SSM-NET — Publication & discovery (3D)

Publish once, never edit — let anyone fetch the same rulebook

Purpose.
Make every rulebook fetchable, immutable per manifest_id, and cache-friendly so independent verifiers can replay bands exactly as declared—without private coordination.

Well-known location (normative).
Publish each manifest at a stable path that receivers can fetch consistently:

/.well-known/ssmnet/manifest/<manifest_id>

Receiver capabilities (MUST).

- Retrieve the exact manifest text used at emission time
- Confirm boundary inclusivity for each cut (e.g., (-0.80, +0.60])
- Confirm disclosure mode (e.g., value+band by default; full only if declared)
- Confirm eps_a, eps_w, weight_rule, cmp_tolerance, text_norm
- Detect epoch policy notes when (U,W) rollover is in use

Immutability (MUST).

- A published manifest MUST NOT change for a given manifest_id
- Any policy change MUST mint a new manifest_id; old manifests stay online

Transport-agnostic representation (SHOULD).

- Plain, canonical text with stable field names
- Explicit boundary text (e.g., "left-open, right-inclusive") next to numeric ranges
- Declared charset; manifests SHOULD be UTF-8 and NFC-normalized when hashing is referenced

Caching & integrity (SHOULD).

- Strong caching metadata (e.g., long TTL + validators)
- Include a content digest line inside the manifest body for pinning:
  manifest_sha256: <HEX>    # computed over the byte-exact manifest text

Minimal server response expectations.

# MUST
- Return the manifest body as byte-stable text

# SHOULD
- Declare charset explicitly (UTF-8)
- Avoid secrets or identity data (manifests describe content posture, not people)

Discovery notes (MAY).

# optional index of manifests
/.well-known/ssmnet/manifest/

# optional related endpoints
/.well-known/ssmnet/checkpoint
/.well-known/ssmnet/evidence

Tiny example (illustrative manifest body).

manifest_id: "TRANSPORT_POSTURE.DEMO"
bands:
  - "A++"      : [-1.00, -0.80]
  - "A0"       : (-0.80, +0.60]
  - "CRITICAL" : (+0.60, +1.00]
boundary_inclusivity:
  A++: left-inclusive, right-inclusive
  A0:  left-open,      right-inclusive
  CRITICAL: left-open, right-inclusive
eps_a: 1e-6
eps_w: 1e-9
weight_rule: equal
disclosure: value+band
cmp_tolerance: 1e-9
text_norm: "utf8_nfc"
manifest_sha256: <HEX>      # byte-exact digest of this text body

Why this matters (human terms).
Auditors, partners, and regulators can fetch the same bytes you used, then replay band decisions exactly—no screenshots, no vendor portals, no ambiguity.

Navigation
Previous: SSM-NET — Manifests: purpose, fields, rotation (3A–3C)
Next: SSM-NET — Reproducibility of bands (3E) & Manifest changes over time (3F)