Passport specification

Passports are scoped accountability objects attached to a parent ECZ-ID.

An ECZ-ID passport describes a bounded operating surface under a stable parent identity. It does not create a second identity root. It attaches structured state, lifecycle posture, authority boundaries, evidence expectations, and resolver-verifiable public proof to the parent ECZ-ID.

Open Resolver ECZ-ID Specification Authority Model

The passport rule

Scoped state must remain subordinate to identity.

A passport may represent an API, agent, dataset, product, robot, cyber posture, custody transfer, risk policy, infrastructure surface, or other operating object. It remains attached to the parent ECZ-ID and inherits its public identity context.

Passport boundary

A passport can change state without changing the parent identity.

State can be issued, activated, suspended, degraded, expired, mismatched, revoked, or unresolved while the parent ECZ-ID remains the stable identity spine.

What a passport defines

Each passport makes one operating surface publicly referenceable.

01

Scope

What the passport covers, what it does not cover, and which operating surface it represents.

02

Authority boundary

Which backend-owned authority conditions allow the passport state to exist, change, downgrade, suspend, or revoke.

03

Lifecycle state

Whether the passport is issued, active, suspended, degraded, expired, mismatched, revoked, or unresolved.

04

Public proof

What Resolver may safely project for humans, agents, platforms, auditors, insurers, and automated relying systems.

A passport provides

  • A scoped, resolver-verifiable accountability surface.
  • A public way to distinguish parent identity from operating object state.
  • Lifecycle posture that can change without losing the parent ECZ-ID.
  • Machine-readable reference material for integration, procurement, audit, and review.
  • A safer route for humans, agents, LLMs, platforms, and counterparties to re-check state before reliance.

A passport does not

  • Create a second ECZ-ID identity root.
  • Prove business quality, reputation, performance, safety, or commercial suitability.
  • Replace regulators, auditors, insurers, courts, or institutional decision-makers.
  • Make a website, badge, marketplace listing, directory entry, or copied document authoritative.
  • Allow public pages, agents, or third-party interfaces to write ECZ-ID truth.

Parent and child structure

The parent ECZ-ID is stable. The passport instance is scoped.

01

Parent ECZ-ID

The stable identity spine for the organisation or entity. It remains non-semantic beyond the country code and unique identifier.

02

Passport code

The controlled passport scope, such as API, Agent Credential, Product, Dataset, Software Supply Chain, Cyber Resilience, Robotics, or another canonical passport type.

03

Instance suffix

The derived instance suffix separates one passport instance from another without turning the suffix into a second identity root.

04

Resolver path

The public route used to inspect current state and safe public proof for that passport instance.

Machine-readable public infrastructure

Passports must be understandable to humans and re-checkable by machines.

ECZ-ID passport pages should support human comprehension, agent review, marketplace checks, procurement evaluation, insurer review, regulatory inspection, and automated re-checking. Machines should not infer passport state from stale pages, screenshots, badges, directory entries, or copied claims.

Resolver

Use Resolver for current public state and public proof.

TrustOps

Use TrustOps for acquisition, setup, activation, lifecycle, repair, and customer action.

Developer Gateway

Use Developer Gateway for schemas, integration guidance, route indexes, and implementation patterns.

Backend

Canonical truth, entitlement, eligibility, state mutation, revocation, and lifecycle decisions remain backend-owned.

Public reference path

Read the specification here. Check current public state in Resolver.

Use this page to understand passport structure and scope. Use Resolver for public verification. Use TrustOps for acquisition, activation, lifecycle control, and operational action. Use Developer Gateway for docs, schemas, route indexes, and implementation guidance.