RFC-WF-0028
Specification Index & Canonical Registry (SICR)
Status: Draft Standard
Version: 1.0.0
Date: 20 Nov 2025
Category: Standards Track
Author: FullAgenticStack Initiative
Dependencies: RFC-WF-0026 (SGRP), RFC-WF-0013 (WKD), RFC-WF-0021 (SECR)
License: Open Specification (Public, Royalty-Free)
Abstract
This document specifies the Specification Index & Canonical Registry (SICR) for the WhatsApp-first Specification. SICR defines a canonical, machine-readable index of all RFCs, their versions, statuses, dependencies, canonical slugs, and publication locations. SICR enables automated tooling to discover the current spec set, validate dependency graphs, pin releases, and render documentation consistently across repositories and websites.
Index Terms— specification index, registry, dependency graph, canonical slugs, release pinning, interoperability, discovery.
I. Introduction
As the WhatsApp-first Specification grows, the ecosystem needs a single “source of truth” describing:
- what RFCs exist
- which are accepted vs draft vs deprecated
- what versions are current
- how RFCs depend on each other
- which spec release pins which RFC versions
Without a canonical index, documentation and tooling drift: auditors may run against different versions, and implementers can’t reliably pin a target.
SICR defines that index.
II. Scope
SICR specifies:
- A canonical index file format (JSON)
- Required metadata fields per RFC
- Dependency graph rules (acyclic, resolvable)
- Publication and discovery via
.well-known(WKD) - Version pinning for spec releases
- Compatibility expectations (SECR)
SICR does not dictate the hosting platform (GitHub, site, etc.); it defines the registry content and access.
III. Normative Language
MUST, MUST NOT, SHOULD, SHOULD NOT, MAY are normative.
IV. Definitions
Spec Index: A machine-readable catalog of RFC documents and versions.
Canonical Slug: A stable identifier used for URLs and cross-references.
Spec Release: A pinned set of RFC versions representing a release of the specification.
V. Design Goals
SICR MUST ensure:
- G1. Discoverability: tools can locate the current RFC set automatically
- G2. Pinning: implementations can pin spec releases deterministically
- G3. Dependency Integrity: dependency graph is valid and acyclic
- G4. Portability: index format is simple and interoperable
- G5. Compatibility: index evolves via SemVer without breaking consumers
VI. Canonical Location and Discovery
A SICR-compliant publication MUST provide:
/.well-known/wfs/spec-index.json
And /.well-known/wfs.json (WKD) SHOULD reference it:
endpoints.spec_index.url
If the spec is hosted centrally (recommended), this can live at the canonical spec domain; implementations MAY link to the canonical index.
VII. Index File Format (Normative)
A. Required Top-Level Fields
The index MUST include:
-
sicr_version(SemVer of the index format) -
generated_at(timestamp) -
canonical_base_url(string) -
rfcs[](list) -
releases[](optional but recommended)
B. RFC Entry Required Fields
Each RFC entry MUST include:
-
rfc_id(e.g.,RFC-WF-0003) titleacronym-
status(draft|proposed|accepted|deprecated|obsoleted) -
version(SemVer) category-
slug(canonical) -
dependencies[](list of RFC ids) -
url(rendered doc location) -
source_url(repo path location, optional but recommended) -
sha256(optional but recommended for integrity)
C. Example spec-index.json
{
"sicr_version": "1.0.0",
"generated_at": "2026-02-22T00:00:00Z",
"canonical_base_url": "https://spec.fullagenticstack.dev/whatsapp-first",
"rfcs": [
{
"rfc_id": "RFC-WF-0001",
"title": "WhatsApp-First Compliance Core",
"acronym": "WFCS",
"status": "accepted",
"version": "1.0.0",
"category": "Foundational",
"slug": "rfc-wf-0001-wfcs",
"dependencies": [],
"url": "https://spec.fullagenticstack.dev/whatsapp-first/rfc-wf-0001-wfcs",
"source_url": "https://repo.example/spec/rfc-wf-0001.md",
"sha256": "optional"
}
],
"releases": [
{
"release_id": "WFS-1.0.0",
"released_at": "2026-02-22T00:00:00Z",
"pins": {
"RFC-WF-0001": "1.0.0",
"RFC-WF-0003": "1.0.0"
}
}
]
}
VIII. Dependency Graph Rules
A. Acyclic Requirement
The dependency graph MUST be acyclic. Any cycle MUST be treated as invalid.
B. Resolution Requirement
All dependencies listed MUST exist in the same index OR be declared as external_dependencies with resolvable references.
C. Self-Dependency Prohibition
An RFC MUST NOT depend on itself.
IX. Spec Releases and Pinning
A. Release Pins
Spec releases SHOULD pin versions for all RFCs required for compliance auditing (at minimum: WFCS, CCP, ACSM, CRCD, EAS, OoC, RCP, IDS, CATS, RCMC, SECR).
B. Consumer Behavior
Consumers (toolkits, auditors) MUST:
- use a pinned release when provided, OR
- explicitly declare which RFC versions they target
Silent “latest” consumption is discouraged for audits.
X. Compatibility and Extensions (SECR Alignment)
SICR MUST follow SemVer:
- MAJOR for breaking changes to required fields or enums
- MINOR for additive fields
- PATCH for clarifications
Extensions MAY be added under:
-
extensionsorx_*fields, following SECR rules.
XI. Security Considerations
Publishing hashes and stable URLs improves integrity and reduces confusion, but the index itself can be spoofed if hosted insecurely. The canonical index SHOULD be served over HTTPS and MAY be signed (future extension). Tools SHOULD support pinning by hash for high-assurance workflows.
XII. Conclusion
SICR turns the WhatsApp-first Specification into something ecosystem-grade: discoverable, pinnable, and toolable. By standardizing a canonical RFC index with dependency and release metadata, SICR prevents version drift and enables reliable audits, certification, and documentation generation.
References
[1] RFC-WF-0026, Specification Governance & RFC Process (SGRP).
[2] RFC-WF-0013, Well-Known Discovery & Interop Endpoints (WKD).
[3] RFC-WF-0021, Schema Extensions & Compatibility Rules (SECR).
Concepts and Technologies
Spec indexing, canonical registries, dependency DAG validation, SemVer pinning, well-known discovery of spec metadata, integrity hashes, release bundles.
Top comments (0)