c/ietf-wimse-ect
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix extension key prefix: io.wimse -> org.ietf.wimse

Browse Source 
Use correct IETF reverse domain notation for spec-defined
extension keys within the ext object.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Nennemann
2026-02-24 23:21:24 +01:00
parent ed8a3f17c2
commit a6d2a955ee
4 changed files with 1061 additions and 1366 deletions
Download Patch File Download Diff File Expand all files Collapse all files

349
draft-nennemann-wimse-execution-context-00.html
View File

@@ -1397,13 +1397,10 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
<p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-data-integrity" class="internal xref">Data Integrity</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.5">
<p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-task-metadata" class="internal xref">Task Metadata</a></p>
<p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.6">
<p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.7">
<p id="section-toc.1-1.4.2.2.2.7.1"><a href="#section-4.2.7" class="auto internal xref">4.2.7</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
<p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
</li>
</ul>
</li>
@@ -1544,9 +1541,6 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.4">
<p id="section-toc.1-1.12.2.4.1"><a href="#section-12.4" class="auto internal xref">12.4</a>.  <a href="#name-ect-policy-decision-values-" class="internal xref">ECT Policy Decision Values Registry</a></p>
</li>
<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.5">
<p id="section-toc.1-1.12.2.5.1"><a href="#section-12.5" class="auto internal xref">12.5</a>.  <a href="#name-ect-regulated-domain-values" class="internal xref">ECT Regulated Domain Values Registry</a></p>
</li>
</ul>
</li>
@@ -1656,7 +1650,7 @@ requirements were evaluated at each decision point.<a href="#section-1.1-2" clas
coordinate across organizational boundaries. Multiple regulatory
frameworks — including <span>[<a href="#EU-AI-ACT" class="cite xref">EU-AI-ACT</a>]</span>, <span>[<a href="#FDA-21CFR11" class="cite xref">FDA-21CFR11</a>]</span>, <span>[<a href="#MIFID-II" class="cite xref">MIFID-II</a>]</span>,
and <span>[<a href="#DORA" class="cite xref">DORA</a>]</span> — require structured, auditable records of automated
decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 4</a> for a
decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 3</a> for a
detailed mapping).<a href="#section-1.1-3" class="pilcrow"></a></p>
<p id="section-1.1-4">This document defines an extension to the WIMSE architecture that
addresses the gap between workload identity and execution
@@ -2241,13 +2235,6 @@ audit trails.<a href="#section-4.2.3-2.4.3" class="pilcrow">¶</a></p>
<p id="section-4.2.3-2.6.1"><span class="bcp14">OPTIONAL</span>. StringOrURI. The identity of the entity (system or
person) that evaluated the policy decision. When present,
<span class="bcp14">SHOULD</span> use SPIFFE ID format.<a href="#section-4.2.3-2.6.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.3-2.7">pol_timestamp:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.3-2.8">
<p id="section-4.2.3-2.8.1"><span class="bcp14">OPTIONAL</span>. NumericDate. The time at which the policy decision
was made. When present, <span class="bcp14">MUST</span> be equal to or earlier than the
"iat" claim.<a href="#section-4.2.3-2.8.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
@@ -2288,110 +2275,58 @@ computed over the raw octets of the input data.<a href="#section-4.2.4-2.2.1" cl
<dd style="margin-left: 1.5em" id="section-4.2.4-2.4">
<p id="section-4.2.4-2.4.1"><span class="bcp14">OPTIONAL</span>. String. A cryptographic hash of the output data,
using the same format and algorithm requirements as "inp_hash".<a href="#section-4.2.4-2.4.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.4-2.5">inp_classification:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.4-2.6">
<p id="section-4.2.4-2.6.1"><span class="bcp14">OPTIONAL</span>. String. The data sensitivity classification of the
input (e.g., "public", "confidential", "restricted").<a href="#section-4.2.4-2.6.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
</section>
</div>
<div id="operational-claims">
<section id="section-4.2.5">
<h4 id="name-task-metadata">
<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-task-metadata" class="section-name selfRef">Task Metadata</a>
</h4>
<p id="section-4.2.5-1">The following claims provide additional context about task
execution:<a href="#section-4.2.5-1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.5-2">
<dt id="section-4.2.5-2.1">exec_time_ms:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.2">
<p id="section-4.2.5-2.2.1"><span class="bcp14">OPTIONAL</span>. Integer. The execution duration of the task in
milliseconds. <span class="bcp14">MUST</span> be a non-negative integer.<a href="#section-4.2.5-2.2.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.5-2.3">regulated_domain:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.4">
<p id="section-4.2.5-2.4.1"><span class="bcp14">OPTIONAL</span>. String. The regulatory domain applicable to this
task. Values <span class="bcp14">MUST</span> be registered in the ECT Regulated Domain
Values registry (<a href="#regulated-domain-registry" class="auto internal xref">Section 12.5</a>).<a href="#section-4.2.5-2.4.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.5-2.5">model_version:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.6">
<p id="section-4.2.5-2.6.1"><span class="bcp14">OPTIONAL</span>. String. The version identifier of the AI or ML model
used to perform the task, if applicable.<a href="#section-4.2.5-2.6.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.5-2.7">witnessed_by:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-2.8">
<p id="section-4.2.5-2.8.1"><span class="bcp14">OPTIONAL</span>. Array of StringOrURI. Identifiers of third-party
entities that the issuing agent claims observed or attested to
the execution of this task. When present, each element <span class="bcp14">SHOULD</span>
use SPIFFE ID format. Note that this claim is self-asserted by
the ECT issuer; witnesses listed here do not co-sign this ECT.
For stronger assurance, witnesses <span class="bcp14">SHOULD</span> submit independent
signed ECTs to the ledger attesting to their observation (see
<a href="#witness-attestation-model" class="auto internal xref">Section 10.2.1</a>). In regulated environments,
implementations <span class="bcp14">SHOULD</span> use witness attestation for critical
decision points to mitigate the risk of single-agent false
claims. See also <a href="#self-assertion-limitation" class="auto internal xref">Section 10.2</a> for the security
implications of self-asserted witness claims.<a href="#section-4.2.5-2.8.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
</section>
</div>
<div id="compensation-claims">
<section id="section-4.2.6">
<section id="section-4.2.5">
<h4 id="name-compensation-and-rollback">
<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
</h4>
<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
<dt id="section-4.2.6-1.1">compensation_required:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
<p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>. Boolean. Indicates whether this task is a
compensation or rollback action for a previous task.<a href="#section-4.2.6-1.2.1" class="pilcrow"></a></p>
<span class="break"></span><dl class="dlParallel" id="section-4.2.5-1">
<dt id="section-4.2.5-1.1">compensation_required:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-1.2">
<p id="section-4.2.5-1.2.1"><span class="bcp14">OPTIONAL</span>. Boolean. Indicates whether this task is a
compensation or rollback action for a previous task.<a href="#section-4.2.5-1.2.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
<dt id="section-4.2.6-1.3">compensation_reason:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.4">
<p id="section-4.2.6-1.4.1"><span class="bcp14">OPTIONAL</span>. String. A human-readable reason for the compensation
<dt id="section-4.2.5-1.3">compensation_reason:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.5-1.4">
<p id="section-4.2.5-1.4.1"><span class="bcp14">OPTIONAL</span>. String. A human-readable reason for the compensation
action. <span class="bcp14">MUST</span> be present if "compensation_required" is true.
Values <span class="bcp14">SHOULD</span> use structured identifiers (e.g.,
"policy_violation_in_parent_trade") rather than free-form text
to minimize the risk of embedding sensitive information. See
<a href="#data-minimization" class="auto internal xref">Section 11.2</a> for privacy guidance.
If "compensation_reason" is present, "compensation_required"
<span class="bcp14">MUST</span> be true.<a href="#section-4.2.6-1.4.1" class="pilcrow"></a></p>
<span class="bcp14">MUST</span> be true.<a href="#section-4.2.5-1.4.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
<p id="section-4.2.6-2">Note: compensation ECTs reference historical parent tasks via the
<p id="section-4.2.5-2">Note: compensation ECTs reference historical parent tasks via the
"par" claim. The referenced parent ECTs may have passed their own
"exp" time; ECT expiration applies to the verification window of
the ECT itself, not to its validity as a parent reference in the
ledger.<a href="#section-4.2.6-2" class="pilcrow"></a></p>
ledger.<a href="#section-4.2.5-2" class="pilcrow"></a></p>
</section>
</div>
<div id="extension-claims">
<section id="section-4.2.7">
<section id="section-4.2.6">
<h4 id="name-extensions">
<a href="#section-4.2.7" class="section-number selfRef">4.2.7. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
</h4>
<span class="break"></span><dl class="dlParallel" id="section-4.2.7-1">
<dt id="section-4.2.7-1.1">ext:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.7-1.2">
<p id="section-4.2.7-1.2.1"><span class="bcp14">OPTIONAL</span>. Object. An extension object for domain-specific
<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
<dt id="section-4.2.6-1.1">ext:</dt>
<dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
<p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>. Object. An extension object for domain-specific
claims not defined by this specification. Implementations
that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.7-1.2.1" class="pilcrow"></a></p>
that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.6-1.2.1" class="pilcrow"></a></p>
</dd>
<dd class="break"></dd>
</dl>
<p id="section-4.2.7-2">To avoid key collisions between different domains, extension
<p id="section-4.2.6-2">To avoid key collisions between different domains, extension
key names <span class="bcp14">MUST</span> use reverse domain notation (e.g.,
"com.example.custom_field"). Implementations <span class="bcp14">MUST NOT</span> use
unqualified key names within the "ext" object. To prevent
@@ -2399,7 +2334,37 @@ abuse and excessive token size, the serialized JSON
representation of the "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096
bytes, and the JSON nesting depth within the "ext" object
<span class="bcp14">SHOULD NOT</span> exceed 5 levels. Implementations <span class="bcp14">SHOULD</span> reject
ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.7-2" class="pilcrow"></a></p>
ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.6-2" class="pilcrow"></a></p>
<p id="section-4.2.6-3">The following extension keys are <span class="bcp14">RECOMMENDED</span> for common use
cases. These are not registered claims; they are carried
within the "ext" object:<a href="#section-4.2.6-3" class="pilcrow"></a></p>
<ul class="normal">
<li class="normal" id="section-4.2.6-4.1">
<p id="section-4.2.6-4.1.1">"org.ietf.wimse.exec_time_ms": Integer. Execution duration in
milliseconds.<a href="#section-4.2.6-4.1.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.2.6-4.2">
<p id="section-4.2.6-4.2.1">"org.ietf.wimse.regulated_domain": String. Regulatory domain
(e.g., "medtech", "finance", "military").<a href="#section-4.2.6-4.2.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.2.6-4.3">
<p id="section-4.2.6-4.3.1">"org.ietf.wimse.model_version": String. AI/ML model version.<a href="#section-4.2.6-4.3.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.2.6-4.4">
<p id="section-4.2.6-4.4.1">"org.ietf.wimse.witnessed_by": Array of StringOrURI. Identifiers
of third-party entities that the issuer claims observed the
task. Note: this is self-asserted; for verifiable witness
attestation, witnesses should submit independent signed ECTs.<a href="#section-4.2.6-4.4.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.2.6-4.5">
<p id="section-4.2.6-4.5.1">"org.ietf.wimse.inp_classification": String. Data sensitivity
classification (e.g., "public", "confidential", "restricted").<a href="#section-4.2.6-4.5.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-4.2.6-4.6">
<p id="section-4.2.6-4.6.1">"org.ietf.wimse.pol_timestamp": NumericDate. Time at which the
policy decision was made, if distinct from "iat".<a href="#section-4.2.6-4.6.1" class="pilcrow"></a></p>
</li>
</ul>
</section>
</div>
</section>
@@ -2429,18 +2394,16 @@ ECTs whose "ext" claim exceeds these limits.<a href="#section-4.2.7-2" class="pi
"pol": "clinical_reasoning_policy_v2",
"pol_decision": "approved",
"pol_enforcer": "spiffe://example.com/policy/clinical-engine",
"pol_timestamp": 1772064145,
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
"inp_classification": "confidential",
"exec_time_ms": 245,
"regulated_domain": "medtech",
"model_version": "clinical-reasoning-v4.2",
"witnessed_by": [
"spiffe://example.com/audit/observer-1"
]
"ext": {
"org.ietf.wimse.pol_timestamp": 1772064145,
"org.ietf.wimse.exec_time_ms": 245,
"org.ietf.wimse.regulated_domain": "medtech",
"org.ietf.wimse.model_version": "clinical-reasoning-v4.2"
}
}
</pre>
</div>
@@ -2918,7 +2881,7 @@ Human Release Manager:
exec_act: approve_release
pol: release_approval_policy pol_decision: approved
pol_enforcer: spiffe://meddev.example/human/release-mgr-42
witnessed_by: [spiffe://meddev.example/audit/qa-observer-1]
ext: {org.ietf.wimse.witnessed_by: [...]} (extension metadata)
</pre>
</div>
<figcaption><a href="#figure-8" class="selfRef">Figure 8</a>:
@@ -3202,22 +3165,23 @@ evaluating the policy).<a href="#section-10.2-1" class="pilcrow">¶</a></p>
</ul>
<p id="section-10.2-4">The trustworthiness of ECT claims depends on the trustworthiness
of the signing agent. To mitigate single-agent false claims,
regulated environments <span class="bcp14">SHOULD</span> use the "witnessed_by" mechanism
to include independent third-party observers at critical decision
points. However, the "witnessed_by" claim is self-asserted by
the ECT issuer: the listed witnesses do not co-sign the ECT and
there is no cryptographic evidence within a single ECT that the
witnesses actually observed the task. An issuing agent could
list witnesses that did not participate.<a href="#section-10.2-4" class="pilcrow"></a></p>
regulated environments <span class="bcp14">SHOULD</span> use the "org.ietf.wimse.witnessed_by"
extension key (carried in "ext") to include independent
third-party observers at critical decision points. However,
this value is self-asserted by the ECT issuer: the listed
witnesses do not co-sign the ECT and there is no cryptographic
evidence within a single ECT that the witnesses actually
observed the task. An issuing agent could list witnesses that
did not participate.<a href="#section-10.2-4" class="pilcrow"></a></p>
<div id="witness-attestation-model">
<section id="section-10.2.1">
<h4 id="name-witness-attestation-model">
<a href="#section-10.2.1" class="section-number selfRef">10.2.1. </a><a href="#name-witness-attestation-model" class="section-name selfRef">Witness Attestation Model</a>
</h4>
<p id="section-10.2.1-1">To address the self-assertion limitation of the "witnessed_by"
claim, witnesses <span class="bcp14">SHOULD</span> submit their own independent signed ECTs
to the audit ledger attesting to the observed task. A witness
attestation ECT:<a href="#section-10.2.1-1" class="pilcrow"></a></p>
<p id="section-10.2.1-1">To address the self-assertion limitation of the
"org.ietf.wimse.witnessed_by" extension, witnesses <span class="bcp14">SHOULD</span> submit their
own independent signed ECTs to the audit ledger attesting to the
observed task. A witness attestation ECT:<a href="#section-10.2.1-1" class="pilcrow"></a></p>
<ul class="normal">
<li class="normal" id="section-10.2.1-2.1">
<p id="section-10.2.1-2.1.1"><span class="bcp14">MUST</span> set "iss" to the witness's own workload identity.<a href="#section-10.2.1-2.1.1" class="pilcrow"></a></p>
@@ -3235,11 +3199,11 @@ linking the attestation to the original task.<a href="#section-10.2.1-2.3.1" cla
confirms the observation.<a href="#section-10.2.1-2.4.1" class="pilcrow"></a></p>
</li>
</ul>
<p id="section-10.2.1-3">When a task's "witnessed_by" claim lists one or more witnesses,
auditors <span class="bcp14">SHOULD</span> verify that corresponding witness attestation
ECTs exist in the ledger for each listed witness. A mismatch
between the "witnessed_by" list and the set of independent witness
ECTs in the ledger <span class="bcp14">SHOULD</span> be flagged during audit review.<a href="#section-10.2.1-3" class="pilcrow"></a></p>
<p id="section-10.2.1-3">When a task's "org.ietf.wimse.witnessed_by" extension lists one or more
witnesses, auditors <span class="bcp14">SHOULD</span> verify that corresponding witness
attestation ECTs exist in the ledger for each listed witness. A
mismatch between the extension value and the set of independent
witness ECTs in the ledger <span class="bcp14">SHOULD</span> be flagged during audit review.<a href="#section-10.2.1-3" class="pilcrow"></a></p>
<p id="section-10.2.1-4">This model converts witness attestation from a self-asserted claim
to a cryptographically verifiable property of the ledger: the
witness independently signs their own ECT using their own key,
@@ -3387,8 +3351,8 @@ create a false execution history if they control the ledger.<a href="#section-10
by an entity independent of the workflow agents.<a href="#section-10.8-3.1.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-10.8-3.2">
<p id="section-10.8-3.2.1">Witness attestation: Using the "witnessed_by" claim to include
independent third-party observers.<a href="#section-10.8-3.2.1" class="pilcrow"></a></p>
<p id="section-10.8-3.2.1">Witness attestation: Using the "org.ietf.wimse.witnessed_by" extension
key in "ext" to include independent third-party observers.<a href="#section-10.8-3.2.1" class="pilcrow"></a></p>
</li>
<li class="normal" id="section-10.8-3.3">
<p id="section-10.8-3.3.1">Cross-verification: Multiple independent ledger replicas can be
@@ -3448,7 +3412,7 @@ array to a maximum of 256 entries. Workflows requiring more
parent references <span class="bcp14">SHOULD</span> introduce intermediate aggregation
tasks. The "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096 bytes when
serialized as JSON and <span class="bcp14">SHOULD NOT</span> exceed a nesting depth of
5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>).<a href="#section-10.11-1" class="pilcrow"></a></p>
5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>).<a href="#section-10.11-1" class="pilcrow"></a></p>
</section>
</div>
</section>
@@ -3507,7 +3471,7 @@ The "exec_act" claim <span class="bcp14">SHOULD</span> use structured identifier
"process_payment") rather than natural language descriptions.
The "pol" claim <span class="bcp14">SHOULD</span> reference policy identifiers rather than
embedding policy content.<a href="#section-11.2-1" class="pilcrow"></a></p>
<p id="section-11.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>)
<p id="section-11.2-2">The "compensation_reason" claim (<a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>)
deserves particular attention: because it is human-readable and
may describe the circumstances of a failure or policy violation,
it risks exposing sensitive operational details. Implementations
@@ -3737,14 +3701,6 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">pol_timestamp</td>
<td class="text-left" rowspan="1" colspan="1">Policy Decision Timestamp</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
</td>
</tr>
<tr>
@@ -3761,46 +3717,6 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">inp_classification</td>
<td class="text-left" rowspan="1" colspan="1">Input Data Classification</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">exec_time_ms</td>
<td class="text-left" rowspan="1" colspan="1">Execution Time (ms)</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">witnessed_by</td>
<td class="text-left" rowspan="1" colspan="1">Witness Identities</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">regulated_domain</td>
<td class="text-left" rowspan="1" colspan="1">Regulatory Domain</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">model_version</td>
<td class="text-left" rowspan="1" colspan="1">AI/ML Model Version</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
@@ -3808,7 +3724,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
<td class="text-left" rowspan="1" colspan="1">Compensation Flag</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
<a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
@@ -3816,7 +3732,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
<td class="text-left" rowspan="1" colspan="1">Compensation Reason</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#compensation-claims" class="auto internal xref">Section 4.2.6</a>
<a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
@@ -3824,7 +3740,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
<td class="text-left" rowspan="1" colspan="1">Extension Object</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#extension-claims" class="auto internal xref">Section 4.2.7</a>
<a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>
</td>
</tr>
</tbody>
@@ -3885,59 +3801,6 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
</div>
</section>
</div>
<div id="regulated-domain-registry">
<section id="section-12.5">
<h3 id="name-ect-regulated-domain-values">
<a href="#section-12.5" class="section-number selfRef">12.5. </a><a href="#name-ect-regulated-domain-values" class="section-name selfRef">ECT Regulated Domain Values Registry</a>
</h3>
<p id="section-12.5-1">This document establishes the "ECT Regulated Domain Values"
registry under the "JSON Web Token (JWT)" group. Registration
policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref">RFC8126</a>]</span>.<a href="#section-12.5-1" class="pilcrow"></a></p>
<p id="section-12.5-2">The initial contents of the registry are:<a href="#section-12.5-2" class="pilcrow"></a></p>
<span id="name-ect-regulated-domain-values-2"></span><div id="_table-regulated-domain">
<table class="center" id="table-3">
<caption>
<a href="#table-3" class="selfRef">Table 3</a>:
<a href="#name-ect-regulated-domain-values-2" class="selfRef">ECT Regulated Domain Values</a>
</caption>
<thead>
<tr>
<th class="text-center" rowspan="1" colspan="1">Value</th>
<th class="text-left" rowspan="1" colspan="1">Description</th>
<th class="text-center" rowspan="1" colspan="1">Change Controller</th>
<th class="text-center" rowspan="1" colspan="1">Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td class="text-center" rowspan="1" colspan="1">medtech</td>
<td class="text-left" rowspan="1" colspan="1">Medical technology and devices</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">finance</td>
<td class="text-left" rowspan="1" colspan="1">Financial services and trading</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
<tr>
<td class="text-center" rowspan="1" colspan="1">military</td>
<td class="text-left" rowspan="1" colspan="1">Military and defense</td>
<td class="text-center" rowspan="1" colspan="1">IETF</td>
<td class="text-center" rowspan="1" colspan="1">
<a href="#operational-claims" class="auto internal xref">Section 4.2.5</a>
</td>
</tr>
</tbody>
</table>
</div>
</section>
</div>
</section>
</div>
<div id="sec-combined-references">
@@ -4328,9 +4191,9 @@ compliance with various regulatory frameworks. ECTs are a
technical building block; achieving compliance requires
additional organizational measures beyond this specification.<a href="#appendix-C-1" class="pilcrow"></a></p>
<span id="name-regulatory-compliance-mappin"></span><div id="_table-regulatory">
<table class="center" id="table-4">
<table class="center" id="table-3">
<caption>
<a href="#table-4" class="selfRef">Table 4</a>:
<a href="#table-3" class="selfRef">Table 3</a>:
<a href="#name-regulatory-compliance-mappin" class="selfRef">Regulatory Compliance Mapping</a>
</caption>
<thead>
@@ -4414,9 +4277,7 @@ Agent B:<a href="#appendix-D.1-1" class="pilcrow">¶</a></p>
"pol": "clinical_data_access_policy_v1",
"pol_decision": "approved",
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
"exec_time_ms": 142,
"regulated_domain": "medtech"
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
}
</pre><a href="#appendix-D.1-5" class="pilcrow"></a>
</div>
@@ -4435,9 +4296,7 @@ task, and creates its own ECT:<a href="#appendix-D.1-6" class="pilcrow">¶</a></
"exec_act": "validate_safety",
"par": ["550e8400-e29b-41d4-a716-446655440001"],
"pol": "safety_validation_policy_v2",
"pol_decision": "approved",
"exec_time_ms": 89,
"regulated_domain": "medtech"
"pol_decision": "approved"
}
</pre><a href="#appendix-D.1-7" class="pilcrow"></a>
</div>
@@ -4474,8 +4333,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
"par": [],
"pol": "spec_review_policy_v2",
"pol_decision": "approved",
"regulated_domain": "medtech",
"model_version": "spec-review-v3.1",
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
}
@@ -4495,9 +4352,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
"exec_act": "implement_module",
"par": ["a1b2c3d4-0001-0000-0000-000000000001"],
"pol": "coding_standards_v3",
"pol_decision": "approved",
"regulated_domain": "medtech",
"model_version": "codegen-v2.4"
"pol_decision": "approved"
}
</pre><a href="#appendix-D.2-5" class="pilcrow"></a>
</div>
@@ -4515,9 +4370,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
"exec_act": "execute_test_suite",
"par": ["a1b2c3d4-0001-0000-0000-000000000002"],
"pol": "test_coverage_policy_v1",
"pol_decision": "approved",
"regulated_domain": "medtech",
"exec_time_ms": 4523
"pol_decision": "approved"
}
</pre><a href="#appendix-D.2-7" class="pilcrow"></a>
</div>
@@ -4536,7 +4389,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
"par": ["a1b2c3d4-0001-0000-0000-000000000003"],
"pol": "build_validation_v2",
"pol_decision": "approved",
"regulated_domain": "medtech",
"out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
}
</pre><a href="#appendix-D.2-9" class="pilcrow"></a>
@@ -4557,17 +4409,19 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
"pol": "release_approval_policy",
"pol_decision": "approved",
"pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
"witnessed_by": [
"ext": {
"org.ietf.wimse.witnessed_by": [
"spiffe://meddev.example/audit/qa-observer-1"
],
"regulated_domain": "medtech"
]
}
}
</pre><a href="#appendix-D.2-11" class="pilcrow"></a>
</div>
<p id="appendix-D.2-12">The resulting DAG records the complete SDLC: spec review preceded
implementation, implementation preceded testing, testing preceded
build, and a human release manager approved the final release
with independent witness attestation.<a href="#appendix-D.2-12" class="pilcrow"></a></p>
build, and a human release manager approved the final release.
The "ext" object in task 5 carries witness metadata via
the "org.ietf.wimse.witnessed_by" extension key.<a href="#appendix-D.2-12" class="pilcrow"></a></p>
<div class="alignLeft art-text artwork" id="appendix-D.2-13">
<pre>
task-...-0001 (review_requirements_spec)
@@ -4582,7 +4436,7 @@ task-...-0003 (execute_test_suite)
task-...-0004 (build_release_artifact)
|
v
task-...-0005 (approve_release) [human, witnessed]
task-...-0005 (approve_release) [human]
</pre><a href="#appendix-D.2-13" class="pilcrow"></a>
</div>
<p id="appendix-D.2-14">An FDA auditor reconstructs this DAG by querying the audit ledger
@@ -4629,8 +4483,7 @@ task-...-0004 (execute_trade)
"f1e2d3c4-0003-0000-0000-000000000003"
],
"pol": "trade_execution_policy_v3",
"pol_decision": "approved",
"regulated_domain": "finance"
"pol_decision": "approved"
}
</pre><a href="#appendix-D.3-4" class="pilcrow"></a>
</div>

169
draft-nennemann-wimse-execution-context-00.md
View File

@@ -529,11 +529,6 @@ pol_enforcer:
person) that evaluated the policy decision. When present,
SHOULD use SPIFFE ID format.
pol_timestamp:
: OPTIONAL. NumericDate. The time at which the policy decision
was made. When present, MUST be equal to or earlier than the
"iat" claim.
This specification intentionally defines only the recording of
policy evaluation outcomes. The mechanisms by which policies are
defined, distributed to agents, and evaluated are out of scope.
@@ -565,42 +560,6 @@ out_hash:
: OPTIONAL. String. A cryptographic hash of the output data,
using the same format and algorithm requirements as "inp_hash".
inp_classification:
: OPTIONAL. String. The data sensitivity classification of the
input (e.g., "public", "confidential", "restricted").
### Task Metadata {#operational-claims}
The following claims provide additional context about task
execution:
exec_time_ms:
: OPTIONAL. Integer. The execution duration of the task in
milliseconds. MUST be a non-negative integer.
regulated_domain:
: OPTIONAL. String. The regulatory domain applicable to this
task. Values MUST be registered in the ECT Regulated Domain
Values registry ({{regulated-domain-registry}}).
model_version:
: OPTIONAL. String. The version identifier of the AI or ML model
used to perform the task, if applicable.
witnessed_by:
: OPTIONAL. Array of StringOrURI. Identifiers of third-party
entities that the issuing agent claims observed or attested to
the execution of this task. When present, each element SHOULD
use SPIFFE ID format. Note that this claim is self-asserted by
the ECT issuer; witnesses listed here do not co-sign this ECT.
For stronger assurance, witnesses SHOULD submit independent
signed ECTs to the ledger attesting to their observation (see
{{witness-attestation-model}}). In regulated environments,
implementations SHOULD use witness attestation for critical
decision points to mitigate the risk of single-agent false
claims. See also {{self-assertion-limitation}} for the security
implications of self-asserted witness claims.
### Compensation and Rollback {#compensation-claims}
compensation_required:
@@ -640,6 +599,24 @@ bytes, and the JSON nesting depth within the "ext" object
SHOULD NOT exceed 5 levels. Implementations SHOULD reject
ECTs whose "ext" claim exceeds these limits.
The following extension keys are RECOMMENDED for common use
cases. These are not registered claims; they are carried
within the "ext" object:
- "org.ietf.wimse.exec\_time\_ms": Integer. Execution duration in
milliseconds.
- "org.ietf.wimse.regulated\_domain": String. Regulatory domain
(e.g., "medtech", "finance", "military").
- "org.ietf.wimse.model\_version": String. AI/ML model version.
- "org.ietf.wimse.witnessed\_by": Array of StringOrURI. Identifiers
of third-party entities that the issuer claims observed the
task. Note: this is self-asserted; for verifiable witness
attestation, witnesses should submit independent signed ECTs.
- "org.ietf.wimse.inp\_classification": String. Data sensitivity
classification (e.g., "public", "confidential", "restricted").
- "org.ietf.wimse.pol\_timestamp": NumericDate. Time at which the
policy decision was made, if distinct from "iat".
## Complete ECT Example
The following is a complete ECT payload example:
@@ -660,18 +637,16 @@ The following is a complete ECT payload example:
"pol": "clinical_reasoning_policy_v2",
"pol_decision": "approved",
"pol_enforcer": "spiffe://example.com/policy/clinical-engine",
"pol_timestamp": 1772064145,
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
"inp_classification": "confidential",
"exec_time_ms": 245,
"regulated_domain": "medtech",
"model_version": "clinical-reasoning-v4.2",
"witnessed_by": [
"spiffe://example.com/audit/observer-1"
]
"ext": {
"org.ietf.wimse.pol_timestamp": 1772064145,
"org.ietf.wimse.exec_time_ms": 245,
"org.ietf.wimse.regulated_domain": "medtech",
"org.ietf.wimse.model_version": "clinical-reasoning-v4.2"
}
}
~~~
{: #fig-full-ect title="Complete ECT Payload Example"}
@@ -1054,7 +1029,7 @@ Human Release Manager:
exec_act: approve_release
pol: release_approval_policy pol_decision: approved
pol_enforcer: spiffe://meddev.example/human/release-mgr-42
witnessed_by: [spiffe://meddev.example/audit/qa-observer-1]
ext: {org.ietf.wimse.witnessed_by: [...]} (extension metadata)
~~~
{: #fig-medtech-sdlc title="Medical Device SDLC Workflow"}
@@ -1245,20 +1220,21 @@ ECTs do not independently verify that:
The trustworthiness of ECT claims depends on the trustworthiness
of the signing agent. To mitigate single-agent false claims,
regulated environments SHOULD use the "witnessed_by" mechanism
to include independent third-party observers at critical decision
points. However, the "witnessed_by" claim is self-asserted by
the ECT issuer: the listed witnesses do not co-sign the ECT and
there is no cryptographic evidence within a single ECT that the
witnesses actually observed the task. An issuing agent could
list witnesses that did not participate.
regulated environments SHOULD use the "org.ietf.wimse.witnessed_by"
extension key (carried in "ext") to include independent
third-party observers at critical decision points. However,
this value is self-asserted by the ECT issuer: the listed
witnesses do not co-sign the ECT and there is no cryptographic
evidence within a single ECT that the witnesses actually
observed the task. An issuing agent could list witnesses that
did not participate.
### Witness Attestation Model {#witness-attestation-model}
To address the self-assertion limitation of the "witnessed_by"
claim, witnesses SHOULD submit their own independent signed ECTs
to the audit ledger attesting to the observed task. A witness
attestation ECT:
To address the self-assertion limitation of the
"org.ietf.wimse.witnessed_by" extension, witnesses SHOULD submit their
own independent signed ECTs to the audit ledger attesting to the
observed task. A witness attestation ECT:
- MUST set "iss" to the witness's own workload identity.
- MUST set "exec_act" to "witness_attestation" (or a domain-
@@ -1268,11 +1244,11 @@ attestation ECT:
- MUST set "pol_decision" to "approved" to indicate the witness
confirms the observation.
When a task's "witnessed_by" claim lists one or more witnesses,
auditors SHOULD verify that corresponding witness attestation
ECTs exist in the ledger for each listed witness. A mismatch
between the "witnessed_by" list and the set of independent witness
ECTs in the ledger SHOULD be flagged during audit review.
When a task's "org.ietf.wimse.witnessed_by" extension lists one or more
witnesses, auditors SHOULD verify that corresponding witness
attestation ECTs exist in the ledger for each listed witness. A
mismatch between the extension value and the set of independent
witness ECTs in the ledger SHOULD be flagged during audit review.
This model converts witness attestation from a self-asserted claim
to a cryptographically verifiable property of the ledger: the
@@ -1374,8 +1350,8 @@ Mitigations include:
- Independent ledger maintenance: The ledger SHOULD be maintained
by an entity independent of the workflow agents.
- Witness attestation: Using the "witnessed_by" claim to include
independent third-party observers.
- Witness attestation: Using the "org.ietf.wimse.witnessed_by" extension
key in "ext" to include independent third-party observers.
- Cross-verification: Multiple independent ledger replicas can be
compared for consistency.
- Out-of-band audit: External auditors periodically verify ledger
@@ -1564,14 +1540,8 @@ the "JSON Web Token Claims" registry maintained by IANA:
| pol | Policy Rule Identifier | IETF | {{policy-claims}} |
| pol_decision | Policy Decision Result | IETF | {{policy-claims}} |
| pol_enforcer | Policy Enforcer Identity | IETF | {{policy-claims}} |
| pol_timestamp | Policy Decision Timestamp | IETF | {{policy-claims}} |
| inp_hash | Input Data Hash | IETF | {{data-integrity-claims}} |
| out_hash | Output Data Hash | IETF | {{data-integrity-claims}} |
| inp_classification | Input Data Classification | IETF | {{data-integrity-claims}} |
| exec_time_ms | Execution Time (ms) | IETF | {{operational-claims}} |
| witnessed_by | Witness Identities | IETF | {{operational-claims}} |
| regulated_domain | Regulatory Domain | IETF | {{operational-claims}} |
| model_version | AI/ML Model Version | IETF | {{operational-claims}} |
| compensation_required | Compensation Flag | IETF | {{compensation-claims}} |
| compensation_reason | Compensation Reason | IETF | {{compensation-claims}} |
| ext | Extension Object | IETF | {{extension-claims}} |
@@ -1592,21 +1562,6 @@ The initial contents of the registry are:
| pending_human_review | Awaiting human judgment | IETF | {{policy-claims}} |
{: #table-pol-decision title="ECT Policy Decision Values"}
## ECT Regulated Domain Values Registry {#regulated-domain-registry}
This document establishes the "ECT Regulated Domain Values"
registry under the "JSON Web Token (JWT)" group. Registration
policy is Specification Required per {{!RFC8126}}.
The initial contents of the registry are:
| Value | Description | Change Controller | Reference |
|:---:|:---|:---:|:---:|
| medtech | Medical technology and devices | IETF | {{operational-claims}} |
| finance | Financial services and trading | IETF | {{operational-claims}} |
| military | Military and defense | IETF | {{operational-claims}} |
{: #table-regulated-domain title="ECT Regulated Domain Values"}
--- back
# Related Work
@@ -1840,9 +1795,7 @@ ECT Payload:
"pol": "clinical_data_access_policy_v1",
"pol_decision": "approved",
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
"exec_time_ms": 142,
"regulated_domain": "medtech"
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
}
~~~
@@ -1861,9 +1814,7 @@ task, and creates its own ECT:
"exec_act": "validate_safety",
"par": ["550e8400-e29b-41d4-a716-446655440001"],
"pol": "safety_validation_policy_v2",
"pol_decision": "approved",
"exec_time_ms": 89,
"regulated_domain": "medtech"
"pol_decision": "approved"
}
~~~
@@ -1897,8 +1848,6 @@ Task 1 (Spec Review Agent):
"par": [],
"pol": "spec_review_policy_v2",
"pol_decision": "approved",
"regulated_domain": "medtech",
"model_version": "spec-review-v3.1",
"inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
"out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
}
@@ -1918,9 +1867,7 @@ Task 2 (Code Generation Agent):
"exec_act": "implement_module",
"par": ["a1b2c3d4-0001-0000-0000-000000000001"],
"pol": "coding_standards_v3",
"pol_decision": "approved",
"regulated_domain": "medtech",
"model_version": "codegen-v2.4"
"pol_decision": "approved"
}
~~~
@@ -1938,9 +1885,7 @@ Task 3 (Autonomous Test Agent):
"exec_act": "execute_test_suite",
"par": ["a1b2c3d4-0001-0000-0000-000000000002"],
"pol": "test_coverage_policy_v1",
"pol_decision": "approved",
"regulated_domain": "medtech",
"exec_time_ms": 4523
"pol_decision": "approved"
}
~~~
@@ -1959,7 +1904,6 @@ Task 4 (Build Agent):
"par": ["a1b2c3d4-0001-0000-0000-000000000003"],
"pol": "build_validation_v2",
"pol_decision": "approved",
"regulated_domain": "medtech",
"out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
}
~~~
@@ -1980,17 +1924,19 @@ Task 5 (Human Release Manager Approval):
"pol": "release_approval_policy",
"pol_decision": "approved",
"pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
"witnessed_by": [
"ext": {
"org.ietf.wimse.witnessed_by": [
"spiffe://meddev.example/audit/qa-observer-1"
],
"regulated_domain": "medtech"
]
}
}
~~~
The resulting DAG records the complete SDLC: spec review preceded
implementation, implementation preceded testing, testing preceded
build, and a human release manager approved the final release
with independent witness attestation.
build, and a human release manager approved the final release.
The "ext" object in task 5 carries witness metadata via
the "org.ietf.wimse.witnessed_by" extension key.
~~~
task-...-0001 (review_requirements_spec)
@@ -2005,7 +1951,7 @@ task-...-0003 (execute_test_suite)
task-...-0004 (build_release_artifact)
|
v
task-...-0005 (approve_release) [human, witnessed]
task-...-0005 (approve_release) [human]
~~~
An FDA auditor reconstructs this DAG by querying the audit ledger
@@ -2049,8 +1995,7 @@ Task 004 ECT payload:
"f1e2d3c4-0003-0000-0000-000000000003"
],
"pol": "trade_execution_policy_v3",
"pol_decision": "approved",
"regulated_domain": "finance"
"pol_decision": "approved"
}
~~~

626
draft-nennemann-wimse-execution-context-00.txt
View File

File diff suppressed because it is too large Load Diff

1275
draft-nennemann-wimse-execution-context-00.xml
View File

File diff suppressed because it is too large Load Diff