Fix extension key prefix: io.wimse -> org.ietf.wimse

Use correct IETF reverse domain notation for spec-defined
extension keys within the ext object.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

draft-nennemann-wimse-execution-context-00.html

@@ -1397,13 +1397,10 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
                     <p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-data-integrity" class="internal xref">Data Integrity</a></p>
 </li>
                   <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.5">
-                    <p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-task-metadata" class="internal xref">Task Metadata</a></p>
+                    <p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
 </li>
                   <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.6">
-                    <p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
+                    <p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
-</li>
-                  <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.7">
-                    <p id="section-toc.1-1.4.2.2.2.7.1"><a href="#section-4.2.7" class="auto internal xref">4.2.7</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
 </li>
                 </ul>
 </li>
@@ -1544,9 +1541,6 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
 </li>
               <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.4">
                 <p id="section-toc.1-1.12.2.4.1"><a href="#section-12.4" class="auto internal xref">12.4</a>.  <a href="#name-ect-policy-decision-values-" class="internal xref">ECT Policy Decision Values Registry</a></p>
-</li>
-              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.5">
-                <p id="section-toc.1-1.12.2.5.1"><a href="#section-12.5" class="auto internal xref">12.5</a>.  <a href="#name-ect-regulated-domain-values" class="internal xref">ECT Regulated Domain Values Registry</a></p>
 </li>
             </ul>
 </li>
@@ -1656,7 +1650,7 @@ requirements were evaluated at each decision point.<a href="#section-1.1-2" clas
 coordinate across organizational boundaries.  Multiple regulatory
 frameworks — including <span>[<a href="#EU-AI-ACT" class="cite xref">EU-AI-ACT</a>]</span>, <span>[<a href="#FDA-21CFR11" class="cite xref">FDA-21CFR11</a>]</span>, <span>[<a href="#MIFID-II" class="cite xref">MIFID-II</a>]</span>,
 and <span>[<a href="#DORA" class="cite xref">DORA</a>]</span> — require structured, auditable records of automated
-decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 4</a> for a
+decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 3</a> for a
 detailed mapping).<a href="#section-1.1-3" class="pilcrow">¶</a></p>
 <p id="section-1.1-4">This document defines an extension to the WIMSE architecture that
 addresses the gap between workload identity and execution
@@ -2241,13 +2235,6 @@ audit trails.<a href="#section-4.2.3-2.4.3" class="pilcrow">¶</a></p>
               <p id="section-4.2.3-2.6.1"><span class="bcp14">OPTIONAL</span>.  StringOrURI.  The identity of the entity (system or
 person) that evaluated the policy decision.  When present,
 <span class="bcp14">SHOULD</span> use SPIFFE ID format.<a href="#section-4.2.3-2.6.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.3-2.7">pol_timestamp:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.3-2.8">
-              <p id="section-4.2.3-2.8.1"><span class="bcp14">OPTIONAL</span>.  NumericDate.  The time at which the policy decision
-was made.  When present, <span class="bcp14">MUST</span> be equal to or earlier than the
-"iat" claim.<a href="#section-4.2.3-2.8.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
@@ -2288,110 +2275,58 @@ computed over the raw octets of the input data.<a href="#section-4.2.4-2.2.1" cl
             <dd style="margin-left: 1.5em" id="section-4.2.4-2.4">
               <p id="section-4.2.4-2.4.1"><span class="bcp14">OPTIONAL</span>.  String.  A cryptographic hash of the output data,
 using the same format and algorithm requirements as "inp_hash".<a href="#section-4.2.4-2.4.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.4-2.5">inp_classification:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.4-2.6">
-              <p id="section-4.2.4-2.6.1"><span class="bcp14">OPTIONAL</span>.  String.  The data sensitivity classification of the
-input (e.g., "public", "confidential", "restricted").<a href="#section-4.2.4-2.6.1" class="pilcrow">¶</a></p>
-</dd>
-          <dd class="break"></dd>
-</dl>
-</section>
-</div>
-<div id="operational-claims">
-<section id="section-4.2.5">
-          <h4 id="name-task-metadata">
-<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-task-metadata" class="section-name selfRef">Task Metadata</a>
-          </h4>
-<p id="section-4.2.5-1">The following claims provide additional context about task
-execution:<a href="#section-4.2.5-1" class="pilcrow">¶</a></p>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.5-2">
-            <dt id="section-4.2.5-2.1">exec_time_ms:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.5-2.2">
-              <p id="section-4.2.5-2.2.1"><span class="bcp14">OPTIONAL</span>.  Integer.  The execution duration of the task in
-milliseconds.  <span class="bcp14">MUST</span> be a non-negative integer.<a href="#section-4.2.5-2.2.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.5-2.3">regulated_domain:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.5-2.4">
-              <p id="section-4.2.5-2.4.1"><span class="bcp14">OPTIONAL</span>.  String.  The regulatory domain applicable to this
-task.  Values <span class="bcp14">MUST</span> be registered in the ECT Regulated Domain
-Values registry (<a href="#regulated-domain-registry" class="auto internal xref">Section 12.5</a>).<a href="#section-4.2.5-2.4.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.5-2.5">model_version:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.5-2.6">
-              <p id="section-4.2.5-2.6.1"><span class="bcp14">OPTIONAL</span>.  String.  The version identifier of the AI or ML model
-used to perform the task, if applicable.<a href="#section-4.2.5-2.6.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.5-2.7">witnessed_by:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.5-2.8">
-              <p id="section-4.2.5-2.8.1"><span class="bcp14">OPTIONAL</span>.  Array of StringOrURI.  Identifiers of third-party
-entities that the issuing agent claims observed or attested to
-the execution of this task.  When present, each element <span class="bcp14">SHOULD</span>
-use SPIFFE ID format.  Note that this claim is self-asserted by
-the ECT issuer; witnesses listed here do not co-sign this ECT.
-For stronger assurance, witnesses <span class="bcp14">SHOULD</span> submit independent
-signed ECTs to the ledger attesting to their observation (see
-<a href="#witness-attestation-model" class="auto internal xref">Section 10.2.1</a>).  In regulated environments,
-implementations <span class="bcp14">SHOULD</span> use witness attestation for critical
-decision points to mitigate the risk of single-agent false
-claims.  See also <a href="#self-assertion-limitation" class="auto internal xref">Section 10.2</a> for the security
-implications of self-asserted witness claims.<a href="#section-4.2.5-2.8.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
 </section>
 </div>
 <div id="compensation-claims">
-<section id="section-4.2.6">
+<section id="section-4.2.5">
           <h4 id="name-compensation-and-rollback">
-<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
+<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
           </h4>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
+<span class="break"></span><dl class="dlParallel" id="section-4.2.5-1">
-            <dt id="section-4.2.6-1.1">compensation_required:</dt>
+            <dt id="section-4.2.5-1.1">compensation_required:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
+            <dd style="margin-left: 1.5em" id="section-4.2.5-1.2">
-              <p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>.  Boolean.  Indicates whether this task is a
+              <p id="section-4.2.5-1.2.1"><span class="bcp14">OPTIONAL</span>.  Boolean.  Indicates whether this task is a
-compensation or rollback action for a previous task.<a href="#section-4.2.6-1.2.1" class="pilcrow">¶</a></p>
+compensation or rollback action for a previous task.<a href="#section-4.2.5-1.2.1" class="pilcrow">¶</a></p>
 </dd>
             <dd class="break"></dd>
-<dt id="section-4.2.6-1.3">compensation_reason:</dt>
+<dt id="section-4.2.5-1.3">compensation_reason:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.6-1.4">
+            <dd style="margin-left: 1.5em" id="section-4.2.5-1.4">
-              <p id="section-4.2.6-1.4.1"><span class="bcp14">OPTIONAL</span>.  String.  A human-readable reason for the compensation
+              <p id="section-4.2.5-1.4.1"><span class="bcp14">OPTIONAL</span>.  String.  A human-readable reason for the compensation
 action.  <span class="bcp14">MUST</span> be present if "compensation_required" is true.
 Values <span class="bcp14">SHOULD</span> use structured identifiers (e.g.,
 "policy_violation_in_parent_trade") rather than free-form text
 to minimize the risk of embedding sensitive information.  See
 <a href="#data-minimization" class="auto internal xref">Section 11.2</a> for privacy guidance.
 If "compensation_reason" is present, "compensation_required"
-<span class="bcp14">MUST</span> be true.<a href="#section-4.2.6-1.4.1" class="pilcrow">¶</a></p>
+<span class="bcp14">MUST</span> be true.<a href="#section-4.2.5-1.4.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
-<p id="section-4.2.6-2">Note: compensation ECTs reference historical parent tasks via the
+<p id="section-4.2.5-2">Note: compensation ECTs reference historical parent tasks via the
 "par" claim.  The referenced parent ECTs may have passed their own
 "exp" time; ECT expiration applies to the verification window of
 the ECT itself, not to its validity as a parent reference in the
-ledger.<a href="#section-4.2.6-2" class="pilcrow">¶</a></p>
+ledger.<a href="#section-4.2.5-2" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="extension-claims">
-<section id="section-4.2.7">
+<section id="section-4.2.6">
           <h4 id="name-extensions">
-<a href="#section-4.2.7" class="section-number selfRef">4.2.7. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
+<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
           </h4>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.7-1">
+<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
-            <dt id="section-4.2.7-1.1">ext:</dt>
+            <dt id="section-4.2.6-1.1">ext:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.7-1.2">
+            <dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
-              <p id="section-4.2.7-1.2.1"><span class="bcp14">OPTIONAL</span>.  Object.  An extension object for domain-specific
+              <p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>.  Object.  An extension object for domain-specific
 claims not defined by this specification.  Implementations
-that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.7-1.2.1" class="pilcrow">¶</a></p>
+that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.6-1.2.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
-<p id="section-4.2.7-2">To avoid key collisions between different domains, extension
+<p id="section-4.2.6-2">To avoid key collisions between different domains, extension
 key names <span class="bcp14">MUST</span> use reverse domain notation (e.g.,
 "com.example.custom_field").  Implementations <span class="bcp14">MUST NOT</span> use
 unqualified key names within the "ext" object.  To prevent
@@ -2399,7 +2334,37 @@ abuse and excessive token size, the serialized JSON
 representation of the "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096
 bytes, and the JSON nesting depth within the "ext" object
 <span class="bcp14">SHOULD NOT</span> exceed 5 levels.  Implementations <span class="bcp14">SHOULD</span> reject
-ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.7-2" class="pilcrow">¶</a></p>
+ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.6-2" class="pilcrow">¶</a></p>
+<p id="section-4.2.6-3">The following extension keys are <span class="bcp14">RECOMMENDED</span> for common use
+cases.  These are not registered claims; they are carried
+within the "ext" object:<a href="#section-4.2.6-3" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-4.2.6-4.1">
+              <p id="section-4.2.6-4.1.1">"org.ietf.wimse.exec_time_ms": Integer.  Execution duration in
+milliseconds.<a href="#section-4.2.6-4.1.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-4.2.6-4.2">
+              <p id="section-4.2.6-4.2.1">"org.ietf.wimse.regulated_domain": String.  Regulatory domain
+(e.g., "medtech", "finance", "military").<a href="#section-4.2.6-4.2.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-4.2.6-4.3">
+              <p id="section-4.2.6-4.3.1">"org.ietf.wimse.model_version": String.  AI/ML model version.<a href="#section-4.2.6-4.3.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-4.2.6-4.4">
+              <p id="section-4.2.6-4.4.1">"org.ietf.wimse.witnessed_by": Array of StringOrURI.  Identifiers
+of third-party entities that the issuer claims observed the
+task.  Note: this is self-asserted; for verifiable witness
+attestation, witnesses should submit independent signed ECTs.<a href="#section-4.2.6-4.4.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-4.2.6-4.5">
+              <p id="section-4.2.6-4.5.1">"org.ietf.wimse.inp_classification": String.  Data sensitivity
+classification (e.g., "public", "confidential", "restricted").<a href="#section-4.2.6-4.5.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-4.2.6-4.6">
+              <p id="section-4.2.6-4.6.1">"org.ietf.wimse.pol_timestamp": NumericDate.  Time at which the
+policy decision was made, if distinct from "iat".<a href="#section-4.2.6-4.6.1" class="pilcrow">¶</a></p>
+</li>
+          </ul>
 </section>
 </div>
 </section>
@@ -2429,18 +2394,16 @@ ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.7-2" class="pi
   "pol": "clinical_reasoning_policy_v2",
   "pol_decision": "approved",
   "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-  "pol_timestamp": 1772064145,
 
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
-  "inp_classification": "confidential",
-  "exec_time_ms": 245,
-  "regulated_domain": "medtech",
-  "model_version": "clinical-reasoning-v4.2",
 
-  "witnessed_by": [
+  "ext": {
-    "spiffe://example.com/audit/observer-1"
+    "org.ietf.wimse.pol_timestamp": 1772064145,
-  ]
+    "org.ietf.wimse.exec_time_ms": 245,
+    "org.ietf.wimse.regulated_domain": "medtech",
+    "org.ietf.wimse.model_version": "clinical-reasoning-v4.2"
+  }
 }
 </pre>
 </div>
@@ -2918,7 +2881,7 @@ Human Release Manager:
   exec_act: approve_release
   pol: release_approval_policy   pol_decision: approved
   pol_enforcer: spiffe://meddev.example/human/release-mgr-42
-  witnessed_by: [spiffe://meddev.example/audit/qa-observer-1]
+  ext: {org.ietf.wimse.witnessed_by: [...]}  (extension metadata)
 </pre>
 </div>
 <figcaption><a href="#figure-8" class="selfRef">Figure 8</a>:
@@ -3202,22 +3165,23 @@ evaluating the policy).<a href="#section-10.2-1" class="pilcrow">¶</a></p>
         </ul>
 <p id="section-10.2-4">The trustworthiness of ECT claims depends on the trustworthiness
 of the signing agent.  To mitigate single-agent false claims,
-regulated environments <span class="bcp14">SHOULD</span> use the "witnessed_by" mechanism
+regulated environments <span class="bcp14">SHOULD</span> use the "org.ietf.wimse.witnessed_by"
-to include independent third-party observers at critical decision
+extension key (carried in "ext") to include independent
-points.  However, the "witnessed_by" claim is self-asserted by
+third-party observers at critical decision points.  However,
-the ECT issuer: the listed witnesses do not co-sign the ECT and
+this value is self-asserted by the ECT issuer: the listed
-there is no cryptographic evidence within a single ECT that the
+witnesses do not co-sign the ECT and there is no cryptographic
-witnesses actually observed the task.  An issuing agent could
+evidence within a single ECT that the witnesses actually
-list witnesses that did not participate.<a href="#section-10.2-4" class="pilcrow">¶</a></p>
+observed the task.  An issuing agent could list witnesses that
+did not participate.<a href="#section-10.2-4" class="pilcrow">¶</a></p>
 <div id="witness-attestation-model">
 <section id="section-10.2.1">
           <h4 id="name-witness-attestation-model">
 <a href="#section-10.2.1" class="section-number selfRef">10.2.1. </a><a href="#name-witness-attestation-model" class="section-name selfRef">Witness Attestation Model</a>
           </h4>
-<p id="section-10.2.1-1">To address the self-assertion limitation of the "witnessed_by"
+<p id="section-10.2.1-1">To address the self-assertion limitation of the
-claim, witnesses <span class="bcp14">SHOULD</span> submit their own independent signed ECTs
+"org.ietf.wimse.witnessed_by" extension, witnesses <span class="bcp14">SHOULD</span> submit their
-to the audit ledger attesting to the observed task.  A witness
+own independent signed ECTs to the audit ledger attesting to the
-attestation ECT:<a href="#section-10.2.1-1" class="pilcrow">¶</a></p>
+observed task.  A witness attestation ECT:<a href="#section-10.2.1-1" class="pilcrow">¶</a></p>
 <ul class="normal">
 <li class="normal" id="section-10.2.1-2.1">
               <p id="section-10.2.1-2.1.1"><span class="bcp14">MUST</span> set "iss" to the witness's own workload identity.<a href="#section-10.2.1-2.1.1" class="pilcrow">¶</a></p>
@@ -3235,11 +3199,11 @@ linking the attestation to the original task.<a href="#section-10.2.1-2.3.1" cla
 confirms the observation.<a href="#section-10.2.1-2.4.1" class="pilcrow">¶</a></p>
 </li>
           </ul>
-<p id="section-10.2.1-3">When a task's "witnessed_by" claim lists one or more witnesses,
+<p id="section-10.2.1-3">When a task's "org.ietf.wimse.witnessed_by" extension lists one or more
-auditors <span class="bcp14">SHOULD</span> verify that corresponding witness attestation
+witnesses, auditors <span class="bcp14">SHOULD</span> verify that corresponding witness
-ECTs exist in the ledger for each listed witness.  A mismatch
+attestation ECTs exist in the ledger for each listed witness.  A
-between the "witnessed_by" list and the set of independent witness
+mismatch between the extension value and the set of independent
-ECTs in the ledger <span class="bcp14">SHOULD</span> be flagged during audit review.<a href="#section-10.2.1-3" class="pilcrow">¶</a></p>
+witness ECTs in the ledger <span class="bcp14">SHOULD</span> be flagged during audit review.<a href="#section-10.2.1-3" class="pilcrow">¶</a></p>
 <p id="section-10.2.1-4">This model converts witness attestation from a self-asserted claim
 to a cryptographically verifiable property of the ledger: the
 witness independently signs their own ECT using their own key,
@@ -3387,8 +3351,8 @@ create a false execution history if they control the ledger.<a href="#section-10
 by an entity independent of the workflow agents.<a href="#section-10.8-3.1.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.8-3.2">
-            <p id="section-10.8-3.2.1">Witness attestation: Using the "witnessed_by" claim to include
+            <p id="section-10.8-3.2.1">Witness attestation: Using the "org.ietf.wimse.witnessed_by" extension
-independent third-party observers.<a href="#section-10.8-3.2.1" class="pilcrow">¶</a></p>
+key in "ext" to include independent third-party observers.<a href="#section-10.8-3.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.8-3.3">
             <p id="section-10.8-3.3.1">Cross-verification: Multiple independent ledger replicas can be
@@ -3448,7 +3412,7 @@ array to a maximum of 256 entries.  Workflows requiring more
 parent references <span class="bcp14">SHOULD</span> introduce intermediate aggregation
 tasks.  The "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096 bytes when
 serialized as JSON and <span class="bcp14">SHOULD NOT</span> exceed a nesting depth of
-5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>).<a href="#section-10.11-1" class="pilcrow">¶</a></p>
+5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>).<a href="#section-10.11-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 </section>
@@ -3507,7 +3471,7 @@ The "exec_act" claim <span class="bcp14">SHOULD</span> use structured identifier
 "process_payment") rather than natural language descriptions.
 The "pol" claim <span class="bcp14">SHOULD</span> reference policy identifiers rather than
 embedding policy content.<a href="#section-11.2-1" class="pilcrow">¶</a></p>
-<p id="section-11.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>)
+<p id="section-11.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>)
 deserves particular attention: because it is human-readable and
 may describe the circumstances of a failure or policy violation,
 it risks exposing sensitive operational details.  Implementations
@@ -3737,14 +3701,6 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
                 <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">pol_timestamp</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy Decision Timestamp</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
 </td>
             </tr>
             <tr>
@@ -3761,46 +3717,6 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
                 <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">inp_classification</td>
-              <td class="text-left" rowspan="1" colspan="1">Input Data Classification</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">exec_time_ms</td>
-              <td class="text-left" rowspan="1" colspan="1">Execution Time (ms)</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">witnessed_by</td>
-              <td class="text-left" rowspan="1" colspan="1">Witness Identities</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">regulated_domain</td>
-              <td class="text-left" rowspan="1" colspan="1">Regulatory Domain</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">model_version</td>
-              <td class="text-left" rowspan="1" colspan="1">AI/ML Model Version</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
 </td>
             </tr>
             <tr>
@@ -3808,7 +3724,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Compensation Flag</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
+                <a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>
 </td>
             </tr>
             <tr>
@@ -3816,7 +3732,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Compensation Reason</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
+                <a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>
 </td>
             </tr>
             <tr>
@@ -3824,7 +3740,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Extension Object</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>
+                <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>
 </td>
             </tr>
           </tbody>
@@ -3885,59 +3801,6 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
 </div>
 </section>
 </div>
-<div id="regulated-domain-registry">
-<section id="section-12.5">
-        <h3 id="name-ect-regulated-domain-values">
-<a href="#section-12.5" class="section-number selfRef">12.5. </a><a href="#name-ect-regulated-domain-values" class="section-name selfRef">ECT Regulated Domain Values Registry</a>
-        </h3>
-<p id="section-12.5-1">This document establishes the "ECT Regulated Domain Values"
-registry under the "JSON Web Token (JWT)" group.  Registration
-policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref">RFC8126</a>]</span>.<a href="#section-12.5-1" class="pilcrow">¶</a></p>
-<p id="section-12.5-2">The initial contents of the registry are:<a href="#section-12.5-2" class="pilcrow">¶</a></p>
-<span id="name-ect-regulated-domain-values-2"></span><div id="_table-regulated-domain">
-<table class="center" id="table-3">
-          <caption>
-<a href="#table-3" class="selfRef">Table 3</a>:
-<a href="#name-ect-regulated-domain-values-2" class="selfRef">ECT Regulated Domain Values</a>
-          </caption>
-<thead>
-            <tr>
-              <th class="text-center" rowspan="1" colspan="1">Value</th>
-              <th class="text-left" rowspan="1" colspan="1">Description</th>
-              <th class="text-center" rowspan="1" colspan="1">Change Controller</th>
-              <th class="text-center" rowspan="1" colspan="1">Reference</th>
-            </tr>
-          </thead>
-          <tbody>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">medtech</td>
-              <td class="text-left" rowspan="1" colspan="1">Medical technology and devices</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">finance</td>
-              <td class="text-left" rowspan="1" colspan="1">Financial services and trading</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">military</td>
-              <td class="text-left" rowspan="1" colspan="1">Military and defense</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
-</td>
-            </tr>
-          </tbody>
-        </table>
-</div>
-</section>
-</div>
 </section>
 </div>
 <div id="sec-combined-references">
@@ -4328,9 +4191,9 @@ compliance with various regulatory frameworks.  ECTs are a
 technical building block; achieving compliance requires
 additional organizational measures beyond this specification.<a href="#appendix-C-1" class="pilcrow">¶</a></p>
 <span id="name-regulatory-compliance-mappin"></span><div id="_table-regulatory">
-<table class="center" id="table-4">
+<table class="center" id="table-3">
         <caption>
-<a href="#table-4" class="selfRef">Table 4</a>:
+<a href="#table-3" class="selfRef">Table 3</a>:
 <a href="#name-regulatory-compliance-mappin" class="selfRef">Regulatory Compliance Mapping</a>
         </caption>
 <thead>
@@ -4414,9 +4277,7 @@ Agent B:<a href="#appendix-D.1-1" class="pilcrow">¶</a></p>
   "pol": "clinical_data_access_policy_v1",
   "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
-  "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
+  "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
-  "exec_time_ms": 142,
-  "regulated_domain": "medtech"
 }
 </pre><a href="#appendix-D.1-5" class="pilcrow">¶</a>
 </div>
@@ -4435,9 +4296,7 @@ task, and creates its own ECT:<a href="#appendix-D.1-6" class="pilcrow">¶</a></
   "exec_act": "validate_safety",
   "par": ["550e8400-e29b-41d4-a716-446655440001"],
   "pol": "safety_validation_policy_v2",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "exec_time_ms": 89,
-  "regulated_domain": "medtech"
 }
 </pre><a href="#appendix-D.1-7" class="pilcrow">¶</a>
 </div>
@@ -4474,8 +4333,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "par": [],
   "pol": "spec_review_policy_v2",
   "pol_decision": "approved",
-  "regulated_domain": "medtech",
-  "model_version": "spec-review-v3.1",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -4495,9 +4352,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "exec_act": "implement_module",
   "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
   "pol": "coding_standards_v3",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "medtech",
-  "model_version": "codegen-v2.4"
 }
 </pre><a href="#appendix-D.2-5" class="pilcrow">¶</a>
 </div>
@@ -4515,9 +4370,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "exec_act": "execute_test_suite",
   "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
   "pol": "test_coverage_policy_v1",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "medtech",
-  "exec_time_ms": 4523
 }
 </pre><a href="#appendix-D.2-7" class="pilcrow">¶</a>
 </div>
@@ -4536,7 +4389,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
   "pol": "build_validation_v2",
   "pol_decision": "approved",
-  "regulated_domain": "medtech",
   "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
 }
 </pre><a href="#appendix-D.2-9" class="pilcrow">¶</a>
@@ -4557,17 +4409,19 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "pol": "release_approval_policy",
   "pol_decision": "approved",
   "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
-  "witnessed_by": [
+  "ext": {
-    "spiffe://meddev.example/audit/qa-observer-1"
+    "org.ietf.wimse.witnessed_by": [
-  ],
+      "spiffe://meddev.example/audit/qa-observer-1"
-  "regulated_domain": "medtech"
+    ]
+  }
 }
 </pre><a href="#appendix-D.2-11" class="pilcrow">¶</a>
 </div>
 <p id="appendix-D.2-12">The resulting DAG records the complete SDLC: spec review preceded
 implementation, implementation preceded testing, testing preceded
-build, and a human release manager approved the final release
+build, and a human release manager approved the final release.
-with independent witness attestation.<a href="#appendix-D.2-12" class="pilcrow">¶</a></p>
+The "ext" object in task 5 carries witness metadata via
+the "org.ietf.wimse.witnessed_by" extension key.<a href="#appendix-D.2-12" class="pilcrow">¶</a></p>
 <div class="alignLeft art-text artwork" id="appendix-D.2-13">
 <pre>
 task-...-0001 (review_requirements_spec)
@@ -4582,7 +4436,7 @@ task-...-0003 (execute_test_suite)
 task-...-0004 (build_release_artifact)
   |
   v
-task-...-0005 (approve_release) [human, witnessed]
+task-...-0005 (approve_release) [human]
 </pre><a href="#appendix-D.2-13" class="pilcrow">¶</a>
 </div>
 <p id="appendix-D.2-14">An FDA auditor reconstructs this DAG by querying the audit ledger
@@ -4629,8 +4483,7 @@ task-...-0004 (execute_trade)
     "f1e2d3c4-0003-0000-0000-000000000003"
   ],
   "pol": "trade_execution_policy_v3",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "finance"
 }
 </pre><a href="#appendix-D.3-4" class="pilcrow">¶</a>
 </div>

draft-nennemann-wimse-execution-context-00.md

@@ -529,11 +529,6 @@ pol_enforcer:
   person) that evaluated the policy decision.  When present,
   SHOULD use SPIFFE ID format.
 
-pol_timestamp:
-: OPTIONAL.  NumericDate.  The time at which the policy decision
-  was made.  When present, MUST be equal to or earlier than the
-  "iat" claim.
-
 This specification intentionally defines only the recording of
 policy evaluation outcomes.  The mechanisms by which policies are
 defined, distributed to agents, and evaluated are out of scope.
@@ -565,42 +560,6 @@ out_hash:
 : OPTIONAL.  String.  A cryptographic hash of the output data,
   using the same format and algorithm requirements as "inp_hash".
 
-inp_classification:
-: OPTIONAL.  String.  The data sensitivity classification of the
-  input (e.g., "public", "confidential", "restricted").
-
-### Task Metadata {#operational-claims}
-
-The following claims provide additional context about task
-execution:
-
-exec_time_ms:
-: OPTIONAL.  Integer.  The execution duration of the task in
-  milliseconds.  MUST be a non-negative integer.
-
-regulated_domain:
-: OPTIONAL.  String.  The regulatory domain applicable to this
-  task.  Values MUST be registered in the ECT Regulated Domain
-  Values registry ({{regulated-domain-registry}}).
-
-model_version:
-: OPTIONAL.  String.  The version identifier of the AI or ML model
-  used to perform the task, if applicable.
-
-witnessed_by:
-: OPTIONAL.  Array of StringOrURI.  Identifiers of third-party
-  entities that the issuing agent claims observed or attested to
-  the execution of this task.  When present, each element SHOULD
-  use SPIFFE ID format.  Note that this claim is self-asserted by
-  the ECT issuer; witnesses listed here do not co-sign this ECT.
-  For stronger assurance, witnesses SHOULD submit independent
-  signed ECTs to the ledger attesting to their observation (see
-  {{witness-attestation-model}}).  In regulated environments,
-  implementations SHOULD use witness attestation for critical
-  decision points to mitigate the risk of single-agent false
-  claims.  See also {{self-assertion-limitation}} for the security
-  implications of self-asserted witness claims.
-
 ### Compensation and Rollback {#compensation-claims}
 
 compensation_required:
@@ -640,6 +599,24 @@ bytes, and the JSON nesting depth within the "ext" object
 SHOULD NOT exceed 5 levels.  Implementations SHOULD reject
 ECTs whose "ext" claim exceeds these limits.
 
+The following extension keys are RECOMMENDED for common use
+cases.  These are not registered claims; they are carried
+within the "ext" object:
+
+- "org.ietf.wimse.exec\_time\_ms": Integer.  Execution duration in
+  milliseconds.
+- "org.ietf.wimse.regulated\_domain": String.  Regulatory domain
+  (e.g., "medtech", "finance", "military").
+- "org.ietf.wimse.model\_version": String.  AI/ML model version.
+- "org.ietf.wimse.witnessed\_by": Array of StringOrURI.  Identifiers
+  of third-party entities that the issuer claims observed the
+  task.  Note: this is self-asserted; for verifiable witness
+  attestation, witnesses should submit independent signed ECTs.
+- "org.ietf.wimse.inp\_classification": String.  Data sensitivity
+  classification (e.g., "public", "confidential", "restricted").
+- "org.ietf.wimse.pol\_timestamp": NumericDate.  Time at which the
+  policy decision was made, if distinct from "iat".
+
 ## Complete ECT Example
 
 The following is a complete ECT payload example:
@@ -660,18 +637,16 @@ The following is a complete ECT payload example:
   "pol": "clinical_reasoning_policy_v2",
   "pol_decision": "approved",
   "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-  "pol_timestamp": 1772064145,
 
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
-  "inp_classification": "confidential",
-  "exec_time_ms": 245,
-  "regulated_domain": "medtech",
-  "model_version": "clinical-reasoning-v4.2",
 
-  "witnessed_by": [
+  "ext": {
-    "spiffe://example.com/audit/observer-1"
+    "org.ietf.wimse.pol_timestamp": 1772064145,
-  ]
+    "org.ietf.wimse.exec_time_ms": 245,
+    "org.ietf.wimse.regulated_domain": "medtech",
+    "org.ietf.wimse.model_version": "clinical-reasoning-v4.2"
+  }
 }
 ~~~
 {: #fig-full-ect title="Complete ECT Payload Example"}
@@ -1054,7 +1029,7 @@ Human Release Manager:
   exec_act: approve_release
   pol: release_approval_policy   pol_decision: approved
   pol_enforcer: spiffe://meddev.example/human/release-mgr-42
-  witnessed_by: [spiffe://meddev.example/audit/qa-observer-1]
+  ext: {org.ietf.wimse.witnessed_by: [...]}  (extension metadata)
 ~~~
 {: #fig-medtech-sdlc title="Medical Device SDLC Workflow"}
 
@@ -1245,20 +1220,21 @@ ECTs do not independently verify that:
 
 The trustworthiness of ECT claims depends on the trustworthiness
 of the signing agent.  To mitigate single-agent false claims,
-regulated environments SHOULD use the "witnessed_by" mechanism
+regulated environments SHOULD use the "org.ietf.wimse.witnessed_by"
-to include independent third-party observers at critical decision
+extension key (carried in "ext") to include independent
-points.  However, the "witnessed_by" claim is self-asserted by
+third-party observers at critical decision points.  However,
-the ECT issuer: the listed witnesses do not co-sign the ECT and
+this value is self-asserted by the ECT issuer: the listed
-there is no cryptographic evidence within a single ECT that the
+witnesses do not co-sign the ECT and there is no cryptographic
-witnesses actually observed the task.  An issuing agent could
+evidence within a single ECT that the witnesses actually
-list witnesses that did not participate.
+observed the task.  An issuing agent could list witnesses that
+did not participate.
 
 ### Witness Attestation Model {#witness-attestation-model}
 
-To address the self-assertion limitation of the "witnessed_by"
+To address the self-assertion limitation of the
-claim, witnesses SHOULD submit their own independent signed ECTs
+"org.ietf.wimse.witnessed_by" extension, witnesses SHOULD submit their
-to the audit ledger attesting to the observed task.  A witness
+own independent signed ECTs to the audit ledger attesting to the
-attestation ECT:
+observed task.  A witness attestation ECT:
 
 - MUST set "iss" to the witness's own workload identity.
 - MUST set "exec_act" to "witness_attestation" (or a domain-
@@ -1268,11 +1244,11 @@ attestation ECT:
 - MUST set "pol_decision" to "approved" to indicate the witness
   confirms the observation.
 
-When a task's "witnessed_by" claim lists one or more witnesses,
+When a task's "org.ietf.wimse.witnessed_by" extension lists one or more
-auditors SHOULD verify that corresponding witness attestation
+witnesses, auditors SHOULD verify that corresponding witness
-ECTs exist in the ledger for each listed witness.  A mismatch
+attestation ECTs exist in the ledger for each listed witness.  A
-between the "witnessed_by" list and the set of independent witness
+mismatch between the extension value and the set of independent
-ECTs in the ledger SHOULD be flagged during audit review.
+witness ECTs in the ledger SHOULD be flagged during audit review.
 
 This model converts witness attestation from a self-asserted claim
 to a cryptographically verifiable property of the ledger: the
@@ -1374,8 +1350,8 @@ Mitigations include:
 
 - Independent ledger maintenance: The ledger SHOULD be maintained
   by an entity independent of the workflow agents.
-- Witness attestation: Using the "witnessed_by" claim to include
+- Witness attestation: Using the "org.ietf.wimse.witnessed_by" extension
-  independent third-party observers.
+  key in "ext" to include independent third-party observers.
 - Cross-verification: Multiple independent ledger replicas can be
   compared for consistency.
 - Out-of-band audit: External auditors periodically verify ledger
@@ -1564,14 +1540,8 @@ the "JSON Web Token Claims" registry maintained by IANA:
 | pol | Policy Rule Identifier | IETF | {{policy-claims}} |
 | pol_decision | Policy Decision Result | IETF | {{policy-claims}} |
 | pol_enforcer | Policy Enforcer Identity | IETF | {{policy-claims}} |
-| pol_timestamp | Policy Decision Timestamp | IETF | {{policy-claims}} |
 | inp_hash | Input Data Hash | IETF | {{data-integrity-claims}} |
 | out_hash | Output Data Hash | IETF | {{data-integrity-claims}} |
-| inp_classification | Input Data Classification | IETF | {{data-integrity-claims}} |
-| exec_time_ms | Execution Time (ms) | IETF | {{operational-claims}} |
-| witnessed_by | Witness Identities | IETF | {{operational-claims}} |
-| regulated_domain | Regulatory Domain | IETF | {{operational-claims}} |
-| model_version | AI/ML Model Version | IETF | {{operational-claims}} |
 | compensation_required | Compensation Flag | IETF | {{compensation-claims}} |
 | compensation_reason | Compensation Reason | IETF | {{compensation-claims}} |
 | ext | Extension Object | IETF | {{extension-claims}} |
@@ -1592,21 +1562,6 @@ The initial contents of the registry are:
 | pending_human_review | Awaiting human judgment | IETF | {{policy-claims}} |
 {: #table-pol-decision title="ECT Policy Decision Values"}
 
-## ECT Regulated Domain Values Registry {#regulated-domain-registry}
-
-This document establishes the "ECT Regulated Domain Values"
-registry under the "JSON Web Token (JWT)" group.  Registration
-policy is Specification Required per {{!RFC8126}}.
-
-The initial contents of the registry are:
-
-| Value | Description | Change Controller | Reference |
-|:---:|:---|:---:|:---:|
-| medtech | Medical technology and devices | IETF | {{operational-claims}} |
-| finance | Financial services and trading | IETF | {{operational-claims}} |
-| military | Military and defense | IETF | {{operational-claims}} |
-{: #table-regulated-domain title="ECT Regulated Domain Values"}
-
 --- back
 
 # Related Work
@@ -1840,9 +1795,7 @@ ECT Payload:
   "pol": "clinical_data_access_policy_v1",
   "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
-  "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
+  "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
-  "exec_time_ms": 142,
-  "regulated_domain": "medtech"
 }
 ~~~
 
@@ -1861,9 +1814,7 @@ task, and creates its own ECT:
   "exec_act": "validate_safety",
   "par": ["550e8400-e29b-41d4-a716-446655440001"],
   "pol": "safety_validation_policy_v2",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "exec_time_ms": 89,
-  "regulated_domain": "medtech"
 }
 ~~~
 
@@ -1897,8 +1848,6 @@ Task 1 (Spec Review Agent):
   "par": [],
   "pol": "spec_review_policy_v2",
   "pol_decision": "approved",
-  "regulated_domain": "medtech",
-  "model_version": "spec-review-v3.1",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -1918,9 +1867,7 @@ Task 2 (Code Generation Agent):
   "exec_act": "implement_module",
   "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
   "pol": "coding_standards_v3",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "medtech",
-  "model_version": "codegen-v2.4"
 }
 ~~~
 
@@ -1938,9 +1885,7 @@ Task 3 (Autonomous Test Agent):
   "exec_act": "execute_test_suite",
   "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
   "pol": "test_coverage_policy_v1",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "medtech",
-  "exec_time_ms": 4523
 }
 ~~~
 
@@ -1959,7 +1904,6 @@ Task 4 (Build Agent):
   "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
   "pol": "build_validation_v2",
   "pol_decision": "approved",
-  "regulated_domain": "medtech",
   "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
 }
 ~~~
@@ -1980,17 +1924,19 @@ Task 5 (Human Release Manager Approval):
   "pol": "release_approval_policy",
   "pol_decision": "approved",
   "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
-  "witnessed_by": [
+  "ext": {
-    "spiffe://meddev.example/audit/qa-observer-1"
+    "org.ietf.wimse.witnessed_by": [
-  ],
+      "spiffe://meddev.example/audit/qa-observer-1"
-  "regulated_domain": "medtech"
+    ]
+  }
 }
 ~~~
 
 The resulting DAG records the complete SDLC: spec review preceded
 implementation, implementation preceded testing, testing preceded
-build, and a human release manager approved the final release
+build, and a human release manager approved the final release.
-with independent witness attestation.
+The "ext" object in task 5 carries witness metadata via
+the "org.ietf.wimse.witnessed_by" extension key.
 
 ~~~
 task-...-0001 (review_requirements_spec)
@@ -2005,7 +1951,7 @@ task-...-0003 (execute_test_suite)
 task-...-0004 (build_release_artifact)
   |
   v
-task-...-0005 (approve_release) [human, witnessed]
+task-...-0005 (approve_release) [human]
 ~~~
 
 An FDA auditor reconstructs this DAG by querying the audit ledger
@@ -2049,8 +1995,7 @@ Task 004 ECT payload:
     "f1e2d3c4-0003-0000-0000-000000000003"
   ],
   "pol": "trade_execution_policy_v3",
-  "pol_decision": "approved",
+  "pol_decision": "approved"
-  "regulated_domain": "finance"
 }
 ~~~