(no commit message)

diff --git a/design/trust-anchor.mdwn b/design/trust-anchor.mdwn
index ed0a74d..f6f2f81 100644 (file)
--- a/design/trust-anchor.mdwn
+++ b/design/trust-anchor.mdwn
@@ -84,4 +84,30 @@ The server certificate hash field is mutually exclusive with the other fields.
   constraints in the identity provisioning format
 
 * Use the system trust anchor store for user-provisioned identities and
-  do something about naming
+  do something about naminge
+
+## User Web Provisioning Format
+    <identities>
+      <identity>
+        <display-name>Unique Name</display-name>
+        <user>username</user>
+        <password>ENCRYPTEDPW</password>
+        <realm>issuer name</realm>
+        <services>
+          <service>xmpp@jabber.project-moonshot.org</service>
+        </services>
+        <selection-rules>
+          <rule>
+            <pattern>PATTERN</pattern>
+            <always_confirm>true</always_confirm>
+          </rule>
+        </selection-rules>
+        <trust-anchor>
+          <ca-cert>ABCDEFGHIJKLMNOPQRSTUVWXYZ123455678910</ca-cert>
+          <subject>Foo</subject>
+          <subject-alt>Bar</subject-alt>
+          <!-- Or alternatively -->
+          <srv-cert>ABCDEFGHIJKLMNOPQRSTUVWXYZ123455678910</srv-cert>
+        </trust-anchor>
+      </identity>
+    </identities>