c/ietf-wimse-ect
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clean up section titles and fix transaction tokens draft reference

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Nennemann
2026-02-24 21:29:29 +01:00
parent 821a7f4570
commit a263d8c201
4 changed files with 909 additions and 842 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
draft-nennemann-wimse-execution-context-00.html
View File

@@ -1383,28 +1383,25 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
<p id="section-toc.1-1.4.2.2.1"><a href="#section-4.2" class="auto internal xref">4.2</a>.  <a href="#name-jwt-claims" class="internal xref">JWT Claims</a></p>
<ul class="compact toc ulBare ulEmpty">
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.1">
<p id="section-toc.1-1.4.2.2.2.1.1"><a href="#section-4.2.1" class="auto internal xref">4.2.1</a>.  <a href="#name-wimse-compatible-claims" class="internal xref">WIMSE-Compatible Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.1.1"><a href="#section-4.2.1" class="auto internal xref">4.2.1</a>.  <a href="#name-standard-jwt-claims" class="internal xref">Standard JWT Claims</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.2">
<p id="section-toc.1-1.4.2.2.2.2.1"><a href="#section-4.2.2" class="auto internal xref">4.2.2</a>.  <a href="#name-execution-context-claims" class="internal xref">Execution Context Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.2.1"><a href="#section-4.2.2" class="auto internal xref">4.2.2</a>.  <a href="#name-execution-context" class="internal xref">Execution Context</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.3">
<p id="section-toc.1-1.4.2.2.2.3.1"><a href="#section-4.2.3" class="auto internal xref">4.2.3</a>.  <a href="#name-policy-claims" class="internal xref">Policy Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.3.1"><a href="#section-4.2.3" class="auto internal xref">4.2.3</a>.  <a href="#name-policy-evaluation" class="internal xref">Policy Evaluation</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.4">
<p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-data-integrity-claims" class="internal xref">Data Integrity Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-data-integrity" class="internal xref">Data Integrity</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.5">
<p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-operational-claims" class="internal xref">Operational Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-task-metadata" class="internal xref">Task Metadata</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.6">
<p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-witness-claims" class="internal xref">Witness Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.7">
<p id="section-toc.1-1.4.2.2.2.7.1"><a href="#section-4.2.7" class="auto internal xref">4.2.7</a>.  <a href="#name-compensation-claims" class="internal xref">Compensation Claims</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.8">
<p id="section-toc.1-1.4.2.2.2.8.1"><a href="#section-4.2.8" class="auto internal xref">4.2.8</a>.  <a href="#name-extension-claims" class="internal xref">Extension Claims</a></p>
<p id="section-toc.1-1.4.2.2.2.7.1"><a href="#section-4.2.7" class="auto internal xref">4.2.7</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
</li>
</ul>
</li>
@@ -1489,7 +1486,7 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
<p id="section-toc.1-1.10.2.2.1"><a href="#section-10.2" class="auto internal xref">10.2</a>.  <a href="#name-financial-trading-workflow" class="internal xref">Financial Trading Workflow</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.10.2.3">
<p id="section-toc.1-1.10.2.3.1"><a href="#section-10.3" class="auto internal xref">10.3</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
<p id="section-toc.1-1.10.2.3.1"><a href="#section-10.3" class="auto internal xref">10.3</a>.  <a href="#name-compensation-and-rollback-2" class="internal xref">Compensation and Rollback</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.10.2.4">
<p id="section-toc.1-1.10.2.4.1"><a href="#section-10.4" class="auto internal xref">10.4</a>.  <a href="#name-autonomous-logistics-coordi" class="internal xref">Autonomous Logistics Coordination</a></p>
@@ -2101,10 +2098,10 @@ correct public key for signature verification.<a href="#section-4.1-3.6.1" class
</h3>
<p id="section-4.2-1">The ECT payload contains both WIMSE-compatible standard JWT claims
and execution context claims defined by this specification.<a href="#section-4.2-1" class="pilcrow"></a></p>
<div id="wimse-compatible-claims">
<div id="standard-jwt-claims">
<section id="section-4.2.1">
<h4 id="name-wimse-compatible-claims">
<a href="#section-4.2.1" class="section-number selfRef">4.2.1. </a><a href="#name-wimse-compatible-claims" class="section-name selfRef">WIMSE-Compatible Claims</a>
<h4 id="name-standard-jwt-claims">
<a href="#section-4.2.1" class="section-number selfRef">4.2.1. </a><a href="#name-standard-jwt-claims" class="section-name selfRef">Standard JWT Claims</a>
</h4>
<p id="section-4.2.1-1">The following standard JWT claims <span>[<a href="#RFC7519" class="cite xref">RFC7519</a>]</span> <span class="bcp14">MUST</span> be present in
every ECT:<a href="#section-4.2.1-1" class="pilcrow"></a></p>
@@ -2195,8 +2192,8 @@ ECTs issued by the same agent.<a href="#section-4.2.1-4.2.1" class="pilcrow">¶<
</div>
<div id="exec-claims">
<section id="section-4.2.2">
<h4 id="name-execution-context-claims">
<a href="#section-4.2.2" class="section-number selfRef">4.2.2. </a><a href="#name-execution-context-claims" class="section-name selfRef">Execution Context Claims</a>
<h4 id="name-execution-context">
<a href="#section-4.2.2" class="section-number selfRef">4.2.2. </a><a href="#name-execution-context" class="section-name selfRef">Execution Context</a>
</h4>
<p id="section-4.2.2-1">The following claims are defined by this specification:<a href="#section-4.2.2-1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.2-2">
@@ -2241,8 +2238,8 @@ multiple root tasks.<a href="#section-4.2.2-2.8.1" class="pilcrow">¶</a></p>
</div>
<div id="policy-claims">
<section id="section-4.2.3">
<h4 id="name-policy-claims">
<a href="#section-4.2.3" class="section-number selfRef">4.2.3. </a><a href="#name-policy-claims" class="section-name selfRef">Policy Claims</a>
<h4 id="name-policy-evaluation">
<a href="#section-4.2.3" class="section-number selfRef">4.2.3. </a><a href="#name-policy-evaluation" class="section-name selfRef">Policy Evaluation</a>
</h4>
<p id="section-4.2.3-1">The following claims record policy evaluation outcomes:<a href="#section-4.2.3-1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.3-2">
@@ -2310,8 +2307,8 @@ faithfully recorded in the ECT claims defined above.<a href="#section-4.2.3-3" c
</div>
<div id="data-integrity-claims">
<section id="section-4.2.4">
<h4 id="name-data-integrity-claims">
<a href="#section-4.2.4" class="section-number selfRef">4.2.4. </a><a href="#name-data-integrity-claims" class="section-name selfRef">Data Integrity Claims</a>
<h4 id="name-data-integrity">
<a href="#section-4.2.4" class="section-number selfRef">4.2.4. </a><a href="#name-data-integrity" class="section-name selfRef">Data Integrity</a>
</h4>
<p id="section-4.2.4-1">The following claims provide integrity verification for task
inputs and outputs without revealing the data itself:<a href="#section-4.2.4-1" class="pilcrow"></a></p>
@@ -2347,10 +2344,11 @@ input (e.g., "public", "confidential", "restricted").<a href="#section-4.2.4-2.6
</div>
<div id="operational-claims">
<section id="section-4.2.5">
<h4 id="name-operational-claims">
<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-operational-claims" class="section-name selfRef">Operational Claims</a>
<h4 id="name-task-metadata">
<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-task-metadata" class="section-name selfRef">Task Metadata</a>
</h4>
<p id="section-4.2.5-1">The following claims provide additional operational context:<a href="#section-4.2.5-1" class="pilcrow"></a></p>
<p id="section-4.2.5-1">The following claims provide additional context about task
execution:<a href="#section-4.2.5-1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.5-2">
<dt id="section-4.2.5-2.1">exec_time_ms:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.2">
@@ -2371,18 +2369,9 @@ Values registry (<a href="#regulated-domain-registry" class="auto internal xref"
used to perform the task, if applicable.<a href="#section-4.2.5-2.6.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
</section>
</div>
<div id="witness-claims">
<section id="section-4.2.6">
<h4 id="name-witness-claims">
<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-witness-claims" class="section-name selfRef">Witness Claims</a>
</h4>
<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
<dt id="section-4.2.6-1.1">witnessed_by:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
<p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>. Array of StringOrURI. Identifiers of third-party
<dt id="section-4.2.5-2.7">witnessed_by:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.8">
<p id="section-4.2.5-2.8.1"><span class="bcp14">OPTIONAL</span>. Array of StringOrURI. Identifiers of third-party
entities that the issuing agent claims observed or attested to
the execution of this task. When present, each element <span class="bcp14">SHOULD</span>
use SPIFFE ID format. Note that this claim is self-asserted by
@@ -2393,59 +2382,59 @@ signed ECTs to the ledger attesting to their observation (see
implementations <span class="bcp14">SHOULD</span> use witness attestation for critical
decision points to mitigate the risk of single-agent false
claims. See also <a href="#self-assertion-limitation" class="auto internal xref">Section 11.2</a> for the security
implications of self-asserted witness claims.<a href="#section-4.2.6-1.2.1" class="pilcrow"></a></p>
implications of self-asserted witness claims.<a href="#section-4.2.5-2.8.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
</section>
</div>
<div id="compensation-claims">
<section id="section-4.2.7">
<h4 id="name-compensation-claims">
<a href="#section-4.2.7" class="section-number selfRef">4.2.7. </a><a href="#name-compensation-claims" class="section-name selfRef">Compensation Claims</a>
<section id="section-4.2.6">
<h4 id="name-compensation-and-rollback">
<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
</h4>
<span class="break"></span><dl class="dlParallel" id="section-4.2.7-1">
<dt id="section-4.2.7-1.1">compensation_required:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.7-1.2">
<p id="section-4.2.7-1.2.1"><span class="bcp14">OPTIONAL</span>. Boolean. Indicates whether this task is a
compensation or rollback action for a previous task.<a href="#section-4.2.7-1.2.1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
<dt id="section-4.2.6-1.1">compensation_required:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
<p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>. Boolean. Indicates whether this task is a
compensation or rollback action for a previous task.<a href="#section-4.2.6-1.2.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.7-1.3">compensation_reason:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.7-1.4">
<p id="section-4.2.7-1.4.1"><span class="bcp14">OPTIONAL</span>. String. A human-readable reason for the compensation
<dt id="section-4.2.6-1.3">compensation_reason:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.4">
<p id="section-4.2.6-1.4.1"><span class="bcp14">OPTIONAL</span>. String. A human-readable reason for the compensation
action. <span class="bcp14">MUST</span> be present if "compensation_required" is true.
Values <span class="bcp14">SHOULD</span> use structured identifiers (e.g.,
"policy_violation_in_parent_trade") rather than free-form text
to minimize the risk of embedding sensitive information. See
<a href="#data-minimization" class="auto internal xref">Section 12.2</a> for privacy guidance.
If "compensation_reason" is present, "compensation_required"
<span class="bcp14">MUST</span> be true.<a href="#section-4.2.7-1.4.1" class="pilcrow"></a></p>
<span class="bcp14">MUST</span> be true.<a href="#section-4.2.6-1.4.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
<p id="section-4.2.7-2">Note: compensation ECTs reference historical parent tasks via the
<p id="section-4.2.6-2">Note: compensation ECTs reference historical parent tasks via the
"par" claim. The referenced parent ECTs may have passed their own
"exp" time; ECT expiration applies to the verification window of
the ECT itself, not to its validity as a parent reference in the
ledger.<a href="#section-4.2.7-2" class="pilcrow"></a></p>
ledger.<a href="#section-4.2.6-2" class="pilcrow"></a></p>
</section>
</div>
<div id="extension-claims">
<section id="section-4.2.8">
<h4 id="name-extension-claims">
<a href="#section-4.2.8" class="section-number selfRef">4.2.8. </a><a href="#name-extension-claims" class="section-name selfRef">Extension Claims</a>
<section id="section-4.2.7">
<h4 id="name-extensions">
<a href="#section-4.2.7" class="section-number selfRef">4.2.7. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
</h4>
<span class="break"></span><dl class="dlParallel" id="section-4.2.8-1">
<dt id="section-4.2.8-1.1">ext:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.8-1.2">
<p id="section-4.2.8-1.2.1"><span class="bcp14">OPTIONAL</span>. Object. An extension object for domain-specific
<span class="break"></span><dl class="dlParallel" id="section-4.2.7-1">
<dt id="section-4.2.7-1.1">ext:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.7-1.2">
<p id="section-4.2.7-1.2.1"><span class="bcp14">OPTIONAL</span>. Object. An extension object for domain-specific
claims not defined by this specification. Implementations
that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.8-1.2.1" class="pilcrow"></a></p>
that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.7-1.2.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
<p id="section-4.2.8-2">To avoid key collisions between different domains, extension
<p id="section-4.2.7-2">To avoid key collisions between different domains, extension
key names <span class="bcp14">MUST</span> use reverse domain notation (e.g.,
"com.example.custom_field"). Implementations <span class="bcp14">MUST NOT</span> use
unqualified key names within the "ext" object. To prevent
@@ -2453,7 +2442,7 @@ abuse and excessive token size, the serialized JSON
representation of the "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096
bytes, and the JSON nesting depth within the "ext" object
<span class="bcp14">SHOULD NOT</span> exceed 5 levels. Implementations <span class="bcp14">SHOULD</span> reject
ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.8-2" class="pilcrow"></a></p>
ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.7-2" class="pilcrow"></a></p>
</section>
</div>
</section>
@@ -3261,8 +3250,8 @@ systems.<a href="#section-10.2-4.3.1" class="pilcrow">¶</a></p>
</div>
<div id="compensation-and-rollback">
<section id="section-10.3">
<h3 id="name-compensation-and-rollback">
<a href="#section-10.3" class="section-number selfRef">10.3. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
<h3 id="name-compensation-and-rollback-2">
<a href="#section-10.3" class="section-number selfRef">10.3. </a><a href="#name-compensation-and-rollback-2" class="section-name selfRef">Compensation and Rollback</a>
</h3>
<p id="section-10.3-1">When a compliance violation is discovered after execution, ECTs
provide a mechanism to record authorized compensation actions with
@@ -3654,7 +3643,7 @@ array to a maximum of 256 entries. Workflows requiring more
parent references <span class="bcp14">SHOULD</span> introduce intermediate aggregation
tasks. The "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096 bytes when
serialized as JSON and <span class="bcp14">SHOULD NOT</span> exceed a nesting depth of
5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.8</a>).<a href="#section-11.11-1" class="pilcrow"></a></p>
5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>).<a href="#section-11.11-1" class="pilcrow"></a></p>
</section>
</div>
</section>
@@ -3713,7 +3702,7 @@ The "exec_act" claim <span class="bcp14">SHOULD</span> use structured identifier
"process_payment") rather than natural language descriptions.
The "pol" claim <span class="bcp14">SHOULD</span> reference policy identifiers rather than
embedding policy content.<a href="#section-12.2-1" class="pilcrow"></a></p>
<p id="section-12.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.7</a>)
<p id="section-12.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>)
deserves particular attention: because it is human-readable and
may describe the circumstances of a failure or policy violation,
it risks exposing sensitive operational details. Implementations
@@ -3998,7 +3987,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-13.3-1
<td class="text-left" rowspan="1" colspan="1">Witness Identities</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#witness-claims" class="auto internal xref">Section 4.2.6</a>
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
@@ -4022,7 +4011,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-13.3-1
<td class="text-left" rowspan="1" colspan="1">Compensation Flag</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#compensation-claims" class="auto internal xref">Section 4.2.7</a>
<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
</td>
</tr>
<tr>
@@ -4030,7 +4019,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-13.3-1
<td class="text-left" rowspan="1" colspan="1">Compensation Reason</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#compensation-claims" class="auto internal xref">Section 4.2.7</a>
<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
</td>
</tr>
<tr>
@@ -4038,7 +4027,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-13.3-1
<td class="text-left" rowspan="1" colspan="1">Extension Object</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#extension-claims" class="auto internal xref">Section 4.2.8</a>
<a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>
</td>
</tr>
</tbody>
@@ -4238,10 +4227,6 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
<dd>
<span class="refAuthor">Tulshibagwale, A.</span>, <span class="refAuthor">Fletcher, G.</span>, and <span class="refAuthor">P. Kasselman</span>, <span class="refTitle">"Transaction Tokens"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-oauth-transaction-tokens-07</span>, <time datetime="2026-01-24" class="refDate">24 January 2026</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-oauth-transaction-tokens-07">https://datatracker.ietf.org/doc/html/draft-ietf-oauth-transaction-tokens-07</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="I-D.ietf-oauth-transaction-tokens-for-agents">[I-D.ietf-oauth-transaction-tokens-for-agents]</dt>
<dd>
<span class="refTitle">"*** BROKEN REFERENCE ***"</span>. </dd>
<dd class="break"></dd>
<dt id="I-D.ietf-scitt-architecture">[I-D.ietf-scitt-architecture]</dt>
<dd>
<span class="refAuthor">Birkholz, H.</span>, <span class="refAuthor">Delignat-Lavaud, A.</span>, <span class="refAuthor">Fournet, C.</span>, <span class="refAuthor">Deshpande, Y.</span>, and <span class="refAuthor">S. Lasker</span>, <span class="refTitle">"An Architecture for Trustworthy and Transparent Digital Supply Chains"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-scitt-architecture-22</span>, <time datetime="2025-10-10" class="refDate">10 October 2025</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-scitt-architecture-22">https://datatracker.ietf.org/doc/html/draft-ietf-scitt-architecture-22</a>&gt;</span>. </dd>
@@ -4250,6 +4235,10 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
<dd>
<span class="refAuthor">Yuan, N.</span> and <span class="refAuthor">P. C. Liu</span>, <span class="refTitle">"WIMSE Applicability for AI Agents"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ni-wimse-ai-agent-identity-01</span>, <time datetime="2025-10-20" class="refDate">20 October 2025</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ni-wimse-ai-agent-identity-01">https://datatracker.ietf.org/doc/html/draft-ni-wimse-ai-agent-identity-01</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="I-D.oauth-transaction-tokens-for-agents">[I-D.oauth-transaction-tokens-for-agents]</dt>
<dd>
<span class="refAuthor">Raut, A.</span>, <span class="refTitle">"Transaction Tokens For Agents"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-oauth-transaction-tokens-for-agents-04</span>, <time datetime="2026-02-10" class="refDate">10 February 2026</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-oauth-transaction-tokens-for-agents-04">https://datatracker.ietf.org/doc/html/draft-oauth-transaction-tokens-for-agents-04</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="MIFID-II">[MIFID-II]</dt>
<dd>
<span class="refAuthor">European Parliament and Council of the European Union</span>, <span class="refTitle">"Directive 2014/65/EU of the European Parliament and of the Council on markets in financial instruments (MiFID II)"</span>, <time datetime="2014-05-15" class="refDate">15 May 2014</time>, <span>&lt;<a href="https://eur-lex.europa.eu/eli/dir/2014/65">https://eur-lex.europa.eu/eli/dir/2014/65</a>&gt;</span>. </dd>
@@ -4350,7 +4339,7 @@ no policy evaluation outcomes, and no execution content.<a href="#appendix-A.3-3
</li>
</ul>
<p id="appendix-A.3-4">Extensions for agentic use cases
(<span>[<a href="#I-D.ietf-oauth-transaction-tokens-for-agents" class="cite xref">I-D.ietf-oauth-transaction-tokens-for-agents</a>]</span>) add agent
(<span>[<a href="#I-D.oauth-transaction-tokens-for-agents" class="cite xref">I-D.oauth-transaction-tokens-for-agents</a>]</span>) add agent
identity and constraints ("agentic_ctx") but no execution
ordering or DAG structure.<a href="#appendix-A.3-4" class="pilcrow"></a></p>
<p id="appendix-A.3-5">ECTs and Transaction Tokens are complementary: a Txn-Token

25
draft-nennemann-wimse-execution-context-00.md
View File

@@ -80,7 +80,7 @@ informative:
- org: Cloud Native Computing Foundation
I-D.ietf-scitt-architecture:
I-D.ietf-oauth-transaction-tokens:
I-D.ietf-oauth-transaction-tokens-for-agents:
I-D.oauth-transaction-tokens-for-agents:
--- abstract
@@ -399,7 +399,7 @@ kid:
The ECT payload contains both WIMSE-compatible standard JWT claims
and execution context claims defined by this specification.
### WIMSE-Compatible Claims
### Standard JWT Claims
The following standard JWT claims {{RFC7519}} MUST be present in
every ECT:
@@ -468,7 +468,7 @@ jti:
expiration window. The "jti" value MUST be unique across all
ECTs issued by the same agent.
### Execution Context Claims {#exec-claims}
### Execution Context {#exec-claims}
The following claims are defined by this specification:
@@ -500,7 +500,7 @@ par:
a root task with no dependencies. A workflow MAY contain
multiple root tasks.
### Policy Claims {#policy-claims}
### Policy Evaluation {#policy-claims}
The following claims record policy evaluation outcomes:
@@ -552,7 +552,7 @@ use any policy engine or framework (e.g., OPA/Rego, Cedar, XACML,
or custom solutions) provided that the evaluation outcome is
faithfully recorded in the ECT claims defined above.
### Data Integrity Claims {#data-integrity-claims}
### Data Integrity {#data-integrity-claims}
The following claims provide integrity verification for task
inputs and outputs without revealing the data itself:
@@ -577,9 +577,10 @@ inp_classification:
: OPTIONAL. String. The data sensitivity classification of the
input (e.g., "public", "confidential", "restricted").
### Operational Claims {#operational-claims}
### Task Metadata {#operational-claims}
The following claims provide additional operational context:
The following claims provide additional context about task
execution:
exec_time_ms:
: OPTIONAL. Integer. The execution duration of the task in
@@ -594,8 +595,6 @@ model_version:
: OPTIONAL. String. The version identifier of the AI or ML model
used to perform the task, if applicable.
### Witness Claims {#witness-claims}
witnessed_by:
: OPTIONAL. Array of StringOrURI. Identifiers of third-party
entities that the issuing agent claims observed or attested to
@@ -610,7 +609,7 @@ witnessed_by:
claims. See also {{self-assertion-limitation}} for the security
implications of self-asserted witness claims.
### Compensation Claims {#compensation-claims}
### Compensation and Rollback {#compensation-claims}
compensation_required:
: OPTIONAL. Boolean. Indicates whether this task is a
@@ -632,7 +631,7 @@ Note: compensation ECTs reference historical parent tasks via the
the ECT itself, not to its validity as a parent reference in the
ledger.
### Extension Claims {#extension-claims}
### Extensions {#extension-claims}
ext:
: OPTIONAL. Object. An extension object for domain-specific
@@ -1685,7 +1684,7 @@ the "JSON Web Token Claims" registry maintained by IANA:
| out_hash | Output Data Hash | IETF | {{data-integrity-claims}} |
| inp_classification | Input Data Classification | IETF | {{data-integrity-claims}} |
| exec_time_ms | Execution Time (ms) | IETF | {{operational-claims}} |
| witnessed_by | Witness Identities | IETF | {{witness-claims}} |
| witnessed_by | Witness Identities | IETF | {{operational-claims}} |
| regulated_domain | Regulatory Domain | IETF | {{operational-claims}} |
| model_version | AI/ML Model Version | IETF | {{operational-claims}} |
| compensation_required | Compensation Flag | IETF | {{compensation-claims}} |
@@ -1782,7 +1781,7 @@ However, "req_wl" cannot form a DAG because:
no policy evaluation outcomes, and no execution content.
Extensions for agentic use cases
({{I-D.ietf-oauth-transaction-tokens-for-agents}}) add agent
({{I-D.oauth-transaction-tokens-for-agents}}) add agent
identity and constraints ("agentic_ctx") but no execution
ordering or DAG structure.

384
draft-nennemann-wimse-execution-context-00.txt
View File

@@ -87,14 +87,13 @@ Table of Contents
4. Execution Context Token Format . . . . . . . . . . . . . . . 9
4.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . . . 9
4.2. JWT Claims . . . . . . . . . . . . . . . . . . . . . . . 10
4.2.1. WIMSE-Compatible Claims . . . . . . . . . . . . . . . 10
4.2.2. Execution Context Claims . . . . . . . . . . . . . . 11
4.2.3. Policy Claims . . . . . . . . . . . . . . . . . . . . 12
4.2.4. Data Integrity Claims . . . . . . . . . . . . . . . . 13
4.2.5. Operational Claims . . . . . . . . . . . . . . . . . 13
4.2.6. Witness Claims . . . . . . . . . . . . . . . . . . . 14
4.2.7. Compensation Claims . . . . . . . . . . . . . . . . . 14
4.2.8. Extension Claims . . . . . . . . . . . . . . . . . . 14
4.2.1. Standard JWT Claims . . . . . . . . . . . . . . . . . 10
4.2.2. Execution Context . . . . . . . . . . . . . . . . . . 11
4.2.3. Policy Evaluation . . . . . . . . . . . . . . . . . . 12
4.2.4. Data Integrity . . . . . . . . . . . . . . . . . . . 13
4.2.5. Task Metadata . . . . . . . . . . . . . . . . . . . . 13
4.2.6. Compensation and Rollback . . . . . . . . . . . . . . 14
4.2.7. Extensions . . . . . . . . . . . . . . . . . . . . . 14
4.3. Complete ECT Example . . . . . . . . . . . . . . . . . . 15
5. HTTP Header Transport . . . . . . . . . . . . . . . . . . . . 15
5.1. Execution-Context Header Field . . . . . . . . . . . . . 15
@@ -106,6 +105,7 @@ Table of Contents
7.1. Verification Procedure . . . . . . . . . . . . . . . . . 19
7.2. Verification Pseudocode . . . . . . . . . . . . . . . . . 20
8. Operational Modes . . . . . . . . . . . . . . . . . . . . . . 22
8.1. Point-to-Point Mode . . . . . . . . . . . . . . . . . . . 22
@@ -114,7 +114,6 @@ Nennemann Expires 28 August 2026 [Page 2]
Internet-Draft WIMSE Execution Context February 2026
8.1. Point-to-Point Mode . . . . . . . . . . . . . . . . . . . 22
8.2. Deferred Ledger Mode . . . . . . . . . . . . . . . . . . 23
8.3. Full Ledger Mode . . . . . . . . . . . . . . . . . . . . 23
9. Audit Ledger Interface . . . . . . . . . . . . . . . . . . . 23
@@ -158,10 +157,11 @@ Internet-Draft WIMSE Execution Context February 2026
WIMSE Workload Identity . . . . . . . . . . . . . . . . . . . . 42
OAuth 2.0 Token Exchange and the "act" Claim . . . . . . . . . 42
Transaction Tokens . . . . . . . . . . . . . . . . . . . . . . 43
Distributed Tracing (OpenTelemetry) . . . . . . . . . . . . . . 43
Distributed Tracing (OpenTelemetry) . . . . . . . . . . . . . . 44
Blockchain and Distributed Ledgers . . . . . . . . . . . . . . 44
SCITT (Supply Chain Integrity, Transparency, and Trust) . . . . 44
W3C Verifiable Credentials . . . . . . . . . . . . . . . . . . 44
W3C Verifiable Credentials . . . . . . . . . . . . . . . . . . 45
Implementation Guidance . . . . . . . . . . . . . . . . . . . . . 45
@@ -170,18 +170,17 @@ Nennemann Expires 28 August 2026 [Page 3]
Internet-Draft WIMSE Execution Context February 2026
Implementation Guidance . . . . . . . . . . . . . . . . . . . . . 44
Minimal Implementation . . . . . . . . . . . . . . . . . . . . 44
Minimal Implementation . . . . . . . . . . . . . . . . . . . . 45
Storage Recommendations . . . . . . . . . . . . . . . . . . . . 45
Performance Considerations . . . . . . . . . . . . . . . . . . 45
Interoperability . . . . . . . . . . . . . . . . . . . . . . . 45
Interoperability . . . . . . . . . . . . . . . . . . . . . . . 46
Regulatory Compliance Mapping . . . . . . . . . . . . . . . . . . 46
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Example 1: Simple Two-Agent Workflow . . . . . . . . . . . . . 46
Example 2: Medical Device SDLC with Release Approval . . . . . 48
Example 3: Parallel Execution with Join . . . . . . . . . . . . 51
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Example 1: Simple Two-Agent Workflow . . . . . . . . . . . . . 47
Example 2: Medical Device SDLC with Release Approval . . . . . 49
Example 3: Parallel Execution with Join . . . . . . . . . . . . 52
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 52
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 52
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 53
1. Introduction
@@ -221,6 +220,7 @@ Internet-Draft WIMSE Execution Context February 2026
Nennemann Expires 28 August 2026 [Page 4]
Internet-Draft WIMSE Execution Context February 2026
@@ -525,7 +525,7 @@ Internet-Draft WIMSE Execution Context February 2026
The ECT payload contains both WIMSE-compatible standard JWT claims
and execution context claims defined by this specification.
4.2.1. WIMSE-Compatible Claims
4.2.1. Standard JWT Claims
The following standard JWT claims [RFC7519] MUST be present in every
ECT:
@@ -595,7 +595,7 @@ Internet-Draft WIMSE Execution Context February 2026
expiration window. The "jti" value MUST be unique across all ECTs
issued by the same agent.
4.2.2. Execution Context Claims
4.2.2. Execution Context
The following claims are defined by this specification:
@@ -629,7 +629,7 @@ Internet-Draft WIMSE Execution Context February 2026
task with no dependencies. A workflow MAY contain multiple root
tasks.
4.2.3. Policy Claims
4.2.3. Policy Evaluation
The following claims record policy evaluation outcomes:
@@ -684,7 +684,7 @@ Internet-Draft WIMSE Execution Context February 2026
provided that the evaluation outcome is faithfully recorded in the
ECT claims defined above.
4.2.4. Data Integrity Claims
4.2.4. Data Integrity
The following claims provide integrity verification for task inputs
and outputs without revealing the data itself:
@@ -708,9 +708,9 @@ Internet-Draft WIMSE Execution Context February 2026
classification of the input (e.g., "public", "confidential",
"restricted").
4.2.5. Operational Claims
4.2.5. Task Metadata
The following claims provide additional operational context:
The following claims provide additional context about task execution:
exec_time_ms: OPTIONAL. Integer. The execution duration of the
task in milliseconds. MUST be a non-negative integer.
@@ -730,8 +730,6 @@ Nennemann Expires 28 August 2026 [Page 13]
Internet-Draft WIMSE Execution Context February 2026
4.2.6. Witness Claims
witnessed_by: OPTIONAL. Array of StringOrURI. Identifiers of
third-party entities that the issuing agent claims observed or
attested to the execution of this task. When present, each
@@ -745,7 +743,7 @@ Internet-Draft WIMSE Execution Context February 2026
See also Section 11.2 for the security implications of self-
asserted witness claims.
4.2.7. Compensation Claims
4.2.6. Compensation and Rollback
compensation_required: OPTIONAL. Boolean. Indicates whether this
task is a compensation or rollback action for a previous task.
@@ -764,7 +762,7 @@ Internet-Draft WIMSE Execution Context February 2026
"exp" time; ECT expiration applies to the verification window of the
ECT itself, not to its validity as a parent reference in the ledger.
4.2.8. Extension Claims
4.2.7. Extensions
ext: OPTIONAL. Object. An extension object for domain-specific
claims not defined by this specification. Implementations that do
@@ -781,6 +779,8 @@ Internet-Draft WIMSE Execution Context February 2026
Nennemann Expires 28 August 2026 [Page 14]
Internet-Draft WIMSE Execution Context February 2026
@@ -1874,7 +1874,7 @@ Internet-Draft WIMSE Execution Context February 2026
maximum of 256 entries. Workflows requiring more parent references
SHOULD introduce intermediate aggregation tasks. The "ext" object
SHOULD NOT exceed 4096 bytes when serialized as JSON and SHOULD NOT
exceed a nesting depth of 5 levels (see also Section 4.2.8).
exceed a nesting depth of 5 levels (see also Section 4.2.7).
12. Privacy Considerations
@@ -1918,7 +1918,7 @@ Internet-Draft WIMSE Execution Context February 2026
"pol" claim SHOULD reference policy identifiers rather than embedding
policy content.
The "compensation_reason" claim (Section 4.2.7) deserves particular
The "compensation_reason" claim (Section 4.2.6) deserves particular
attention: because it is human-readable and may describe the
circumstances of a failure or policy violation, it risks exposing
sensitive operational details. Implementations SHOULD use short,
@@ -2064,7 +2064,7 @@ Internet-Draft WIMSE Execution Context February 2026
| | (ms) | | 4.2.5 |
+-----------------------+-----------------+------------+-----------+
| witnessed_by | Witness | IETF | Section |
| | Identities | | 4.2.6 |
| | Identities | | 4.2.5 |
+-----------------------+-----------------+------------+-----------+
@@ -2081,13 +2081,13 @@ Internet-Draft WIMSE Execution Context February 2026
| | Version | | 4.2.5 |
+-----------------------+-----------------+------------+-----------+
| compensation_required | Compensation | IETF | Section |
| | Flag | | 4.2.7 |
| | Flag | | 4.2.6 |
+-----------------------+-----------------+------------+-----------+
| compensation_reason | Compensation | IETF | Section |
| | Reason | | 4.2.7 |
| | Reason | | 4.2.6 |
+-----------------------+-----------------+------------+-----------+
| ext | Extension | IETF | Section |
| | Object | | 4.2.8 |
| | Object | | 4.2.7 |
+-----------------------+-----------------+------------+-----------+
Table 1: JWT Claims Registrations
@@ -2259,9 +2259,6 @@ Internet-Draft WIMSE Execution Context February 2026
<https://datatracker.ietf.org/doc/html/draft-ietf-oauth-
transaction-tokens-07>.
[I-D.ietf-oauth-transaction-tokens-for-agents]
"*** BROKEN REFERENCE ***".
[I-D.ietf-scitt-architecture]
Birkholz, H., Delignat-Lavaud, A., Fournet, C., Deshpande,
Y., and S. Lasker, "An Architecture for Trustworthy and
@@ -2277,16 +2274,19 @@ Internet-Draft WIMSE Execution Context February 2026
<https://datatracker.ietf.org/doc/html/draft-ni-wimse-ai-
agent-identity-01>.
[I-D.oauth-transaction-tokens-for-agents]
Raut, A., "Transaction Tokens For Agents", Work in
Progress, Internet-Draft, draft-oauth-transaction-tokens-
for-agents-04, 10 February 2026,
<https://datatracker.ietf.org/doc/html/draft-oauth-
transaction-tokens-for-agents-04>.
[MIFID-II] European Parliament and Council of the European Union,
"Directive 2014/65/EU of the European Parliament and of
the Council on markets in financial instruments (MiFID
II)", 15 May 2014,
<https://eur-lex.europa.eu/eli/dir/2014/65>.
[OPENTELEMETRY]
Cloud Native Computing Foundation, "OpenTelemetry
Specification",
<https://opentelemetry.io/docs/specs/otel/>.
@@ -2298,6 +2298,11 @@ Nennemann Expires 28 August 2026 [Page 41]
Internet-Draft WIMSE Execution Context February 2026
[OPENTELEMETRY]
Cloud Native Computing Foundation, "OpenTelemetry
Specification",
<https://opentelemetry.io/docs/specs/otel/>.
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552,
DOI 10.17487/RFC3552, July 2003,
@@ -2341,11 +2346,6 @@ OAuth 2.0 Token Exchange and the "act" Claim
branching (fan-out) or convergence (fan-in) and therefore cannot form
a DAG.
ECTs intentionally use the distinct claim name "exec_act" for the
action/task type to avoid collision with the "act" claim. The two
concepts are orthogonal: "act" records "who authorized whom," ECTs
record "what was done, in what order, with what policy outcomes."
@@ -2354,6 +2354,11 @@ Nennemann Expires 28 August 2026 [Page 42]
Internet-Draft WIMSE Execution Context February 2026
ECTs intentionally use the distinct claim name "exec_act" for the
action/task type to avoid collision with the "act" claim. The two
concepts are orthogonal: "act" records "who authorized whom," ECTs
record "what was done, in what order, with what policy outcomes."
Transaction Tokens
OAuth Transaction Tokens [I-D.ietf-oauth-transaction-tokens]
@@ -2377,8 +2382,8 @@ Transaction Tokens
policy evaluation outcomes, and no execution content.
Extensions for agentic use cases
([I-D.ietf-oauth-transaction-tokens-for-agents]) add agent identity
and constraints ("agentic_ctx") but no execution ordering or DAG
([I-D.oauth-transaction-tokens-for-agents]) add agent identity and
constraints ("agentic_ctx") but no execution ordering or DAG
structure.
ECTs and Transaction Tokens are complementary: a Txn-Token propagates
@@ -2391,6 +2396,20 @@ Transaction Tokens
WPT to a co-present Txn-Token; a similar binding mechanism for ECTs
is a potential future extension.
Nennemann Expires 28 August 2026 [Page 43]
Internet-Draft WIMSE Execution Context February 2026
Distributed Tracing (OpenTelemetry)
OpenTelemetry [OPENTELEMETRY] and similar distributed tracing systems
@@ -2402,14 +2421,6 @@ Distributed Tracing (OpenTelemetry)
OpenTelemetry data is typically controlled by the platform operator
and can be modified or deleted without detection. ECTs and
distributed traces are complementary: traces provide observability
Nennemann Expires 28 August 2026 [Page 43]
Internet-Draft WIMSE Execution Context February 2026
while ECTs provide signed execution records. ECTs may reference
OpenTelemetry trace identifiers in the "ext" claim for correlation.
@@ -2442,6 +2453,19 @@ SCITT (Supply Chain Integrity, Transparency, and Trust)
Transparency Service identifiers or Receipt references for tighter
integration.
Nennemann Expires 28 August 2026 [Page 44]
Internet-Draft WIMSE Execution Context February 2026
W3C Verifiable Credentials
W3C Verifiable Credentials represent claims about subjects (e.g.,
@@ -2459,13 +2483,6 @@ Minimal Implementation
1. Create JWTs with all required claims ("iss", "aud", "iat", "exp",
"jti", "tid", "exec_act", "par", "pol", "pol_decision").
Nennemann Expires 28 August 2026 [Page 44]
Internet-Draft WIMSE Execution Context February 2026
2. Sign ECTs with the agent's private key using an algorithm
matching the WIT (ES256 recommended).
@@ -2498,6 +2515,13 @@ Performance Considerations
* DAG validation: O(V) where V is the number of reachable ancestor
nodes (typically small for shallow workflows).
Nennemann Expires 28 August 2026 [Page 45]
Internet-Draft WIMSE Execution Context February 2026
* JSON serialization: sub-millisecond per ECT.
* Total per-request overhead: approximately 5-10ms, acceptable for
@@ -2511,17 +2535,6 @@ Interoperability
expected to be tested against multiple JWT libraries to ensure
interoperability.
Nennemann Expires 28 August 2026 [Page 45]
Internet-Draft WIMSE Execution Context February 2026
Regulatory Compliance Mapping
The following table summarizes how ECTs can contribute to compliance
@@ -2529,6 +2542,42 @@ Regulatory Compliance Mapping
block; achieving compliance requires additional organizational
measures beyond this specification.
Nennemann Expires 28 August 2026 [Page 46]
Internet-Draft WIMSE Execution Context February 2026
+============+========================+==========================+
| Regulation | Requirement | ECT Contribution |
+============+========================+==========================+
@@ -2569,15 +2618,6 @@ Example 1: Simple Two-Agent Workflow
ECT JOSE Header:
Nennemann Expires 28 August 2026 [Page 46]
Internet-Draft WIMSE Execution Context February 2026
{
"alg": "ES256",
"typ": "wimse-exec+jwt",
@@ -2586,6 +2626,14 @@ Internet-Draft WIMSE Execution Context February 2026
ECT Payload:
Nennemann Expires 28 August 2026 [Page 47]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://example.com/agent/data-retrieval",
"sub": "spiffe://example.com/agent/data-retrieval",
@@ -2627,18 +2675,21 @@ Internet-Draft WIMSE Execution Context February 2026
The resulting DAG:
Nennemann Expires 28 August 2026 [Page 47]
Internet-Draft WIMSE Execution Context February 2026
task-...-0001 (fetch_patient_data)
|
v
task-...-0002 (validate_safety)
Nennemann Expires 28 August 2026 [Page 48]
Internet-Draft WIMSE Execution Context February 2026
Example 2: Medical Device SDLC with Release Approval
A multi-step medical device software lifecycle workflow with
@@ -2667,29 +2718,6 @@ Example 2: Medical Device SDLC with Release Approval
Task 2 (Code Generation Agent):
Nennemann Expires 28 August 2026 [Page 48]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://meddev.example/agent/code-gen",
"sub": "spiffe://meddev.example/agent/code-gen",
@@ -2709,6 +2737,15 @@ Internet-Draft WIMSE Execution Context February 2026
Task 3 (Autonomous Test Agent):
Nennemann Expires 28 August 2026 [Page 49]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://meddev.example/agent/test-runner",
"sub": "spiffe://meddev.example/agent/test-runner",
@@ -2728,24 +2765,6 @@ Internet-Draft WIMSE Execution Context February 2026
Task 4 (Build Agent):
Nennemann Expires 28 August 2026 [Page 49]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://meddev.example/agent/build",
"sub": "spiffe://meddev.example/agent/build",
@@ -2765,6 +2784,24 @@ Internet-Draft WIMSE Execution Context February 2026
Task 5 (Human Release Manager Approval):
Nennemann Expires 28 August 2026 [Page 50]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://meddev.example/human/release-mgr-42",
"sub": "spiffe://meddev.example/human/release-mgr-42",
@@ -2790,18 +2827,6 @@ Internet-Draft WIMSE Execution Context February 2026
build, and a human release manager approved the final release with
independent witness attestation.
Nennemann Expires 28 August 2026 [Page 50]
Internet-Draft WIMSE Execution Context February 2026
task-...-0001 (review_requirements_spec)
|
v
@@ -2822,6 +2847,17 @@ Internet-Draft WIMSE Execution Context February 2026
that the SDLC followed the prescribed process with human oversight at
the release gate.
Nennemann Expires 28 August 2026 [Page 51]
Internet-Draft WIMSE Execution Context February 2026
Example 3: Parallel Execution with Join
A workflow where two tasks execute in parallel and a third task
@@ -2839,25 +2875,6 @@ Example 3: Parallel Execution with Join
Task 004 ECT payload:
Nennemann Expires 28 August 2026 [Page 51]
Internet-Draft WIMSE Execution Context February 2026
{
"iss": "spiffe://bank.example/agent/execution",
"sub": "spiffe://bank.example/agent/execution",
@@ -2888,6 +2905,15 @@ Acknowledgments
Workload Identity Tokens and Workload Proof Tokens provide the
identity foundation upon which execution context tracing is built.
Nennemann Expires 28 August 2026 [Page 52]
Internet-Draft WIMSE Execution Context February 2026
Author's Address
Christian Nennemann
@@ -2909,4 +2935,34 @@ Author's Address
Nennemann Expires 28 August 2026 [Page 52]
Nennemann Expires 28 August 2026 [Page 53]

1205
draft-nennemann-wimse-execution-context-00.xml
View File

File diff suppressed because it is too large Load Diff