantuml/federation-onboarding-process.puml

@@ -1,48 +1,36 @@
-@startuml Federation Entity Onboarding Process
+@startuml
 autonumber
 
 participant "Federation Entity" as fe
 participant "Federation Authority" as ta
 
 == Step 1: Onboarding Request Submission ==
 
-fe -> ta: Submit onboarding request\n(Entity ID, Public Key JWK, CSR)
+fe -> ta: Submit onboarding request\n(Entity ID, Public Key JWKs, CSRs)
 
 == Step 2: Federation Authority Validation and Certificate Issuance ==
 
 ta -> ta: Verify registration information
 ta -> ta: Validate Entity Configuration at\n/.well-known/openid-federation endpoint
 ta -> ta: Apply metadata policies with cascading effect
-ta -> ta: Issue X.509 certificate for\nFederation Entity Public Key
+ta -> ta: Issue X.509 Certificates about\nFederation Entity Public Keys in CSRs
 
 alt Validation successful
-    ta -> fe: Certificate chain response\n(Entity certificate + authority certificates)
+    ta -> fe: X.509 Certificate chain response\n(Entity certificate + authority certificates)
 else Validation failed
     ta -> fe: Rejection with identified issues
 end
 
 == Step 3: Entity Configuration Update and Resolve Request ==
 
-fe -> fe: Update Entity Configuration:\n- Add authority_hints claim\n- Add x5c claim with certificate chain
-fe -> fe: Publish updated EC at\n/.well-known/openid-federation
-fe -> ta: Resolve request\n(/resolve?sub=entity_id&trust_anchor=ta_id)
+fe -> ta: Get Subordinate Statement\n(/fetch?sub=entity_id)
+ta -> ta: Generate Federation Trust Mark for entity
+ta -> ta: Include Trust Mark in Subordinate Statement
+ta -> fe: Subordinate Statement response
 
 == Step 4: Resolve Response and Onboarding Completion ==
 
-ta -> ta: Reconstruct valid trust chain
-ta -> ta: Generate Federation Trust Mark for entity
-ta -> ta: Include Trust Mark in Subordinate Statement
-ta -> ta: Generate signed JWT with trust chain,\nvalidated metadata and applying metadata policies
-
-alt Resolve successful (200 OK)
-    ta -> fe: Resolve response with JWT\n(trust chain + validated metadata)
-    fe -> ta: Fetch Subordinate Statement\n(/fetch?sub=entity_id)
-    ta -> fe: Subordinate Statement with Trust Mark
-    fe -> fe: Extract Trust Mark from Subordinate Statement
-    fe -> fe: Integrate Trust Mark in Entity Configuration\n(trust_marks claim)
-    fe -> fe: Publish final Entity Configuration at\n/.well-known/openid-federation
-else Resolve failed (400/404)
-    ta -> fe: Error response with issues to resolve
-end
+fe -> fe: Update Entity Configuration:\n- Add authority_hints claim\n- Add trust_marks claim
+fe -> fe: Publish updated EC at\n/.well-known/openid-federation
 
 @enduml

docs/it/conf.py

@@ -4,7 +4,7 @@
 settings_project_name = "IT-Wallet Technical Documentation"
 # settings_copyright_copyleft = 'Dipartimento per la Trasformazione Digitale'
 settings_editor_name = 'Dipartimento per la Trasformazione Digitale'
-settings_doc_version = '1.2.0'
+settings_doc_version = '1.2.1'
 settings_doc_release = "versione-corrente"
 settings_basename = 'eid-wallet-it-docs'
 settings_file_name = 'eid-wallet-it-docs'