text updates

content/_index.md

@@ -110,7 +110,7 @@ footer a {
   <img src="/img/logos/image-logo.svg" alt="Tratteria Logo">
   <h1>Tratteria</h1>
   <h2>Transaction Tokens Service</h2>
-  <h3>Secure your microservices with <a href="https://www.ietf.org/archive/id/draft-ietf-oauth-transaction-tokens-01.html" target="_blank">Transaction Tokens</a>.</h3>
+  <h3>Assure identity and context in microservices with <a href="https://www.ietf.org/archive/id/draft-ietf-oauth-transaction-tokens-01.html" target="_blank">Transaction Tokens</a>.</h3>
   <div class="buttons">
     <a href="/docs" class="button"><i class="fas fa-book-open"></i> Learn More</a>
     <a href="/docs/quickstart" class="button"><i class="fas fa-rocket"></i> Get Started</a>

content/docs/_index.md

@@ -18,7 +18,7 @@ Welcome to the documentation for Tratteria, an open-source Transaction Tokens (T
 
 ### Microservices
 
-Microservices architecture breakes down an application into smaller, independent services that interact through well-defined APIs. This approach offers several advantages including enhanced development speed and independent development.
+A microservices architecture breaks down applications into smaller, independent services that interact through well-defined APIs. This approach offers several advantages including enhanced development velocity and independent development and release cycles.
 
 Microservices are deployed and run within a secured "virtual private cloud" (VPC).
 
@@ -39,21 +39,21 @@ VPCs often rely on implicit trust models that can leave systems vulnerable. To e
 <img src="/img/docs/introduction/vpc_security_concerns.svg" alt="VPC Security Concerns Diagram" class="doc-image">
 
 - **Implicit Trust**: Services within the VPC trust each other.
-- **Service-to-Service Trust:** Establishes mutual authentication and authorization between services.
-- **User Trust:** Extends service-to-service trust to also assures the identity of the user making the request, confirming users are who they claim to be.
-- **Assured Context**: Extends user trust to also assure the authorization context of the request.
+- **Service-to-Service Trust:** Establishes mutual authentication and authorization between services. This is sometimes achieved using [SPIFFE](https://spiffe.io/)
+- **User Trust:** Extends service-to-service trust to also assures the identity of the user making the request, confirming users are who they claim to be. Some developers pass external ID Tokens to assert the identity of the calling user, or use OAuth [Token Introspection](https://datatracker.ietf.org/doc/html/rfc7662) in order to obtain the identity of the user initiating the transaction. Both these approaches are susceptible to token replay attacks. 
+- **Assured Context**: Extends user trust to also assure the authorization context of the request. This can be achieved using TraTs.
 
 ## Moving Toward Assured Context with Transaction Tokens
 
-To address these vulnerabilities, Transaction Tokens (TraTs) represent an evolution from traditional security measures to a more robust, context-aware framework. TraTs offer assurance of both user identity and authorization context at every step of a transaction.
+To address these vulnerabilities, TraTs represent an evolution from traditional security measures to a more robust, context-aware framework. TraTs offer assurance of both user identity and authorization context at every step of a transaction.
 
 ### Transaction Tokens (TraTs)
 
 TraTs are short-lived, cryptographically signed JSON Web Tokens that immutably preserve the user identity and authorization context of an external API invocation. They ensure that the user identity and authorization details of an external request, such as an API call, are maintained across all involved services within a microservices application. Additionally, TraTs enable these services to assert their involvement in the transaction chain to downstream workloads.
 
-### Benefits of Transaction Tokens (TraTs)
+### Benefits of TraTs
 
-Transaction Tokens (TraTs) offer several benefits:
+TraTs offer the following benefits:
 
 - **Prevention of Spurious Invocations**: By verifying the presence of an external trigger, TraTs help prevent unauthorized internal calls within the network.
 
@@ -71,13 +71,13 @@ Transaction Tokens (TraTs) offer several benefits:
 
 ## TraTs Service
 
-The Transaction Token Service (TraTs Service) issues TraTs to requesting workloads. Requesting workloads authenticate to the TraT Service and request tokens by providing the necessary context, which the service uses to generate TraTs. A limited, pre-configured set of workloads, typically only the API gateway, can request TraTs. Secure methods, such as SPIFFE, are used to authenticate these workloads.
+The Transaction Token Service (TraTs Service) issues TraTs to requesting workloads. Requesting workloads authenticate to the TraTs Service and request tokens by providing the necessary context, which the service uses to generate TraTs. A limited, pre-configured set of workloads, typically only the API gateway, can request TraTs. Secure methods, such as SPIFFE, are used to authenticate these workloads.
 
 
 ### How it Works
 
 - **Initial Invocation**: When a user invokes an external endpoint in an API microservice, the service authenticates the request using conventional authorization mechanisms (e.g., OAuth 2.0).
-- **Token Request**: The API microservice uses OAuth Token Exchange to request a TraT from the TraTs Service, providing context about the request, such as request parameters, user’s identity, and the initial authorization token.
+- **Token Request**: The API microservice uses a specific profile of OAuth Token Exchange (defined in the Transaction Tokens [draft](https://datatracker.ietf.org/doc/draft-ietf-oauth-transaction-tokens/)) to request a TraT from the TraTs Service, providing context about the request, such as request parameters, user’s identity, and the initial authorization token.
 - **Token Issuance**: The TraTs Service verifies the requesting service using secure methods such as SPIFFE, validates the request, and issues a TraT that includes immutable information about the user and the context of the request.
 - **Propagation**: The API microservice uses the TraT to authorize its subsequent calls to internal services. These downstream services reuse the same token to authorize their subsequent calls to other services.
 - **Verification**: Each service in the call chain independently verify the TraT to ensure that the request is valid and that the context has not been tampered with.
@@ -87,15 +87,14 @@ The Transaction Token Service (TraTs Service) issues TraTs to requesting workloa
 
 ## What is Tratteria?
 
-Tratteria is an open-source implementation of Transaction Tokens (TraTs) Service. It's designed to facilitate secure, reliable, and efficient TraTs issuance and verification in microservices systems. Tratteria can be seamlessly integrated into existing systems.
+Tratteria is an open-source implementation of Transaction Tokens (TraTs) Service in Go. It's designed to facilitate secure, reliable, and efficient TraTs issuance and verification in microservices systems. Tratteria can be seamlessly integrated into existing systems.
 
-Tratteria supports a variety of configurations and is highly customizable to meet the specific needs of different environments. It is compatible with Service Meshes, Open Policy Agent (OPA), and SPIFEE, making it a flexible option for modern infrastructures. Whether you're running native services or containerized applications, Tratteria offers seamless integration.
+Tratteria supports a variety of configurations and is highly customizable to meet the specific needs of different environments. It is compatible with Service Meshes, Open Policy Agent (OPA), and SPIFFE, making it a flexible option for modern infrastructures. Whether you're running native services or containerized applications, Tratteria offers seamless integration.
 
 <img src="/img/docs/introduction/tratteria_workflow.svg" alt="Tratteria Workflow" class="doc-image">
 
 ## Acknowledgments
 
 This documentation and the underlying technology are based on the concepts and drafts developed by Atul Tulshibagwale (SGNL), George Fletcher (Capital One), and Pieter Kasselman (Microsoft).
 
-For detailed discussions and updates, visit the [OAuth Working Group mailing list](https://mailarchive.ietf.org/arch/browse/oauth/) or the [Github repository](https://github.com/oauth-wg/oauth-transaction-tokens).
 

content/docs/quickstart/generating-trats.md

@@ -1,33 +1,33 @@
 ---
-Title: "Generatting TraTs"
+Title: "Generating TraTs"
 weight: 2
 toc: true
 ---
 
-This guide explains how to generate TraTs (TraTs) using Tratteria after its successful setup, as described in the [Running Tratteria](/docs/quickstart/running-tratteria) guide.
+This guide explains how to generate TraTs using Tratteria after its successful setup, as described in the [Running Tratteria](/docs/quickstart/running-tratteria) guide.
 
  
 
 - [Overview](#overview)
 
-- [TraTs Request Parameters](#trats-request-parameters)
+- [TraTs Request Parameters](#trat-request-parameters)
 
-- [TraTs Request](#trats-request)
+- [TraTs Request](#trat-request)
 
-- [TraTs Response](#trats-response)
+- [TraTs Response](#trat-response)
 
  
 
 ### Overview
 
-Once Tratteria is running, either as a native Go server or inside a Docker container, you can generate TraTs (TraTs). The service is accessible at `localhost:9090` and provides the http endpoint `POST /token_endpoint` for token generation.
+Once Tratteria is running, either as a native Go server or inside a Docker container, you can generate TraTs. The service is accessible at `localhost:9090` and provides the http endpoint `POST /token_endpoint` for token generation.
 
 
  
 
-#### TraTs Request Parameters
+#### TraT Request Parameters
 
-To request TraTs (TraTs), the following parameters must be provided in the request:
+To request TraTs, the following parameters must be provided in the request:
 
 **grant_type (REQUIRED)**
 
@@ -59,7 +59,7 @@ stocks.trade
 Set to
 
 ```plaintext
-urn:ietf:params:oauth:token-type:TraT
+urn:ietf:params:oauth:token-type:txn-token
 ```
 
 **subject_token (REQUIRED)**
@@ -87,7 +87,7 @@ The above JWT has the below body:
 }
 ```
 
-Tratteria verifies the signature of the self-signed subject tokens it receives in TraT requests. However, for simplicity, we have disabled the verification in the quick-start configuration. Therefore, there's need to concern ourselves with the keys used for signing these self-signed tokens in this guide. Nonetheless, in a production-level setting, you would enable this verification to ensure the security and integrity of self-signed tokens. For guidance on how to enable and configure this, please cleck [this guide](#).
+Tratteria verifies the signature of the self-signed subject tokens it receives in TraT requests. However, for simplicity, we have disabled the verification in the quick-start configuration. Therefore, there's need to concern ourselves with the keys used for signing these self-signed tokens in this guide. However, in a production-level setting, you would enable this verification to ensure the security and integrity of self-signed tokens. For guidance on how to enable and configure this, please cleck [this guide](#).
 
 **subject_token_type**
 
@@ -133,7 +133,7 @@ ewogICJyZXFfaXAiOiAiMTkyLjEyOC4wLjg5Igp9
 
  
 
-### TraTs Request
+### TraT Request
 
 With the above parameters, we will get the following TraT request:
 
@@ -155,7 +155,7 @@ You can execute this command directly from a terminal or from tools such as Post
 
  
 
-### TraTs Response
+### TraT Response
 
 A successful TraT response contains the following:
 

content/docs/quickstart/running-tratteria.md

@@ -22,15 +22,15 @@ This quick-start guide outlines the steps to set up and run Tratteria for initia
 To get started, clone the Tratteria repository from GitHub:
 
 ```bash
-git clone https://github.com/SGNL-ai/Tratteria
+git clone https://github.com/tratteria/tratteria
 ```
 
  
 ### Quick Start Configuration
 
 Tratteria is configured using a YAML file. The quick-start configuration can be found at:
 
-[https://github.com/SGNL-ai/tratteria/blob/main/example-configs/config.quick-start.yaml](https://github.com/SGNL-ai/tratteria/blob/main/example-configs/config.quick-start.yaml)
+[https://github.com/tratteria/tratteria/blob/main/example-configs/config.quick-start.yaml](https://github.com/tratteria/tratteria/blob/main/example-configs/config.quick-start.yaml)
 
 The file contains the below configuration: