Specifications index

The specifications below are the documents a working implementer or close reader actually needs to consult. The list is selective: only standards that are operative for current image-provenance practice are included. Each entry gives the canonical reference, a short description, and a note on relevance. Where applicable, links to authoritative sources are included; for ISO and other paywalled standards, the reference is precise enough to locate the document through the relevant organization.

C2PA core

1. C2PA Technical Specification 2.4 — The current published version of the C2PA specification, defining manifest structure, assertion vocabulary, signing requirements, and binding mechanisms. Available at c2pa.org. The most-consulted document in the stack and the entry point for any C2PA implementation work.
2. C2PA Threats and Harms — The companion document to the spec describing the threat model C2PA is designed against and the categories of harm it does and does not address. Essential reading for understanding what the specification is trying to do; cited heavily on the limitations page.
3. C2PA Trust Model — The supporting document describing the certificate model, trust list governance, and the criteria for CA inclusion. Essential for understanding the trust-list mechanics covered on the trust list page.
4. C2PA User Experience Guidance — The published guidance on consumer-facing display of credentials. Less prescriptive than the technical spec but useful for implementers building display surfaces.

Container and encoding

5. ISO/IEC 19566-5:2019 (JUMBF) — The JPEG Universal Metadata Box Format, the container that holds C2PA manifests inside image files. The container is generic enough to be used for non-C2PA metadata; C2PA's adoption of it gave the format wider deployment than it had before.
6. RFC 8949 (CBOR) — Concise Binary Object Representation, the binary encoding used for C2PA assertions and claims. Published as an Internet Standard by the IETF.
7. RFC 9052 (COSE) — CBOR Object Signing and Encryption, the CBOR-native analogue of JOSE used for C2PA's signature encoding. The signature on each C2PA claim is a COSE_Sign1 structure.
8. RFC 8152 — The original COSE specification, superseded by RFC 9052 but still cited in some implementations.
9. RFC 8392 (CWT) — CBOR Web Token, occasionally relevant in C2PA contexts for identity assertions that follow the JWT pattern.

Cryptographic primitives

10. RFC 5280 — Internet X.509 Public Key Infrastructure Certificate and CRL Profile. The X.509 certificate format used throughout C2PA's trust infrastructure.
11. FIPS 180-4 — Secure Hash Standard. SHA-256, SHA-384, and SHA-512 are the hashes permitted by C2PA.
12. FIPS 186-5 — Digital Signature Standard. ECDSA over P-256/P-384/P-521 curves used in C2PA signing.
13. RFC 8017 (PKCS #1 v2.2) — RSA Cryptography Specifications. RSA-PSS with appropriate key sizes is a permitted C2PA signature algorithm alongside ECDSA.
14. RFC 6960 (OCSP) — Online Certificate Status Protocol, used for revocation checking in C2PA's PKI inheritance.

Trust and reporting

15. ISO/IEC 22144:2024 (JPEG Trust) — The JPEG Trust framework, providing a vocabulary for trust evaluation reporting over content provenance. Consumes C2PA manifests and produces structured assessments. Refined through 2025 with additional reason codes and reporting structures.
16. ISO/IEC TS 22144-2 — A technical specification companion document to ISO 22144 providing additional implementation guidance.

Image metadata

17. EXIF 2.32 (CIPA DC-008-2019) — Exchangeable Image File Format, the dominant camera-metadata standard. Maintained by the Camera & Imaging Products Association.
18. ISO 16684-1:2019 (XMP) — Extensible Metadata Platform, Adobe's RDF/XML-based metadata standard, widely used in editorial pipelines.
19. IPTC Photo Metadata Standard 2024.1 — The current version of the IPTC photo metadata standard, maintained by the International Press Telecommunications Council. The newsroom-standard editorial-metadata format.
20. IPTC Video Metadata Hub — The IPTC standards collection covering video metadata, increasingly relevant as video C2PA matures.
21. ICC Profile Specification (ISO 15076-1) — International Color Consortium profile format, occasionally relevant in forensic analysis.

File formats and embeddings

22. ISO/IEC 10918 (JPEG) — The base JPEG specification. C2PA manifests are embedded in JPEG files using the APP11 marker.
23. ISO/IEC 23008-12 (HEIF) — High Efficiency Image File Format. C2PA manifests embed as top-level JUMBF boxes in HEIF.
24. ISO/IEC 14496-12 (ISOBMFF) — ISO Base Media File Format, the container behind MP4 and the structural basis for HEIF. Relevant for video C2PA.
25. ISO/IEC 21320-1 (Document Container File) — The container standard relevant for some document-and-image hybrid formats.
26. ISO 32000-2 (PDF 2.0) — The current PDF specification. C2PA manifests embed in PDFs as content streams.

Watermarking and fingerprinting (informative references)

27. Cox, Miller, et al., "Secure Spread Spectrum Watermarking for Multimedia" (1997) — The seminal frequency-domain watermarking paper, foundation of much of the classical watermarking literature.
28. Fernandez, Couairon, et al., "The Stable Signature: Rooting Watermarks in Latent Diffusion Models" (2023) — The Meta paper introducing the Stable Signature scheme. Open-published, with reference implementation.
29. Google DeepMind, "SynthID: Tools for watermarking and identifying AI-generated content" (2023, with ongoing technical updates) — Google's published material on SynthID. Less complete than the academic papers above; details remain partially proprietary.
30. Saberi, Sadasivan, et al., "Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks" (2023) — The widely-cited paper on adversarial attacks against image watermarks. Essential for understanding watermark robustness claims.
31. Zhao, Pang, et al., "Invisible Image Watermarks Are Provably Removable Using Generative AI" (2023) — Formalization of the regeneration attack against watermarks.

Detection and forensics (informative references)

32. Farid, "Photo Forensics" (MIT Press, 2016) — The standard textbook on classical image forensics. Farid's continued lab publications at Berkeley update many of the techniques for modern contexts.
33. Wang, Wang, et al., "CNN-generated images are surprisingly easy to spot" (CVPR 2020) — The foundational paper on frequency-domain detection of GAN-generated images.
34. Cozzolino, Poggi, et al., "On the Generalization of Detection Methods for Synthetic Images" (2024 benchmarking study) — The benchmark study documenting cross-model detector brittleness.
35. An, Yu, et al., "Benchmarking the Robustness of Image Watermarks" (2024) — Companion benchmark for watermark robustness across schemes.

Policy and regulation

36. Regulation (EU) 2024/1689 (EU AI Act) — The full text of the EU AI Act. Article 50 contains the provenance-relevant marking obligations. Official journal of the European Union.
37. EU AI Office Guidance — The European Commission's published guidance on AI Act implementation. Continues to be elaborated through 2026 and beyond.
38. California SB 942 (AI Transparency Act, 2024) — Full text available through the California Legislative Information system.
39. Take It Down Act (2025, federal) — Full text in the US Code. Federal statute on non-consensual intimate imagery including deepfakes.
40. NIST AI Risk Management Framework — The companion document for federal AI governance. Includes provenance-relevant guidance.

Adjacent standards

41. W3C Verifiable Credentials Data Model 2.0 — A general framework for cryptographically verifiable credentials. Architecturally related to C2PA, occasionally proposed as an alternative or complement.
42. W3C Decentralized Identifiers (DIDs) v1.0 — A standard for identifier schemes that do not require central registries. Has been proposed as an alternative trust model for C2PA-style signing.
43. Sigstore (specifications and implementation) — Open-source signing infrastructure for software supply chain. Architecturally similar to C2PA in some respects, particularly the ephemeral-signing pattern.