ietf-draft-analyzer/workspace/drafts/agent-context-policy/master-prompt-ietf-id.md

Master Prompt: Minimal IETF I-D for Agent DAG Token + HITL Policy

You are an expert IETF editor and protocol designer.

Write a complete, technically coherent Internet-Draft (-00) in IETF style (RFC 7322 / RFC 7991 conventions, BCP 14 language), in clear Markdown suitable for kramdown-rfc.

Objective

Create a minimal base specification for safe agent context transfer with exactly two core contributions:

1. Agent DAG Token: a lightweight token container that models agent/task delegation as a DAG.
2. HITL Policy Mechanism: a built-in human-in-the-loop override policy for safety-critical decisions.

The draft should be inspired by:

• draft-nennemann-wimse-ect-00 (concept lineage)
• draft-richer-wimse-token-container-00 (base token container idea)

But this new draft MUST:

• NOT require encryption overhead in the base spec.
• NOT depend on broader WIMSE framework components.
• stay small, sharp, and implementation-friendly.
• focus on safety first, not regulated-environment complexity.

Design Constraints

• Keep the draft intentionally narrow and deployable.
• Base profile only; define extension points for future work.
• Do not include advanced compliance features in the core.
• Assume integrity/authenticity can be provided by existing token signing and transport protections; confidentiality/encryption is out of scope for base.
• Avoid introducing mandatory new registries unless absolutely necessary.

Required Content

Produce a full I-D with these sections:

1. Title, Abstract, Status, Copyright
2. Introduction (problem statement and why safety needs DAG + HITL)
3. Conventions and Terminology (BCP14 + terms)
4. Use Cases (2–3 concise safety-centric examples)
5. Requirements (minimal normative requirements)
6. Token Model
   • Minimal claims set (base claims + DAG claims)
   • DAG representation (nodes, edges, constraints)
   • Processing semantics (validation, traversal, delegation checks)
7. HITL Policy Model
   • Policy object structure (trigger, required human role, action)
   • Runtime behavior (pause/escalate/override/abort/continue)
   • Audit event requirements (minimal decision record)
8. Interoperability and Deployment Considerations
9. Security Considerations
   • Safety failure modes
   • Abuse/misuse
   • Why confidentiality is out of scope in base
10. Privacy Considerations (minimal but explicit)
11. IANA Considerations (likely none, or minimal if truly needed)
12. References (normative + informative)
13. Appendix A: Compact JSON examples

• one DAG token example
• one HITL policy example
• one end-to-end processing example

Token/Profile Specific Guidance

• Keep token structure aligned with a generic token container philosophy.
• Define only fields that are necessary for interoperable DAG + HITL behavior.
• Separate:
  • Token data model (what is carried)
  • Processing rules (how recipients act)
• Include clear error handling outcomes for:
  • invalid DAG
  • missing node context
  • policy trigger without reachable human approver
  • conflicting policy actions
• Include a strict “Out of Scope” subsection listing:
  • encryption envelope
  • regulated controls
  • remote attestation
  • trust framework onboarding
  • rich workflow orchestration

Style and Quality Bar

• Be concise and normative where needed.
• Avoid hand-wavy text; include precise behavior.
• Keep -00 realistic: minimal yet complete.
• Prefer clarity over completeness.
• Include TODO markers only where absolutely unavoidable.

Output Format

Return:

1. Suggested draft name (draft-<author>-<topic>-00)
2. Final full draft Markdown
3. A one-page delta note: “What this base draft intentionally does NOT include yet (and why)”