ActF/TCF/TSF should include digest of persistent log contents

[magnusbaeck]

Description

Just like ArtC can include the digest of the artifact files to enable detection of tampering (via data.fileInformation.integrityProtection), it should also be possible to include the digest of the persistent logs announced in ActF, TCF, and TSF (e.g. data.persistentLogs.integrityProtection).

If implemented, we should probably define a new struct type (like EiffelMetaProperty and EiffelEventLink) for the integrityProtection members to reduce duplication and enable nicer SDKs.

Motivation

Activity logs could contain audit information or similar where it's vital that tampering (or corruption) is detected. Right now the only way of using Eiffel to convey that information is to expose the logs as artifacts, and while that's not completely unreasonable, we already provide a standard mechanism for exposing activity logs and it would be a pity to not support this use case.

Exemplification

N/A

Benefits

Allow detection of tampering or corruption of activity logs (if that information is provided by the publisher).

Possible Drawbacks

None.

[m-linner-ericsson]

Sounds like an reasonable idea. We do have the same type of logs in TCF and TSF, should we add it for those events also?

[magnusbaeck]

Ah, right. Forgot about those. Yes, definitely. And that makes the case for a new struct type even stronger.