TR-T-1 — Attacker injects malicious entries into fetched trust list
Component: Trust Evaluation. Mitigations: JWS signature verification on LoTE; X.509 chain validation on x5c. Action: None required.
| Property | Value |
|---|---|
| Section | Tampering |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-TRUST-02 | Multi-Registry Trust Framework Support |
| SID-TRUST-04 | Trust Decision Caching with Circuit Breaker |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md