# ACT + ECT IETF Strategy

**Author**: Christian Nennemann
**Date**: 2026-04-12
**Status**: Active

---

## 1. Executive Summary

Two Internet-Drafts, one strategy: **ACT** (general) + **ECT** (WIMSE profile) as a complementary spec family for AI agent authorization and execution accountability.

**The window**: In the last 8 weeks, 14+ competing IETF individual drafts and 7+ high-relevance arXiv papers appeared. The space is crowding fast. **Ship -01/-02 within 2 weeks**; establish IETF 123 (July 2026) as the landing point.

**The position**: ACT is the only spec combining (a) two-phase JWT lifecycle, (b) DAG-based DAG predecessor structure, and (c) standards-track independence from proprietary agent frameworks. ECT is the only WIMSE-aligned execution-context spec.

---

## 2. Current State (What We Have)

### Artifacts in place

| Artifact | Location | Status |
|---|---|---|
| ACT draft | `packages/act/draft-nennemann-act-01.md` | -01, ready to review |
| ECT draft | `drafts/ietf-wimse-ect/draft-nennemann-wimse-ect.md` | -02, needs HTTP header update |
| ACT refimpl | `packages/act/` (ietf-act) | 103 tests pass, `pred` + Context rename done |
| ECT refimpl | `packages/ect/` (ietf-ect) | 56 tests pass, `inp_hash` bug fixed |
| ACT applicability section | In draft §1.5 | MCP, OpenAI, LangGraph, A2A, CrewAI, WIMSE-ECT |
| Diff doc vs Txn-Agents | `drafts/ietf-wimse-ect/DIFF-vs-txn-tokens-for-agents.md` | Done, ~1235 words |
| WIMSE mailing list email | `drafts/ietf-wimse-ect/wimse-intro-email.md` | Done, ~390 words |

### Recent completed work

- `par` → `pred` rename across ACT (spec alignment with ECT)
- "Agent Compact Token" → "Agent Context Token" rename (semantic alignment with ECT)
- Package restructure to `workspace/packages/{act,ect}/`
- ECT `inp_hash` format bug fix (removed `sha-256:` prefix)

---

## 3. Landscape (What Just Happened)

### Critical drafts published April 7–11, 2026

| Draft | Impact | Response |
|---|---|---|
| `draft-emirdag-scitt-ai-agent-execution-00` | SCITT profile for AgentInteractionRecord (AIR) | **Propose liaison**: ACT = lifecycle, AIR = anchor payload |
| `draft-oauth-transaction-tokens-for-agents-06` | Amazon's `actchain` competes with ACT's DAG | **Differentiate**: linear chain vs DAG (fork/join) |
| `draft-ietf-wimse-http-signature-03` | `Wimse-Audience` header **removed** → `wimse-aud` param | **Breaking change — fix ECT immediately** |
| `draft-ietf-oauth-transaction-tokens-08` | In WG Last Call → RFC imminent | Lock references before publication |
| `draft-ietf-scitt-architecture-22` | In AUTH48 → RFC imminent | Update SCITT refs to RFC number |

### Competitive arXiv papers (Mar–Apr 2026)

- **2603.24775 (AIP/IBCTs)** — closest technical competitor, JWT + Biscuit/Datalog, zero auth on ~2000 MCP servers
- **2604.02767 (SentinelAgent)** — formal Delegation Chain Calculus
- **2509.13597 (Agentic JWT)** — prior linear chain JWT
- **2603.23801 (AgentRFC — Composition Safety)** — theoretical grounding for DAG-level tracking

### Strategic openings

- `draft-ietf-wimse-arch-07 §3.3.9` — WG arch doc **already names AI/ML intermediaries as workloads**; ECT fills this gap
- **DAWN potential new WG** (`draft-king-dawn-requirements-00`, 2026-04-11) — agent discovery; ACT identity claims are natural payload
- **NIST/NCCoE Concept Paper** — US government validation of standards-first agent identity approach

---

## 4. Positioning Strategy

### The three-sentence pitch

> ACT is a two-phase JWT lifecycle — the authorization mandate transitions to a tamper-evident execution record, producing a cryptographically verifiable DAG of agent invocations. ECT is the WIMSE profile that binds ACT-style execution records to workload identity with assurance levels. Together they close the agent accountability gap that OAuth/WIMSE/SCITT leave partially open.

### Differentiation matrix

| Against | How ACT/ECT differ |
|---|---|
| `draft-oauth-transaction-tokens-for-agents` | Two-phase lifecycle (authorization → proof-of-execution), DAG (not linear `actchain`), works without AuthZ server |
| `draft-emirdag-scitt-ai-agent-execution` | Lifecycle layer complement, not competitor; ACT produces what AIR anchors |
| AIP/IBCTs (arXiv 2603.24775) | Standards-track IETF home; JWT-only (no Biscuit/Datalog complexity) |
| `draft-helixar-hdp-agentic-delegation` | JWT/JOSE-standard (vs raw JSON), DAG (vs linear), IETF path |
| SentinelAgent (arXiv 2604.02767) | Standards deployability (vs formal calculus) |
| Agentic JWT (arXiv 2509.13597) | Two-phase lifecycle; DAG vs linear chain |

### Non-goals (say this explicitly)

- ACT does not replace WIMSE WIT/WPT — it sits above
- ACT does not replace OAuth/Txn-Tokens — it profiles for agent semantics
- ACT does not require SCITT — but integrates cleanly with it
- ECT does not carry identity — it carries execution context

---

## 5. Action Plan

### Phase A — Urgent technical updates (this week)

- [ ] **A1**: Update ECT HTTP header section — replace `Wimse-Audience` with `wimse-aud` signature metadata parameter per `draft-ietf-wimse-http-signature-03`
- [ ] **A2**: Update SCITT references in ACT — point to `draft-ietf-scitt-architecture-22` (AUTH48); note RFC-to-be
- [ ] **A3**: Update Txn-Tokens references in ACT/ECT — lock to `draft-ietf-oauth-transaction-tokens-08`
- [ ] **A4**: Add "DAG vs linear chain" section to ACT — key technical differentiator
- [ ] **A5**: Add Related Work additions to ACT:
  - AIP/IBCTs (arXiv 2603.24775)
  - SentinelAgent (arXiv 2604.02767)
  - Agentic JWT (arXiv 2509.13597)
  - Txn-Tokens-for-Agents-06
  - HDP (`draft-helixar-hdp-agentic-delegation`)
- [ ] **A6**: Add Related Work additions to ECT:
  - WIMSE arch §3.3.9 (explicit)
  - Composition Safety (arXiv 2603.23801)
  - MIGT taxonomy (arXiv 2604.06148)
  - NIST/NCCoE Concept Paper
- [ ] **A7**: Commit all current work to git (workspace + research.ietf subrepo)

### Phase B — External engagement (next 1–2 weeks)

- [ ] **B1**: Email Emirdag (VERIDIC) — propose SCITT-AI + ACT liaison; coordinate AIR payload format with ACT execution-phase claims
- [ ] **B2**: Submit ACT -01 to datatracker
- [ ] **B3**: Submit ECT -02 to datatracker
- [ ] **B4**: Post ECT intro email to wimse@ietf.org with diff doc link
- [ ] **B5**: Post short response to OAuth WG on Txn-Tokens-for-Agents-06 — compare `actchain` (linear) vs ACT `pred` (DAG), offer as complementary not competitive
- [ ] **B6**: Request 10-min slot at IETF 123 WIMSE session (July 2026)
- [ ] **B7**: Track DAWN WG charter formation — if charters, submit positioning comment on how ACT identity claims serve discovery

### Phase C — IETF 123 preparation (May–June 2026)

- [ ] **C1**: Iterate ACT/ECT based on mailing list feedback
- [ ] **C2**: Prepare 10-min WIMSE slides (focus on: gap filled, relationship to adopted drafts, ECT's role in execution context propagation)
- [ ] **C3**: Prepare 5-min OAuth slot request if Txn-Tokens-for-Agents discussion opens
- [ ] **C4**: Reference implementation hardening: test vectors, interop with at least one other implementation

### Phase D — Post-IETF 123 (August 2026+)

- [ ] **D1**: Based on WIMSE reception: either iterate toward WG adoption or pivot to BoF-style workshop
- [ ] **D2**: If SCITT-AI liaison forms: draft joint implementation report
- [ ] **D3**: If DAWN charters: submit ACT positioning statement

---

## 6. Timeline

```
2026-04-12  Strategy finalized (today)
2026-04-12  Phase A starts
2026-04-19  Phase A complete, ACT-01 + ECT-02 submitted
2026-04-20  Phase B starts (WIMSE ML post + Emirdag outreach)
2026-05-01  All external engagement initiated
2026-07-xx  IETF 123 (target: WIMSE 10-min slot)
2026-08-xx  Post-IETF 123 review, decide WG adoption strategy
```

---

## 7. Risk Register

| Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|
| WIMSE WG rejects ECT as out-of-charter | Medium | High | Cite arch §3.3.9 explicitly; frame as charter-aligned |
| Amazon Txn-Tokens-for-Agents gets OAuth WG adoption first | High | Medium | Differentiate at DAG/lifecycle level; position as complementary layer |
| SCITT-AI (Emirdag) adopted, ACT seen as redundant | Medium | High | Proactive liaison; position as lifecycle vs anchoring |
| DAWN charters without ACT positioning | Medium | Medium | Submit positioning statement during charter review |
| 14+ competing drafts fragment the space | High | Medium | Focus on ACT's unique two-phase lifecycle; cite competitors as related work |
| Independent-submission path stalls for ACT | Medium | Medium | Keep ECT on WG-adoption path; ACT can stay independent longer if needed |

---

## 8. Success Criteria

### 30-day criteria
- ACT-01 + ECT-02 on datatracker
- WIMSE mailing list engagement (≥3 replies from chairs/contributors)
- Emirdag liaison conversation started

### 90-day criteria (IETF 123 timing)
- 10-minute WIMSE agenda slot secured
- ≥1 independent implementation of ACT or ECT outside our refimpl
- Referenced by at least 2 other drafts

### 180-day criteria
- WIMSE WG adoption call for ECT (or clear path to it)
- SCITT-AI joint profile or explicit coordination
- ACT independent submission moving toward RFC Editor queue

---

## 9. Dependencies and Open Decisions

### External dependencies
- `draft-ietf-scitt-architecture` → RFC (timing unknown, AUTH48 now)
- `draft-ietf-oauth-transaction-tokens-08` → RFC (WG Last Call now)
- `draft-ietf-wimse-http-signature` → needs breaking change propagated
- WIMSE WG charter interpretation (chairs' call)

### Open decisions (need user input)
- Approach to Emirdag: liaison email, co-authorship offer, or just citation?
- Publish refimpls to PyPI? (currently package names `ietf-act`/`ietf-ect` reserved but not published — **no publishing without explicit user approval**)
- Repo strategy: single monorepo, or split ACT/ECT into separate Git repos for separate draft homes?
- IETF 123 travel: attend in person or remote?

---

## 10. References

### Our work
- `packages/act/draft-nennemann-act-01.md`
- `drafts/ietf-wimse-ect/draft-nennemann-wimse-ect.md` (docname -02)
- `drafts/ietf-wimse-ect/DIFF-vs-txn-tokens-for-agents.md`
- `drafts/ietf-wimse-ect/wimse-intro-email.md`

### Key competing/complementary drafts
- draft-oauth-transaction-tokens-for-agents-06 (Raut/Amazon)
- draft-emirdag-scitt-ai-agent-execution-00 (VERIDIC)
- draft-helixar-hdp-agentic-delegation-00
- draft-king-dawn-requirements-00 (potential new WG)
- draft-ietf-wimse-arch-07 (cite §3.3.9)
- draft-ietf-wimse-http-signature-03 (breaking change)

### Key arXiv references
- 2603.24775 — AIP / IBCTs
- 2604.02767 — SentinelAgent
- 2603.23801 — AgentRFC (Composition Safety)
- 2509.13597 — Agentic JWT
- 2604.06148 — MIGT taxonomy