From ddc1e3c6c0ec1cdeff25c4c5448939dcf3234417 Mon Sep 17 00:00:00 2001
From: Christian Nennemann <christian@nennemann.de>
Date: Wed, 25 Feb 2026 15:38:38 +0100
Subject: [PATCH] Split policy/compensation into companion spec, slim down base
 ECT

Move all policy evaluation (pol, pol_decision, pol_enforcer) and
compensation claims to I-D.nennemann-wimse-ect-policy-compensation.
Base spec now focuses on execution ordering, DAG structure, and
audit trail. All examples, diagrams, and prose updated accordingly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 ...-nennemann-wimse-execution-context-00.html |  586 ++-----
 draft-nennemann-wimse-execution-context-00.md |  305 +---
 ...t-nennemann-wimse-execution-context-00.txt | 1358 +++++++----------
 ...t-nennemann-wimse-execution-context-00.xml | 1340 +++++++---------
 4 files changed, 1299 insertions(+), 2290 deletions(-)

diff --git a/draft-nennemann-wimse-execution-context-00.html b/draft-nennemann-wimse-execution-context-00.html
index 6b066fc..64cbb10 100644
--- a/draft-nennemann-wimse-execution-context-00.html
+++ b/draft-nennemann-wimse-execution-context-00.html
@@ -11,16 +11,16 @@
 to the Workload Identity in Multi System Environments (WIMSE)
 architecture for distributed agentic workflows in regulated
 environments.  ECTs provide signed, structured records of task
-execution order, policy evaluation outcomes, and compliance state
-across
-agent-to-agent communication.  By extending WIMSE Workload Identity
+execution order and compliance state across agent-to-agent
+communication.  By extending WIMSE Workload Identity
 Tokens with execution context claims in JSON Web Token (JWT)
 format, this specification enables regulated systems to maintain
 structured audit trails that support compliance verification.
 ECTs use a directed acyclic graph (DAG) structure to represent task
-dependencies, record policy evaluation outcomes at each decision
-point, and integrate with WIMSE Workload Identity Tokens (WIT)
-using the same signing model and cryptographic primitives.  A new
+dependencies and integrate with WIMSE Workload Identity Tokens (WIT)
+using the same signing model and cryptographic primitives.
+Policy evaluation and compensation extensions are defined in
+ .  A new
 HTTP header field,
 Execution-Context, is defined for transporting ECTs alongside
 existing WIMSE headers.  ECTs are a technical building block that
@@ -1277,16 +1277,16 @@ li > p:last-of-type:only-child {
 to the Workload Identity in Multi System Environments (WIMSE)
 architecture for distributed agentic workflows in regulated
 environments.  ECTs provide signed, structured records of task
-execution order, policy evaluation outcomes, and compliance state
-across
-agent-to-agent communication.  By extending WIMSE Workload Identity
+execution order and compliance state across agent-to-agent
+communication.  By extending WIMSE Workload Identity
 Tokens with execution context claims in JSON Web Token (JWT)
 format, this specification enables regulated systems to maintain
 structured audit trails that support compliance verification.
 ECTs use a directed acyclic graph (DAG) structure to represent task
-dependencies, record policy evaluation outcomes at each decision
-point, and integrate with WIMSE Workload Identity Tokens (WIT)
-using the same signing model and cryptographic primitives.  A new
+dependencies and integrate with WIMSE Workload Identity Tokens (WIT)
+using the same signing model and cryptographic primitives.
+Policy evaluation and compensation extensions are defined in
+<span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span>.  A new
 HTTP header field,
 Execution-Context, is defined for transporting ECTs alongside
 existing WIMSE headers.  ECTs are a technical building block that
@@ -1391,16 +1391,13 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
                     <p id="section-toc.1-1.4.2.2.2.2.1"><a href="#section-4.2.2" class="auto internal xref">4.2.2</a>.  <a href="#name-execution-context" class="internal xref">Execution Context</a></p>
 </li>
                   <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.3">
-                    <p id="section-toc.1-1.4.2.2.2.3.1"><a href="#section-4.2.3" class="auto internal xref">4.2.3</a>.  <a href="#name-policy-evaluation" class="internal xref">Policy Evaluation</a></p>
+                    <p id="section-toc.1-1.4.2.2.2.3.1"><a href="#section-4.2.3" class="auto internal xref">4.2.3</a>.  <a href="#name-data-integrity" class="internal xref">Data Integrity</a></p>
 </li>
                   <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.4">
-                    <p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-data-integrity" class="internal xref">Data Integrity</a></p>
+                    <p id="section-toc.1-1.4.2.2.2.4.1"><a href="#section-4.2.4" class="auto internal xref">4.2.4</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
 </li>
                   <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.5">
-                    <p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-compensation-and-rollback" class="internal xref">Compensation and Rollback</a></p>
-</li>
-                  <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.4.2.2.2.6">
-                    <p id="section-toc.1-1.4.2.2.2.6.1"><a href="#section-4.2.6" class="auto internal xref">4.2.6</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
+                    <p id="section-toc.1-1.4.2.2.2.5.1"><a href="#section-4.2.5" class="auto internal xref">4.2.5</a>.  <a href="#name-extensions" class="internal xref">Extensions</a></p>
 </li>
                 </ul>
 </li>
@@ -1533,9 +1530,6 @@ regulatory frameworks.<a href="#section-abstract-1" class="pilcrow">¶</a></p>
 </li>
               <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.3">
                 <p id="section-toc.1-1.12.2.3.1"><a href="#section-12.3" class="auto internal xref">12.3</a>.  <a href="#name-jwt-claims-registration" class="internal xref">JWT Claims Registration</a></p>
-</li>
-              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.12.2.4">
-                <p id="section-toc.1-1.12.2.4.1"><a href="#section-12.4" class="auto internal xref">12.4</a>.  <a href="#name-ect-policy-decision-values-" class="internal xref">ECT Policy Decision Values Registry</a></p>
 </li>
             </ul>
 </li>
@@ -1639,18 +1633,17 @@ each other across call chains using the Workload-Identity and
 Workload-Proof-Token HTTP headers.<a href="#section-1.1-1" class="pilcrow">¶</a></p>
 <p id="section-1.1-2">However, workload identity alone does not address execution
 accountability.  Knowing who performed an action does not record
-what was done, what policy was applied, or whether compliance
-requirements were evaluated at each decision point.<a href="#section-1.1-2" class="pilcrow">¶</a></p>
+what was done or in what order.<a href="#section-1.1-2" class="pilcrow">¶</a></p>
 <p id="section-1.1-3">Regulated environments increasingly deploy autonomous agents that
 coordinate across organizational boundaries.  Multiple regulatory
 frameworks — including <span>[<a href="#EU-AI-ACT" class="cite xref">EU-AI-ACT</a>]</span>, <span>[<a href="#FDA-21CFR11" class="cite xref">FDA-21CFR11</a>]</span>, <span>[<a href="#MIFID-II" class="cite xref">MIFID-II</a>]</span>,
 and <span>[<a href="#DORA" class="cite xref">DORA</a>]</span> — require structured, auditable records of automated
-decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 3</a> for a
+decision-making and execution (see <a href="#_table-regulatory" class="auto internal xref">Table 2</a> for a
 detailed mapping).<a href="#section-1.1-3" class="pilcrow">¶</a></p>
 <p id="section-1.1-4">This document defines an extension to the WIMSE architecture that
 addresses the gap between workload identity and execution
 accountability.  WIMSE authenticates agents; this extension records
-what they did, in what order, and what policy was evaluated.<a href="#section-1.1-4" class="pilcrow">¶</a></p>
+what they did and in what order.<a href="#section-1.1-4" class="pilcrow">¶</a></p>
 <p id="section-1.1-5">As identified in <span>[<a href="#I-D.ni-wimse-ai-agent-identity" class="cite xref">I-D.ni-wimse-ai-agent-identity</a>]</span>, call context
 in agentic workflows needs to be visible and preserved.  ECTs
 provide a mechanism to address this requirement with cryptographic
@@ -1668,15 +1661,15 @@ systems:<a href="#section-1.2-1" class="pilcrow">¶</a></p>
 <li id="section-1.2-2.1">
             <p id="section-1.2-2.1.1">WIMSE authenticates agents but does not record what they
 actually did.  A WIT proves "Agent A is authorized" but not
-"Agent A executed Task X, under Policy Y, producing Output Z."<a href="#section-1.2-2.1.1" class="pilcrow">¶</a></p>
+"Agent A executed Task X, producing Output Z."<a href="#section-1.2-2.1.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-1.2-2.2">
-            <p id="section-1.2-2.2.1">No standard mechanism exists to record policy evaluation
-outcomes at each decision point in a multi-agent workflow.<a href="#section-1.2-2.2.1" class="pilcrow">¶</a></p>
+            <p id="section-1.2-2.2.1">No standard mechanism exists to cryptographically order and
+link task execution across a multi-agent workflow.<a href="#section-1.2-2.2.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-1.2-2.3">
-            <p id="section-1.2-2.3.1">No mechanism exists to cryptographically link compensation and
-rollback decisions to original actions.<a href="#section-1.2-2.3.1" class="pilcrow">¶</a></p>
+            <p id="section-1.2-2.3.1">No mechanism exists to reconstruct the complete execution
+history of a distributed workflow for audit purposes.<a href="#section-1.2-2.3.1" class="pilcrow">¶</a></p>
 </li>
         </ol>
 <p id="section-1.2-3">Existing observability tools such as distributed tracing
@@ -1700,17 +1693,18 @@ regulatory audit scenarios.<a href="#section-1.2-3" class="pilcrow">¶</a></p>
             <p id="section-1.3-2.2.1">DAG structure for task dependency ordering (<a href="#dag-validation" class="auto internal xref">Section 6</a>)<a href="#section-1.3-2.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-1.3-2.3">
-            <p id="section-1.3-2.3.1">Policy checkpoint recording (<a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>)<a href="#section-1.3-2.3.1" class="pilcrow">¶</a></p>
+            <p id="section-1.3-2.3.1">Integration with the WIMSE identity framework
+(<a href="#wimse-integration" class="auto internal xref">Section 3</a>)<a href="#section-1.3-2.3.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-1.3-2.4">
-            <p id="section-1.3-2.4.1">Integration with the WIMSE identity framework
-(<a href="#wimse-integration" class="auto internal xref">Section 3</a>)<a href="#section-1.3-2.4.1" class="pilcrow">¶</a></p>
+            <p id="section-1.3-2.4.1">An HTTP header for ECT transport (<a href="#http-header" class="auto internal xref">Section 5</a>)<a href="#section-1.3-2.4.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-1.3-2.5">
-            <p id="section-1.3-2.5.1">An HTTP header for ECT transport (<a href="#http-header" class="auto internal xref">Section 5</a>)<a href="#section-1.3-2.5.1" class="pilcrow">¶</a></p>
+            <p id="section-1.3-2.5.1">Audit ledger interface requirements (<a href="#ledger-interface" class="auto internal xref">Section 8</a>)<a href="#section-1.3-2.5.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-1.3-2.6">
-            <p id="section-1.3-2.6.1">Audit ledger interface requirements (<a href="#ledger-interface" class="auto internal xref">Section 8</a>)<a href="#section-1.3-2.6.1" class="pilcrow">¶</a></p>
+            <p id="section-1.3-2.6.1">Policy evaluation and compensation extensions are defined
+separately in <span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span><a href="#section-1.3-2.6.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 <p id="section-1.3-3">The following are out of scope and are handled by WIMSE:<a href="#section-1.3-3" class="pilcrow">¶</a></p>
@@ -1744,11 +1738,10 @@ controls, policies, procedures, validation, and governance measures
 beyond the scope of this specification.  The regulatory references
 in this document are intended to motivate the design requirements,
 not to claim that implementing ECTs satisfies these regulations.<a href="#section-1.4-2" class="pilcrow">¶</a></p>
-<p id="section-1.4-3">ECTs provide evidence of claimed execution ordering and policy
-evaluation.  They do not independently verify that the claimed
-execution actually occurred as described, that the policy
-evaluation was correct, or that the agent faithfully performed the
-stated action.  The trustworthiness of ECT claims depends on the
+<p id="section-1.4-3">ECTs provide evidence of claimed execution ordering.  They do not
+independently verify that the claimed execution actually occurred
+as described or that the agent faithfully performed the stated
+action.  The trustworthiness of ECT claims depends on the
 trustworthiness of the signing agent and the integrity of the
 broader deployment environment.<a href="#section-1.4-3" class="pilcrow">¶</a></p>
 </section>
@@ -1787,7 +1780,7 @@ edges are directed and no cycles exist.<a href="#section-2-3.6.1" class="pilcrow
 <dt id="section-2-3.7">Execution Context Token (ECT):</dt>
         <dd style="margin-left: 1.5em" id="section-2-3.8">
           <p id="section-2-3.8.1">A JSON Web Token <span>[<a href="#RFC7519" class="cite xref">RFC7519</a>]</span> defined by this specification that
-records task execution details and policy evaluation outcomes.<a href="#section-2-3.8.1" class="pilcrow">¶</a></p>
+records task execution details.<a href="#section-2-3.8.1" class="pilcrow">¶</a></p>
 </dd>
         <dd class="break"></dd>
 <dt id="section-2-3.9">Audit Ledger:</dt>
@@ -1797,35 +1790,29 @@ set of workflows, used for regulatory audit and compliance
 verification.<a href="#section-2-3.10.1" class="pilcrow">¶</a></p>
 </dd>
         <dd class="break"></dd>
-<dt id="section-2-3.11">Policy Checkpoint:</dt>
+<dt id="section-2-3.11">Workload Identity Token (WIT):</dt>
         <dd style="margin-left: 1.5em" id="section-2-3.12">
-          <p id="section-2-3.12.1">A point in a workflow where a policy evaluation outcome is
-recorded within an ECT.<a href="#section-2-3.12.1" class="pilcrow">¶</a></p>
+          <p id="section-2-3.12.1">A WIMSE credential proving a workload's identity within a trust
+domain.<a href="#section-2-3.12.1" class="pilcrow">¶</a></p>
 </dd>
         <dd class="break"></dd>
-<dt id="section-2-3.13">Workload Identity Token (WIT):</dt>
+<dt id="section-2-3.13">Workload Proof Token (WPT):</dt>
         <dd style="margin-left: 1.5em" id="section-2-3.14">
-          <p id="section-2-3.14.1">A WIMSE credential proving a workload's identity within a trust
-domain.<a href="#section-2-3.14.1" class="pilcrow">¶</a></p>
+          <p id="section-2-3.14.1">A WIMSE proof-of-possession token used for request-level
+authentication.<a href="#section-2-3.14.1" class="pilcrow">¶</a></p>
 </dd>
         <dd class="break"></dd>
-<dt id="section-2-3.15">Workload Proof Token (WPT):</dt>
+<dt id="section-2-3.15">Trust Domain:</dt>
         <dd style="margin-left: 1.5em" id="section-2-3.16">
-          <p id="section-2-3.16.1">A WIMSE proof-of-possession token used for request-level
-authentication.<a href="#section-2-3.16.1" class="pilcrow">¶</a></p>
-</dd>
-        <dd class="break"></dd>
-<dt id="section-2-3.17">Trust Domain:</dt>
-        <dd style="margin-left: 1.5em" id="section-2-3.18">
-          <p id="section-2-3.18.1">A WIMSE concept representing an organizational boundary with a
+          <p id="section-2-3.16.1">A WIMSE concept representing an organizational boundary with a
 shared identity issuer, corresponding to a SPIFFE <span>[<a href="#SPIFFE" class="cite xref">SPIFFE</a>]</span>
-trust domain.<a href="#section-2-3.18.1" class="pilcrow">¶</a></p>
+trust domain.<a href="#section-2-3.16.1" class="pilcrow">¶</a></p>
 </dd>
         <dd class="break"></dd>
-<dt id="section-2-3.19">Witness:</dt>
-        <dd style="margin-left: 1.5em" id="section-2-3.20">
-          <p id="section-2-3.20.1">A third-party entity that observes and attests to the execution
-of a task, providing additional accountability.<a href="#section-2-3.20.1" class="pilcrow">¶</a></p>
+<dt id="section-2-3.17">Witness:</dt>
+        <dd style="margin-left: 1.5em" id="section-2-3.18">
+          <p id="section-2-3.18.1">A third-party entity that observes and attests to the execution
+of a task, providing additional accountability.<a href="#section-2-3.18.1" class="pilcrow">¶</a></p>
 </dd>
       <dd class="break"></dd>
 </dl>
@@ -1864,13 +1851,10 @@ the WIMSE scope and are not addressed by workload identity alone:<a href="#secti
 identity<a href="#section-3.1-4.1.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-3.1-4.2">
-            <p id="section-3.1-4.2.1">Recording policy evaluation outcomes at each hop<a href="#section-3.1-4.2.1" class="pilcrow">¶</a></p>
+            <p id="section-3.1-4.2.1">Maintaining structured execution records<a href="#section-3.1-4.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-3.1-4.3">
-            <p id="section-3.1-4.3.1">Maintaining structured execution records<a href="#section-3.1-4.3.1" class="pilcrow">¶</a></p>
-</li>
-          <li class="normal" id="section-3.1-4.4">
-            <p id="section-3.1-4.4.1">Linking compensation or rollback actions to original tasks<a href="#section-3.1-4.4.1" class="pilcrow">¶</a></p>
+            <p id="section-3.1-4.3.1">Linking actions to their predecessors with cryptographic assurance<a href="#section-3.1-4.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 </section>
@@ -1896,7 +1880,7 @@ between the identity layer and the application layer:<a href="#section-3.2-1" cl
 +--------------------------------------------------+
 |  ECT Layer (Execution Accountability) [This Spec]|
 |    ECT: "Task executed, dependencies met,        |
-|          policy evaluated, outcome recorded"      |
+|          inputs/outputs hashed"                   |
 +--------------------------------------------------+
                        |
                        v
@@ -1969,8 +1953,8 @@ trust domain.  WPT verification, if present, per
 <span>[<a href="#I-D.ietf-wimse-s2s-protocol" class="cite xref">I-D.ietf-wimse-s2s-protocol</a>]</span>.<a href="#section-3.3-7.1.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-3.3-7.2">
-            <p id="section-3.3-7.2.1">ECT (this extension): Records what Agent A did, what policy was
-evaluated, and what precedent tasks exist.<a href="#section-3.3-7.2.1" class="pilcrow">¶</a></p>
+            <p id="section-3.3-7.2.1">ECT (this extension): Records what Agent A did and what
+precedent tasks exist.<a href="#section-3.3-7.2.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-3.3-7.3">
             <p id="section-3.3-7.3.1">Ledger (if deployed): Appends the verified ECT to the audit
@@ -2171,85 +2155,17 @@ multiple root tasks.<a href="#section-4.2.2-2.6.1" class="pilcrow">¶</a></p>
 </dl>
 </section>
 </div>
-<div id="policy-claims">
-<section id="section-4.2.3">
-          <h4 id="name-policy-evaluation">
-<a href="#section-4.2.3" class="section-number selfRef">4.2.3. </a><a href="#name-policy-evaluation" class="section-name selfRef">Policy Evaluation</a>
-          </h4>
-<p id="section-4.2.3-1">The following claims record policy evaluation outcomes:<a href="#section-4.2.3-1" class="pilcrow">¶</a></p>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.3-2">
-            <dt id="section-4.2.3-2.1">pol:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.3-2.2">
-              <p id="section-4.2.3-2.2.1"><span class="bcp14">OPTIONAL</span>.  String.  The identifier of the policy rule that was
-evaluated for this task (e.g.,
-"clinical_data_access_policy_v1").  <span class="bcp14">MUST</span> be present when
-"pol_decision" is present.<a href="#section-4.2.3-2.2.1" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.3-2.3">pol_decision:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.3-2.4">
-              <p id="section-4.2.3-2.4.1"><span class="bcp14">OPTIONAL</span>.  String.  The result of the policy evaluation.  When
-present, <span class="bcp14">MUST</span> be one of the values registered in the ECT Policy
-Decision Values registry (<a href="#pol-decision-registry" class="auto internal xref">Section 12.4</a>).  <span class="bcp14">MUST</span> be
-present when "pol" is present.  Initial values are:<a href="#section-4.2.3-2.4.1" class="pilcrow">¶</a></p>
-<ul class="normal">
-<li class="normal" id="section-4.2.3-2.4.2.1">
-                  <p id="section-4.2.3-2.4.2.1.1">"approved": The policy evaluation succeeded and the task
-was authorized to proceed.<a href="#section-4.2.3-2.4.2.1.1" class="pilcrow">¶</a></p>
-</li>
-                <li class="normal" id="section-4.2.3-2.4.2.2">
-                  <p id="section-4.2.3-2.4.2.2.1">"rejected": The policy evaluation failed.  A "rejected" ECT
-<span class="bcp14">MUST</span> still be recorded for accountability.  An ECT with
-"pol_decision" of "rejected" <span class="bcp14">MAY</span> appear as a parent in the
-"par" array of a subsequent ECT, but only for compensation,
-rollback, or remediation tasks.  Agents <span class="bcp14">MUST NOT</span> proceed
-with normal workflow execution based on a parent ECT whose
-"pol_decision" is "rejected".<a href="#section-4.2.3-2.4.2.2.1" class="pilcrow">¶</a></p>
-</li>
-                <li class="normal" id="section-4.2.3-2.4.2.3">
-                  <p id="section-4.2.3-2.4.2.3.1">"pending_human_review": The policy evaluation requires human
-judgment before proceeding.  Agents <span class="bcp14">MUST NOT</span> proceed with
-dependent tasks until a subsequent ECT from a human reviewer
-records an "approved" decision referencing this task as a
-parent.<a href="#section-4.2.3-2.4.2.3.1" class="pilcrow">¶</a></p>
-</li>
-              </ul>
-<p id="section-4.2.3-2.4.3">When "pol" and "pol_decision" are absent, the ECT records task
-execution without a policy checkpoint.  Regulated deployments
-<span class="bcp14">SHOULD</span> include policy claims on all ECTs to maintain complete
-audit trails.<a href="#section-4.2.3-2.4.3" class="pilcrow">¶</a></p>
-</dd>
-            <dd class="break"></dd>
-<dt id="section-4.2.3-2.5">pol_enforcer:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.3-2.6">
-              <p id="section-4.2.3-2.6.1"><span class="bcp14">OPTIONAL</span>.  StringOrURI.  The identity of the entity (system or
-person) that evaluated the policy decision.  When present,
-<span class="bcp14">SHOULD</span> use SPIFFE ID format.<a href="#section-4.2.3-2.6.1" class="pilcrow">¶</a></p>
-</dd>
-          <dd class="break"></dd>
-</dl>
-<p id="section-4.2.3-3">This specification intentionally defines only the recording of
-policy evaluation outcomes.  The mechanisms by which policies are
-defined, distributed to agents, and evaluated are out of scope.
-The "pol" claim is an opaque identifier referencing an external
-policy; the semantics and enforcement of that policy are
-determined by the deployment environment.  Implementations may
-use any policy engine or framework (e.g., OPA/Rego, Cedar, XACML,
-or custom solutions) provided that the evaluation outcome is
-faithfully recorded in the ECT claims defined above.<a href="#section-4.2.3-3" class="pilcrow">¶</a></p>
-</section>
-</div>
 <div id="data-integrity-claims">
-<section id="section-4.2.4">
+<section id="section-4.2.3">
           <h4 id="name-data-integrity">
-<a href="#section-4.2.4" class="section-number selfRef">4.2.4. </a><a href="#name-data-integrity" class="section-name selfRef">Data Integrity</a>
+<a href="#section-4.2.3" class="section-number selfRef">4.2.3. </a><a href="#name-data-integrity" class="section-name selfRef">Data Integrity</a>
           </h4>
-<p id="section-4.2.4-1">The following claims provide integrity verification for task
-inputs and outputs without revealing the data itself:<a href="#section-4.2.4-1" class="pilcrow">¶</a></p>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.4-2">
-            <dt id="section-4.2.4-2.1">inp_hash:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.4-2.2">
-              <p id="section-4.2.4-2.2.1"><span class="bcp14">OPTIONAL</span>.  String.  A cryptographic hash of the input data,
+<p id="section-4.2.3-1">The following claims provide integrity verification for task
+inputs and outputs without revealing the data itself:<a href="#section-4.2.3-1" class="pilcrow">¶</a></p>
+<span class="break"></span><dl class="dlParallel" id="section-4.2.3-2">
+            <dt id="section-4.2.3-2.1">inp_hash:</dt>
+            <dd style="margin-left: 1.5em" id="section-4.2.3-2.2">
+              <p id="section-4.2.3-2.2.1"><span class="bcp14">OPTIONAL</span>.  String.  A cryptographic hash of the input data,
 formatted as "hash-algorithm:base64url-encoded-hash" (e.g.,
 "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg").  The
 hash algorithm identifier <span class="bcp14">MUST</span> be a lowercase value from the
@@ -2258,46 +2174,45 @@ IANA Named Information Hash Algorithm Registry (e.g., "sha-256",
 and <span class="bcp14">SHOULD</span> use "sha-256" unless a stronger algorithm is
 required.  Implementations <span class="bcp14">MUST NOT</span> accept hash algorithms
 weaker than SHA-256 (e.g., MD5, SHA-1).  The hash <span class="bcp14">MUST</span> be
-computed over the raw octets of the input data.<a href="#section-4.2.4-2.2.1" class="pilcrow">¶</a></p>
+computed over the raw octets of the input data.<a href="#section-4.2.3-2.2.1" class="pilcrow">¶</a></p>
 </dd>
             <dd class="break"></dd>
-<dt id="section-4.2.4-2.3">out_hash:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.4-2.4">
-              <p id="section-4.2.4-2.4.1"><span class="bcp14">OPTIONAL</span>.  String.  A cryptographic hash of the output data,
-using the same format and algorithm requirements as "inp_hash".<a href="#section-4.2.4-2.4.1" class="pilcrow">¶</a></p>
+<dt id="section-4.2.3-2.3">out_hash:</dt>
+            <dd style="margin-left: 1.5em" id="section-4.2.3-2.4">
+              <p id="section-4.2.3-2.4.1"><span class="bcp14">OPTIONAL</span>.  String.  A cryptographic hash of the output data,
+using the same format and algorithm requirements as "inp_hash".<a href="#section-4.2.3-2.4.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
 </section>
 </div>
 <div id="compensation-claims">
-<section id="section-4.2.5">
+<section id="section-4.2.4">
           <h4 id="name-compensation-and-rollback">
-<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
+<a href="#section-4.2.4" class="section-number selfRef">4.2.4. </a><a href="#name-compensation-and-rollback" class="section-name selfRef">Compensation and Rollback</a>
           </h4>
-<p id="section-4.2.5-1">Compensation and rollback actions are recorded using the "par"
-claim to reference the original task and the "exec_act" claim to
-describe the remediation action.  The referenced parent ECTs may
-have passed their own "exp" time; ECT expiration applies to the
-verification window of the ECT itself, not to its validity as a
-parent reference in the ECT store.<a href="#section-4.2.5-1" class="pilcrow">¶</a></p>
+<p id="section-4.2.4-1">Compensation and rollback extensions are defined in
+<span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span>.  The referenced
+parent ECTs may have passed their own "exp" time; ECT expiration
+applies to the verification window of the ECT itself, not to its
+validity as a parent reference in the ECT store.<a href="#section-4.2.4-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="extension-claims">
-<section id="section-4.2.6">
+<section id="section-4.2.5">
           <h4 id="name-extensions">
-<a href="#section-4.2.6" class="section-number selfRef">4.2.6. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
+<a href="#section-4.2.5" class="section-number selfRef">4.2.5. </a><a href="#name-extensions" class="section-name selfRef">Extensions</a>
           </h4>
-<span class="break"></span><dl class="dlParallel" id="section-4.2.6-1">
-            <dt id="section-4.2.6-1.1">ext:</dt>
-            <dd style="margin-left: 1.5em" id="section-4.2.6-1.2">
-              <p id="section-4.2.6-1.2.1"><span class="bcp14">OPTIONAL</span>.  Object.  An extension object for domain-specific
+<span class="break"></span><dl class="dlParallel" id="section-4.2.5-1">
+            <dt id="section-4.2.5-1.1">ext:</dt>
+            <dd style="margin-left: 1.5em" id="section-4.2.5-1.2">
+              <p id="section-4.2.5-1.2.1"><span class="bcp14">OPTIONAL</span>.  Object.  An extension object for domain-specific
 claims not defined by this specification.  Implementations
-that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.6-1.2.1" class="pilcrow">¶</a></p>
+that do not understand extension claims <span class="bcp14">MUST</span> ignore them.<a href="#section-4.2.5-1.2.1" class="pilcrow">¶</a></p>
 </dd>
           <dd class="break"></dd>
 </dl>
-<p id="section-4.2.6-2">To avoid key collisions between different domains, extension
+<p id="section-4.2.5-2">To avoid key collisions between different domains, extension
 key names <span class="bcp14">SHOULD</span> use reverse domain notation (e.g.,
 "com.example.custom_field") to avoid collisions between
 independently developed extensions.  To prevent abuse and
@@ -2305,46 +2220,34 @@ excessive token size, the serialized JSON representation of
 the "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096 bytes, and the JSON
 nesting depth within the "ext" object <span class="bcp14">SHOULD NOT</span> exceed 5
 levels.  Implementations <span class="bcp14">SHOULD</span> reject ECTs whose "ext" claim
-exceeds these limits.<a href="#section-4.2.6-2" class="pilcrow">¶</a></p>
-<p id="section-4.2.6-3">The following extension keys are defined by this specification
+exceeds these limits.<a href="#section-4.2.5-2" class="pilcrow">¶</a></p>
+<p id="section-4.2.5-3">The following extension keys are defined by this specification
 for common use cases.  Because these keys are documented here,
-they use short names without reverse domain prefixes:<a href="#section-4.2.6-3" class="pilcrow">¶</a></p>
+they use short names without reverse domain prefixes:<a href="#section-4.2.5-3" class="pilcrow">¶</a></p>
 <ul class="normal">
-<li class="normal" id="section-4.2.6-4.1">
-              <p id="section-4.2.6-4.1.1">"exec_time_ms": Integer.  Execution duration in milliseconds.<a href="#section-4.2.6-4.1.1" class="pilcrow">¶</a></p>
+<li class="normal" id="section-4.2.5-4.1">
+              <p id="section-4.2.5-4.1.1">"exec_time_ms": Integer.  Execution duration in milliseconds.<a href="#section-4.2.5-4.1.1" class="pilcrow">¶</a></p>
 </li>
-            <li class="normal" id="section-4.2.6-4.2">
-              <p id="section-4.2.6-4.2.1">"regulated_domain": String.  Regulatory domain (e.g.,
-"medtech", "finance", "military").<a href="#section-4.2.6-4.2.1" class="pilcrow">¶</a></p>
+            <li class="normal" id="section-4.2.5-4.2">
+              <p id="section-4.2.5-4.2.1">"regulated_domain": String.  Regulatory domain (e.g.,
+"medtech", "finance", "military").<a href="#section-4.2.5-4.2.1" class="pilcrow">¶</a></p>
 </li>
-            <li class="normal" id="section-4.2.6-4.3">
-              <p id="section-4.2.6-4.3.1">"model_version": String.  AI/ML model version.<a href="#section-4.2.6-4.3.1" class="pilcrow">¶</a></p>
+            <li class="normal" id="section-4.2.5-4.3">
+              <p id="section-4.2.5-4.3.1">"model_version": String.  AI/ML model version.<a href="#section-4.2.5-4.3.1" class="pilcrow">¶</a></p>
 </li>
-            <li class="normal" id="section-4.2.6-4.4">
-              <p id="section-4.2.6-4.4.1">"witnessed_by": Array of StringOrURI.  Identifiers of
+            <li class="normal" id="section-4.2.5-4.4">
+              <p id="section-4.2.5-4.4.1">"witnessed_by": Array of StringOrURI.  Identifiers of
 third-party entities that the issuer claims observed the
 task.  Note: this is self-asserted; for verifiable witness
-attestation, witnesses should submit independent signed ECTs.<a href="#section-4.2.6-4.4.1" class="pilcrow">¶</a></p>
+attestation, witnesses should submit independent signed ECTs.<a href="#section-4.2.5-4.4.1" class="pilcrow">¶</a></p>
 </li>
-            <li class="normal" id="section-4.2.6-4.5">
-              <p id="section-4.2.6-4.5.1">"inp_classification": String.  Data sensitivity classification
-(e.g., "public", "confidential", "restricted").<a href="#section-4.2.6-4.5.1" class="pilcrow">¶</a></p>
-</li>
-            <li class="normal" id="section-4.2.6-4.6">
-              <p id="section-4.2.6-4.6.1">"pol_timestamp": NumericDate.  Time at which the policy
-decision was made, if distinct from "iat".<a href="#section-4.2.6-4.6.1" class="pilcrow">¶</a></p>
-</li>
-            <li class="normal" id="section-4.2.6-4.7">
-              <p id="section-4.2.6-4.7.1">"compensation_required": Boolean.  Indicates whether this task
-is a compensation or rollback action.<a href="#section-4.2.6-4.7.1" class="pilcrow">¶</a></p>
-</li>
-            <li class="normal" id="section-4.2.6-4.8">
-              <p id="section-4.2.6-4.8.1">"compensation_reason": String.  Structured reason code for the
-compensation action (e.g., "policy_violation_in_parent_trade").
-<span class="bcp14">SHOULD</span> use structured identifiers rather than free-form text
-to minimize information leakage (see <a href="#data-minimization" class="auto internal xref">Section 11.2</a>).<a href="#section-4.2.6-4.8.1" class="pilcrow">¶</a></p>
+            <li class="normal" id="section-4.2.5-4.5">
+              <p id="section-4.2.5-4.5.1">"inp_classification": String.  Data sensitivity classification
+(e.g., "public", "confidential", "restricted").<a href="#section-4.2.5-4.5.1" class="pilcrow">¶</a></p>
 </li>
           </ul>
+<p id="section-4.2.5-5">Additional extension keys for policy evaluation and compensation
+are defined in <span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span>.<a href="#section-4.2.5-5" class="pilcrow">¶</a></p>
 </section>
 </div>
 </section>
@@ -2370,15 +2273,10 @@ to minimize information leakage (see <a href="#data-minimization" class="auto in
   "exec_act": "recommend_treatment",
   "par": [],
 
-  "pol": "clinical_reasoning_policy_v2",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
 
   "ext": {
-    "pol_timestamp": 1772064145,
     "exec_time_ms": 245,
     "regulated_domain": "medtech",
     "model_version": "clinical-reasoning-v4.2"
@@ -2498,19 +2396,9 @@ lead back to the current ECT's "jti".  If a cycle is detected,
 the ECT <span class="bcp14">MUST</span> be rejected.<a href="#section-6.2-2.4.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-6.2-2.5">
-            <p id="section-6.2-2.5.1">Parent Policy Decision: If any parent ECT contains a
-"pol_decision" of "rejected" or "pending_human_review", the
-current ECT's "exec_act" <span class="bcp14">MUST</span> indicate a compensation,
-rollback, remediation, or human review action.
-Implementations <span class="bcp14">MUST NOT</span> accept an ECT representing normal
-workflow continuation when a parent's "pol_decision" is not
-"approved".  This rule only applies when the parent ECT
-contains policy claims.<a href="#section-6.2-2.5.1" class="pilcrow">¶</a></p>
-</li>
-          <li id="section-6.2-2.6">
-            <p id="section-6.2-2.6.1">Trust Domain Consistency: Parent tasks <span class="bcp14">SHOULD</span> belong to the
+            <p id="section-6.2-2.5.1">Trust Domain Consistency: Parent tasks <span class="bcp14">SHOULD</span> belong to the
 same trust domain or to a trust domain with which a federation
-relationship has been established.<a href="#section-6.2-2.6.1" class="pilcrow">¶</a></p>
+relationship has been established.<a href="#section-6.2-2.5.1" class="pilcrow">¶</a></p>
 </li>
         </ol>
 </section>
@@ -2654,16 +2542,11 @@ verifier's current time, to account for clock skew).<a href="#section-7.1-2.11.1
 present and well-formed.<a href="#section-7.1-2.12.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-7.1-2.13">
-            <p id="section-7.1-2.13.1">If "pol" or "pol_decision" is present, verify that both are
-present and that "pol_decision" is one of "approved",
-"rejected", or "pending_human_review".<a href="#section-7.1-2.13.1" class="pilcrow">¶</a></p>
+            <p id="section-7.1-2.13.1">Perform DAG validation per <a href="#dag-validation" class="auto internal xref">Section 6</a>.<a href="#section-7.1-2.13.1" class="pilcrow">¶</a></p>
 </li>
           <li id="section-7.1-2.14">
-            <p id="section-7.1-2.14.1">Perform DAG validation per <a href="#dag-validation" class="auto internal xref">Section 6</a>.<a href="#section-7.1-2.14.1" class="pilcrow">¶</a></p>
-</li>
-          <li id="section-7.1-2.15">
-            <p id="section-7.1-2.15.1">If all checks pass and an audit ledger is deployed, the ECT
-<span class="bcp14">SHOULD</span> be appended to the ledger.<a href="#section-7.1-2.15.1" class="pilcrow">¶</a></p>
+            <p id="section-7.1-2.14.1">If all checks pass and an audit ledger is deployed, the ECT
+<span class="bcp14">SHOULD</span> be appended to the ledger.<a href="#section-7.1-2.14.1" class="pilcrow">¶</a></p>
 </li>
         </ol>
 <p id="section-7.1-3">If any verification step fails, the ECT <span class="bcp14">MUST</span> be rejected and the
@@ -2743,14 +2626,6 @@ function verify_ect(ect_jws, verifier_id,
     if claim not in payload:
       return reject("Missing required claim: " + claim)
 
-  // Validate policy claims (optional, but must be paired)
-  if "pol" in payload or "pol_decision" in payload:
-    if "pol" not in payload or "pol_decision" not in payload:
-      return reject("pol and pol_decision must both be present")
-    if payload.pol_decision not in
-       ["approved", "rejected", "pending_human_review"]:
-      return reject("Invalid pol_decision value")
-
   // Validate DAG (against ECT store or inline parent ECTs)
   result = validate_dag(payload, ect_store,
                          clock_skew_tolerance)
@@ -2838,28 +2713,22 @@ software used in medical devices.<a href="#section-9.1-1" class="pilcrow">¶</a>
 Agent A (Spec Reviewer):
   jti: task-001    par: []
   exec_act: review_requirements_spec
-  pol: spec_review_policy_v2     pol_decision: approved
 
 Agent B (Code Generator):
   jti: task-002    par: [task-001]
   exec_act: implement_module
-  pol: coding_standards_v3       pol_decision: approved
 
 Agent C (Test Agent):
   jti: task-003    par: [task-002]
   exec_act: execute_test_suite
-  pol: test_coverage_policy_v1   pol_decision: approved
 
 Agent D (Build Agent):
   jti: task-004    par: [task-003]
   exec_act: build_release_artifact
-  pol: build_validation_v2       pol_decision: approved
 
 Human Release Manager:
   jti: task-005    par: [task-004]
   exec_act: approve_release
-  pol: release_approval_policy   pol_decision: approved
-  pol_enforcer: spiffe://meddev.example/human/release-mgr-42
   ext: {witnessed_by: [...]}  (extension metadata)
 </pre>
 </div>
@@ -2911,17 +2780,14 @@ task-005 (approve_release) [human, witnessed]
               <p id="section-9.1.1-4.1.1">Each phase was executed by an identified and authenticated agent.<a href="#section-9.1.1-4.1.1" class="pilcrow">¶</a></p>
 </li>
             <li class="normal" id="section-9.1.1-4.2">
-              <p id="section-9.1.1-4.2.1">Policy checkpoints were evaluated at every phase transition.<a href="#section-9.1.1-4.2.1" class="pilcrow">¶</a></p>
+              <p id="section-9.1.1-4.2.1">The execution sequence was maintained (no step was bypassed).<a href="#section-9.1.1-4.2.1" class="pilcrow">¶</a></p>
 </li>
             <li class="normal" id="section-9.1.1-4.3">
-              <p id="section-9.1.1-4.3.1">The execution sequence was maintained (no step was bypassed).<a href="#section-9.1.1-4.3.1" class="pilcrow">¶</a></p>
+              <p id="section-9.1.1-4.3.1">A human-in-the-loop approved the final release, with independent
+witness attestation.<a href="#section-9.1.1-4.3.1" class="pilcrow">¶</a></p>
 </li>
             <li class="normal" id="section-9.1.1-4.4">
-              <p id="section-9.1.1-4.4.1">A human-in-the-loop approved the final release, with independent
-witness attestation.<a href="#section-9.1.1-4.4.1" class="pilcrow">¶</a></p>
-</li>
-            <li class="normal" id="section-9.1.1-4.5">
-              <p id="section-9.1.1-4.5.1">Timestamps and execution durations are recorded for each step.<a href="#section-9.1.1-4.5.1" class="pilcrow">¶</a></p>
+              <p id="section-9.1.1-4.4.1">Timestamps and execution durations are recorded for each step.<a href="#section-9.1.1-4.4.1" class="pilcrow">¶</a></p>
 </li>
           </ul>
 <p id="section-9.1.1-5">This can contribute to compliance with:<a href="#section-9.1.1-5" class="pilcrow">¶</a></p>
@@ -2963,17 +2829,14 @@ execution.<a href="#section-9.2-1" class="pilcrow">¶</a></p>
 Agent A (Risk Assessment):
   jti: task-001    par: []
   exec_act: calculate_risk_exposure
-  pol: risk_limits_policy_v2  pol_decision: approved
 
 Agent B (Compliance):
   jti: task-002    par: [task-001]
   exec_act: verify_compliance
-  pol: compliance_check_v1    pol_decision: approved
 
 Agent C (Execution):
   jti: task-003    par: [task-002]
   exec_act: execute_trade
-  pol: execution_policy_v3    pol_decision: approved
 </pre>
 </div>
 <figcaption><a href="#figure-10" class="selfRef">Figure 10</a>:
@@ -3001,39 +2864,10 @@ systems.<a href="#section-9.2-4.3.1" class="pilcrow">¶</a></p>
         <h3 id="name-compensation-and-rollback-2">
 <a href="#section-9.3" class="section-number selfRef">9.3. </a><a href="#name-compensation-and-rollback-2" class="section-name selfRef">Compensation and Rollback</a>
         </h3>
-<p id="section-9.3-1">When a compliance violation is discovered after execution, ECTs
-provide a mechanism to record authorized compensation actions with
-a cryptographic link to the original task:<a href="#section-9.3-1" class="pilcrow">¶</a></p>
-<span id="name-compensation-ect-example"></span><div id="fig-compensation">
-<figure id="figure-11">
-          <div class="lang-json sourcecode" id="section-9.3-2.1">
-<pre>
-{
-  "iss": "spiffe://bank.example/agent/operations",
-  "aud": "spiffe://bank.example/system/ledger",
-  "iat": 1772150550,
-  "exp": 1772151150,
-  "jti": "550e8400-e29b-41d4-a716-446655440099",
-  "wid": "d3e4f5a6-b7c8-9012-def0-123456789012",
-  "exec_act": "initiate_trade_rollback",
-  "par": ["550e8400-e29b-41d4-a716-446655440003"],
-  "pol": "compensation_policy_v1",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://bank.example/human/compliance-officer",
-  "ext": {
-    "compensation_required": true,
-    "compensation_reason": "policy_violation_in_parent_trade"
-  }
-}
-</pre>
-</div>
-<figcaption><a href="#figure-11" class="selfRef">Figure 11</a>:
-<a href="#name-compensation-ect-example" class="selfRef">Compensation ECT Example</a>
-          </figcaption></figure>
-</div>
-<p id="section-9.3-3">The "par" claim links the compensation action to the original
-trade, creating an auditable chain from execution through
-violation discovery to remediation.<a href="#section-9.3-3" class="pilcrow">¶</a></p>
+<p id="section-9.3-1">Compensation and rollback use cases are described in
+<span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span>.  The core
+ECT mechanism supports compensation through the "par" claim,
+which links a remediation ECT to the original task.<a href="#section-9.3-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="autonomous-logistics-coordination">
@@ -3045,36 +2879,31 @@ violation discovery to remediation.<a href="#section-9.3-3" class="pilcrow">¶</
 before shipment commitment.  The DAG structure records that all
 required checks were completed:<a href="#section-9.4-1" class="pilcrow">¶</a></p>
 <span id="name-logistics-workflow-with-par"></span><div id="fig-logistics">
-<figure id="figure-12">
+<figure id="figure-11">
           <div class="alignLeft art-text artwork" id="section-9.4-2.1">
 <pre>
 Agent A (Route Planning):
   jti: task-001    par: []
   exec_act: plan_route
-  pol: route_policy_v1        pol_decision: approved
 
 Agent B (Customs):
   jti: task-002    par: [task-001]
   exec_act: validate_customs
-  pol: customs_policy_v2      pol_decision: approved
 
 Agent C (Safety):
   jti: task-003    par: [task-001]
   exec_act: verify_cargo_safety
-  pol: safety_policy_v1       pol_decision: approved
 
 Agent D (Payment):
   jti: task-004    par: [task-002, task-003]
   exec_act: authorize_payment
-  pol: payment_policy_v3      pol_decision: approved
 
 System (Commitment):
   jti: task-005    par: [task-004]
   exec_act: commit_shipment
-  pol: commitment_policy_v1   pol_decision: approved
 </pre>
 </div>
-<figcaption><a href="#figure-12" class="selfRef">Figure 12</a>:
+<figcaption><a href="#figure-11" class="selfRef">Figure 11</a>:
 <a href="#name-logistics-workflow-with-par" class="selfRef">Logistics Workflow with Parallel Tasks</a>
           </figcaption></figure>
 </div>
@@ -3126,21 +2955,17 @@ to alter perceived execution ordering.<a href="#section-10.1-2.4.1" class="pilcr
 <p id="section-10.2-1">ECTs are self-asserted by the executing agent.  The agent claims
 what it did, and this claim is signed with its private key.  A
 compromised or malicious agent could create ECTs with false claims
-(e.g., setting "pol_decision" to "approved" without actually
-evaluating the policy).<a href="#section-10.2-1" class="pilcrow">¶</a></p>
+(e.g., claiming an action was performed when it was not).<a href="#section-10.2-1" class="pilcrow">¶</a></p>
 <p id="section-10.2-2">ECTs do not independently verify that:<a href="#section-10.2-2" class="pilcrow">¶</a></p>
 <ul class="normal">
 <li class="normal" id="section-10.2-3.1">
             <p id="section-10.2-3.1.1">The claimed execution actually occurred as described<a href="#section-10.2-3.1.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.2-3.2">
-            <p id="section-10.2-3.2.1">The policy evaluation was correctly performed<a href="#section-10.2-3.2.1" class="pilcrow">¶</a></p>
+            <p id="section-10.2-3.2.1">The input/output hashes correspond to the actual data processed<a href="#section-10.2-3.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.2-3.3">
-            <p id="section-10.2-3.3.1">The input/output hashes correspond to the actual data processed<a href="#section-10.2-3.3.1" class="pilcrow">¶</a></p>
-</li>
-          <li class="normal" id="section-10.2-3.4">
-            <p id="section-10.2-3.4.1">The agent faithfully performed the stated action<a href="#section-10.2-3.4.1" class="pilcrow">¶</a></p>
+            <p id="section-10.2-3.3.1">The agent faithfully performed the stated action<a href="#section-10.2-3.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 <p id="section-10.2-4">The trustworthiness of ECT claims depends on the trustworthiness
@@ -3178,12 +3003,8 @@ keys and how keys are protected.<a href="#section-10.3-2.1.1" class="pilcrow">¶
 entity independent of the workflow agents.<a href="#section-10.3-2.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.3-2.3">
-            <p id="section-10.3-2.3.1">Policy lifecycle management: Policy identifiers in ECTs map to
-actual, validated policy rules.<a href="#section-10.3-2.3.1" class="pilcrow">¶</a></p>
-</li>
-          <li class="normal" id="section-10.3-2.4">
-            <p id="section-10.3-2.4.1">Agent deployment governance: Agents are deployed and maintained
-in a manner that preserves their integrity.<a href="#section-10.3-2.4.1" class="pilcrow">¶</a></p>
+            <p id="section-10.3-2.3.1">Agent deployment governance: Agents are deployed and maintained
+in a manner that preserves their integrity.<a href="#section-10.3-2.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 </section>
@@ -3245,8 +3066,7 @@ transport security is already established.  HTTP Message Signatures
 request authorization.<a href="#section-10.6-3.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-10.6-3.3">
-            <p id="section-10.6-3.3.1">ECT (execution accountability layer): Records what the agent did
-and under what policy.<a href="#section-10.6-3.3.1" class="pilcrow">¶</a></p>
+            <p id="section-10.6-3.3.1">ECT (execution accountability layer): Records what the agent did.<a href="#section-10.6-3.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 </section>
@@ -3359,7 +3179,7 @@ array to a maximum of 256 entries.  Workflows requiring more
 parent references <span class="bcp14">SHOULD</span> introduce intermediate aggregation
 tasks.  The "ext" object <span class="bcp14">SHOULD NOT</span> exceed 4096 bytes when
 serialized as JSON and <span class="bcp14">SHOULD NOT</span> exceed a nesting depth of
-5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>).<a href="#section-10.11-1" class="pilcrow">¶</a></p>
+5 levels (see also <a href="#extension-claims" class="auto internal xref">Section 4.2.5</a>).<a href="#section-10.11-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 </section>
@@ -3383,11 +3203,7 @@ serialized as JSON and <span class="bcp14">SHOULD NOT</span> exceed a nesting de
             <p id="section-11.1-2.2.1">Action descriptions ("exec_act") for audit trail completeness<a href="#section-11.1-2.2.1" class="pilcrow">¶</a></p>
 </li>
           <li class="normal" id="section-11.1-2.3">
-            <p id="section-11.1-2.3.1">Policy evaluation outcomes ("pol", "pol_decision") for
-compliance verification<a href="#section-11.1-2.3.1" class="pilcrow">¶</a></p>
-</li>
-          <li class="normal" id="section-11.1-2.4">
-            <p id="section-11.1-2.4.1">Timestamps ("iat", "exp") for temporal ordering<a href="#section-11.1-2.4.1" class="pilcrow">¶</a></p>
+            <p id="section-11.1-2.3.1">Timestamps ("iat", "exp") for temporal ordering<a href="#section-11.1-2.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 <p id="section-11.1-3">ECTs are designed to NOT reveal:<a href="#section-11.1-3" class="pilcrow">¶</a></p>
@@ -3416,13 +3232,10 @@ hashes via "inp_hash" and "out_hash")<a href="#section-11.1-4.1.1" class="pilcro
 <p id="section-11.2-1">Implementations <span class="bcp14">SHOULD</span> minimize the information included in ECTs.
 The "exec_act" claim <span class="bcp14">SHOULD</span> use structured identifiers (e.g.,
 "process_payment") rather than natural language descriptions.
-The "pol" claim <span class="bcp14">SHOULD</span> reference policy identifiers rather than
-embedding policy content.<a href="#section-11.2-1" class="pilcrow">¶</a></p>
-<p id="section-11.2-2">The "compensation_reason" extension key in "ext"
-(<a href="#compensation-claims" class="auto internal xref">Section 4.2.5</a>) deserves particular attention: because
-it is human-readable, it risks exposing sensitive operational
-details.  See <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a> for guidance on using
-structured identifiers.<a href="#section-11.2-2" class="pilcrow">¶</a></p>
+Extension keys in "ext" (<a href="#extension-claims" class="auto internal xref">Section 4.2.5</a>) deserve particular
+attention: human-readable values risk exposing sensitive operational
+details.  See <a href="#extension-claims" class="auto internal xref">Section 4.2.5</a> for guidance on using
+structured identifiers.<a href="#section-11.2-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="storage-and-access-control">
@@ -3447,8 +3260,7 @@ general access to the data values is not needed.<a href="#section-11.3-2" class=
         </h3>
 <p id="section-11.4-1">ECTs are designed for interpretation by qualified human auditors
 and regulators.  ECTs provide structural records of execution
-ordering and policy evaluation; they are not intended for public
-disclosure.<a href="#section-11.4-1" class="pilcrow">¶</a></p>
+ordering; they are not intended for public disclosure.<a href="#section-11.4-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 </section>
@@ -3620,30 +3432,6 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
                 <a href="#exec-claims" class="auto internal xref">Section 4.2.2</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">pol</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy Rule Identifier</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">pol_decision</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy Decision Result</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">pol_enforcer</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy Enforcer Identity</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
 </td>
             </tr>
             <tr>
@@ -3651,7 +3439,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Input Data Hash</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
+                <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.3</a>
 </td>
             </tr>
             <tr>
@@ -3659,7 +3447,7 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Output Data Hash</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.4</a>
+                <a href="#data-integrity-claims" class="auto internal xref">Section 4.2.3</a>
 </td>
             </tr>
             <tr>
@@ -3667,65 +3455,15 @@ the "JSON Web Token Claims" registry maintained by IANA:<a href="#section-12.3-1
               <td class="text-left" rowspan="1" colspan="1">Extension Object</td>
               <td class="text-center" rowspan="1" colspan="1">IETF</td>
               <td class="text-center" rowspan="1" colspan="1">
-                <a href="#extension-claims" class="auto internal xref">Section 4.2.6</a>
-</td>
-            </tr>
-          </tbody>
-        </table>
-</div>
-</section>
-</div>
-<div id="pol-decision-registry">
-<section id="section-12.4">
-        <h3 id="name-ect-policy-decision-values-">
-<a href="#section-12.4" class="section-number selfRef">12.4. </a><a href="#name-ect-policy-decision-values-" class="section-name selfRef">ECT Policy Decision Values Registry</a>
-        </h3>
-<p id="section-12.4-1">This document establishes the "ECT Policy Decision Values"
-registry under the "JSON Web Token (JWT)" group.  Registration
-policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref">RFC8126</a>]</span>.<a href="#section-12.4-1" class="pilcrow">¶</a></p>
-<p id="section-12.4-2">The initial contents of the registry are:<a href="#section-12.4-2" class="pilcrow">¶</a></p>
-<span id="name-ect-policy-decision-values"></span><div id="_table-pol-decision">
-<table class="center" id="table-2">
-          <caption>
-<a href="#table-2" class="selfRef">Table 2</a>:
-<a href="#name-ect-policy-decision-values" class="selfRef">ECT Policy Decision Values</a>
-          </caption>
-<thead>
-            <tr>
-              <th class="text-center" rowspan="1" colspan="1">Value</th>
-              <th class="text-left" rowspan="1" colspan="1">Description</th>
-              <th class="text-center" rowspan="1" colspan="1">Change Controller</th>
-              <th class="text-center" rowspan="1" colspan="1">Reference</th>
-            </tr>
-          </thead>
-          <tbody>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">approved</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy evaluation succeeded</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">rejected</td>
-              <td class="text-left" rowspan="1" colspan="1">Policy evaluation failed</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
-</td>
-            </tr>
-            <tr>
-              <td class="text-center" rowspan="1" colspan="1">pending_human_review</td>
-              <td class="text-left" rowspan="1" colspan="1">Awaiting human judgment</td>
-              <td class="text-center" rowspan="1" colspan="1">IETF</td>
-              <td class="text-center" rowspan="1" colspan="1">
-                <a href="#policy-claims" class="auto internal xref">Section 4.2.3</a>
+                <a href="#extension-claims" class="auto internal xref">Section 4.2.5</a>
 </td>
             </tr>
           </tbody>
         </table>
 </div>
+<p id="section-12.3-3">Policy evaluation claims and the ECT Policy Decision Values
+registry are defined in
+<span>[<a href="#I-D.nennemann-wimse-ect-policy-compensation" class="cite xref">I-D.nennemann-wimse-ect-policy-compensation</a>]</span>.<a href="#section-12.3-3" class="pilcrow">¶</a></p>
 </section>
 </div>
 </section>
@@ -3769,10 +3507,6 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
         <dd>
 <span class="refAuthor">Jones, M.</span>, <span class="refAuthor">Bradley, J.</span>, and <span class="refAuthor">N. Sakimura</span>, <span class="refTitle">"JSON Web Token (JWT)"</span>, <span class="seriesInfo">RFC 7519</span>, <span class="seriesInfo">DOI 10.17487/RFC7519</span>, <time datetime="2015-05" class="refDate">May 2015</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc7519">https://www.rfc-editor.org/rfc/rfc7519</a>&gt;</span>. </dd>
 <dd class="break"></dd>
-<dt id="RFC8126">[RFC8126]</dt>
-        <dd>
-<span class="refAuthor">Cotton, M.</span>, <span class="refAuthor">Leiba, B.</span>, and <span class="refAuthor">T. Narten</span>, <span class="refTitle">"Guidelines for Writing an IANA Considerations Section in RFCs"</span>, <span class="seriesInfo">BCP 26</span>, <span class="seriesInfo">RFC 8126</span>, <span class="seriesInfo">DOI 10.17487/RFC8126</span>, <time datetime="2017-06" class="refDate">June 2017</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8126">https://www.rfc-editor.org/rfc/rfc8126</a>&gt;</span>. </dd>
-<dd class="break"></dd>
 <dt id="RFC8174">[RFC8174]</dt>
         <dd>
 <span class="refAuthor">Leiba, B.</span>, <span class="refTitle">"Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 8174</span>, <span class="seriesInfo">DOI 10.17487/RFC8174</span>, <time datetime="2017-05" class="refDate">May 2017</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8174">https://www.rfc-editor.org/rfc/rfc8174</a>&gt;</span>. </dd>
@@ -3818,6 +3552,10 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
         <dd>
 <span class="refAuthor">Birkholz, H.</span>, <span class="refAuthor">Delignat-Lavaud, A.</span>, <span class="refAuthor">Fournet, C.</span>, <span class="refAuthor">Deshpande, Y.</span>, and <span class="refAuthor">S. Lasker</span>, <span class="refTitle">"An Architecture for Trustworthy and Transparent Digital Supply Chains"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-scitt-architecture-22</span>, <time datetime="2025-10-10" class="refDate">10 October 2025</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-scitt-architecture-22">https://datatracker.ietf.org/doc/html/draft-ietf-scitt-architecture-22</a>&gt;</span>. </dd>
 <dd class="break"></dd>
+<dt id="I-D.nennemann-wimse-ect-policy-compensation">[I-D.nennemann-wimse-ect-policy-compensation]</dt>
+        <dd>
+<span class="refAuthor">Nennemann, C.</span>, <span class="refTitle">"Policy Evaluation and Compensation Extensions for Execution Context Tokens"</span>, <span>&lt;<a href="https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect-policy-compensation/">https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect-policy-compensation/</a>&gt;</span>. </dd>
+<dd class="break"></dd>
 <dt id="I-D.ni-wimse-ai-agent-identity">[I-D.ni-wimse-ai-agent-identity]</dt>
         <dd>
 <span class="refAuthor">Yuan, N.</span> and <span class="refAuthor">P. C. Liu</span>, <span class="refTitle">"WIMSE Applicability for AI Agents"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ni-wimse-ai-agent-identity-01</span>, <time datetime="2025-10-20" class="refDate">20 October 2025</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ni-wimse-ai-agent-identity-01">https://datatracker.ietf.org/doc/html/draft-ni-wimse-ai-agent-identity-01</a>&gt;</span>. </dd>
@@ -3869,9 +3607,9 @@ policy is Specification Required per <span>[<a href="#RFC8126" class="cite xref"
 service protocol <span>[<a href="#I-D.ietf-wimse-s2s-protocol" class="cite xref">I-D.ietf-wimse-s2s-protocol</a>]</span> provide the
 identity foundation upon which ECTs are built.  WIT/WPT answer
 "who is this agent?" and "does it control the claimed key?" while
-ECTs record "what did this agent do?" and "what policy was
-evaluated?"  Together they form an identity-plus-accountability
-framework for regulated agentic systems.<a href="#appendix-A.1-1" class="pilcrow">¶</a></p>
+ECTs record "what did this agent do?"  Together they form an
+identity-plus-accountability framework for regulated agentic
+systems.<a href="#appendix-A.1-1" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="oauth-20-token-exchange-and-the-act-claim">
@@ -3886,15 +3624,13 @@ delegation chain: "who is acting on behalf of whom."  While
 the nesting superficially resembles a chain, it is strictly
 linear (each "act" object contains at most one nested "act"),
 represents authorization delegation rather than task execution,
-and carries no task identifiers, policy decisions, or
-input/output integrity data.  The "act" chain cannot represent
+and carries no task identifiers or input/output integrity data.  The "act" chain cannot represent
 branching (fan-out) or convergence (fan-in) and therefore
 cannot form a DAG.<a href="#appendix-A.2-1" class="pilcrow">¶</a></p>
 <p id="appendix-A.2-2">ECTs intentionally use the distinct claim name "exec_act" for the
 action/task type to avoid collision with the "act" claim.  The
 two concepts are orthogonal: "act" records "who authorized whom,"
-ECTs record "what was done, in what order, with what policy
-outcomes."<a href="#appendix-A.2-2" class="pilcrow">¶</a></p>
+ECTs record "what was done, in what order."<a href="#appendix-A.2-2" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="transaction-tokens">
@@ -3922,7 +3658,7 @@ workloads that forward the token unchanged are not recorded.<a href="#appendix-A
 </li>
           <li class="normal" id="appendix-A.3-3.3">
             <p id="appendix-A.3-3.3.1">It carries no task-level granularity, no parent references,
-no policy evaluation outcomes, and no execution content.<a href="#appendix-A.3-3.3.1" class="pilcrow">¶</a></p>
+and no execution content.<a href="#appendix-A.3-3.3.1" class="pilcrow">¶</a></p>
 </li>
         </ul>
 <p id="appendix-A.3-4">Extensions for agentic use cases
@@ -3933,7 +3669,7 @@ ordering or DAG structure.<a href="#appendix-A.3-4" class="pilcrow">¶</a></p>
 propagates authorization context ("this request is authorized
 for scope X on behalf of user Y"), while an ECT records
 execution accountability ("task T was performed, depending on
-tasks P1 and P2, with policy Z evaluated and approved").  An
+tasks P1 and P2").  An
 agent request could carry both a Txn-Token for authorization
 and an ECT for execution recording.  The WPT "tth" claim
 defined in <span>[<a href="#I-D.ietf-wimse-s2s-protocol" class="cite xref">I-D.ietf-wimse-s2s-protocol</a>]</span> can hash-bind a
@@ -3987,7 +3723,7 @@ identifier referenced in SCITT Signed Statements, linking a
 complete ECT audit trail to a supply chain transparency record.
 For example, in a regulated manufacturing workflow, each agent
 step produces an ECT (recording what was done, by whom, under
-what policy), while the overall workflow identified by "wid" is
+under what constraints), while the overall workflow identified by "wid" is
 registered as a SCITT Signed Statement on a Transparency Service.
 This enables auditors to verify both the individual execution
 steps (via ECT DAG validation) and the end-to-end supply chain
@@ -4004,7 +3740,7 @@ identifiers or Receipt references for tighter integration.<a href="#appendix-A.6
         </h3>
 <p id="appendix-A.7-1">W3C Verifiable Credentials represent claims about subjects (e.g.,
 identity, qualifications).  ECTs represent execution records of
-actions (what happened, in what order, under what policy).  While
+actions (what happened, in what order).  While
 both use JWT/JWS as a serialization format, their semantics and
 use cases are distinct.<a href="#appendix-A.7-1" class="pilcrow">¶</a></p>
 </section>
@@ -4025,8 +3761,7 @@ use cases are distinct.<a href="#appendix-A.7-1" class="pilcrow">¶</a></p>
 <ol start="1" type="1" class="normal type-1" id="appendix-B.1-2">
 <li id="appendix-B.1-2.1">
             <p id="appendix-B.1-2.1.1">Create JWTs with all required claims ("iss", "aud", "iat",
-"exp", "jti", "exec_act", "par") and policy claims ("pol",
-"pol_decision") when policy evaluation was performed.<a href="#appendix-B.1-2.1.1" class="pilcrow">¶</a></p>
+"exp", "jti", "exec_act", "par").<a href="#appendix-B.1-2.1.1" class="pilcrow">¶</a></p>
 </li>
           <li id="appendix-B.1-2.2">
             <p id="appendix-B.1-2.2.1">Sign ECTs with the agent's private key using an algorithm
@@ -4118,9 +3853,9 @@ compliance with various regulatory frameworks.  ECTs are a
 technical building block; achieving compliance requires
 additional organizational measures beyond this specification.<a href="#appendix-C-1" class="pilcrow">¶</a></p>
 <span id="name-regulatory-compliance-mappin"></span><div id="_table-regulatory">
-<table class="center" id="table-3">
+<table class="center" id="table-2">
         <caption>
-<a href="#table-3" class="selfRef">Table 3</a>:
+<a href="#table-2" class="selfRef">Table 2</a>:
 <a href="#name-regulatory-compliance-mappin" class="selfRef">Regulatory Compliance Mapping</a>
         </caption>
 <thead>
@@ -4200,8 +3935,6 @@ Agent B:<a href="#appendix-D.1-1" class="pilcrow">¶</a></p>
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "fetch_patient_data",
   "par": [],
-  "pol": "clinical_data_access_policy_v1",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -4219,9 +3952,7 @@ task, and creates its own ECT:<a href="#appendix-D.1-6" class="pilcrow">¶</a></
   "jti": "550e8400-e29b-41d4-a716-446655440002",
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "validate_safety",
-  "par": ["550e8400-e29b-41d4-a716-446655440001"],
-  "pol": "safety_validation_policy_v2",
-  "pol_decision": "approved"
+  "par": ["550e8400-e29b-41d4-a716-446655440001"]
 }
 </pre><a href="#appendix-D.1-7" class="pilcrow">¶</a>
 </div>
@@ -4255,8 +3986,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "review_requirements_spec",
   "par": [],
-  "pol": "spec_review_policy_v2",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -4273,9 +4002,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "jti": "a1b2c3d4-0001-0000-0000-000000000002",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "implement_module",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
-  "pol": "coding_standards_v3",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000001"]
 }
 </pre><a href="#appendix-D.2-5" class="pilcrow">¶</a>
 </div>
@@ -4290,9 +4017,7 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "jti": "a1b2c3d4-0001-0000-0000-000000000003",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "execute_test_suite",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
-  "pol": "test_coverage_policy_v1",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000002"]
 }
 </pre><a href="#appendix-D.2-7" class="pilcrow">¶</a>
 </div>
@@ -4308,8 +4033,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "build_release_artifact",
   "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
-  "pol": "build_validation_v2",
-  "pol_decision": "approved",
   "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
 }
 </pre><a href="#appendix-D.2-9" class="pilcrow">¶</a>
@@ -4326,9 +4049,6 @@ autonomous agents and human release approval:<a href="#appendix-D.2-1" class="pi
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "approve_release",
   "par": ["a1b2c3d4-0001-0000-0000-000000000004"],
-  "pol": "release_approval_policy",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
   "ext": {
     "witnessed_by": [
       "spiffe://meddev.example/audit/qa-observer-1"
@@ -4400,9 +4120,7 @@ task-...-0004 (execute_trade)
   "par": [
     "f1e2d3c4-0002-0000-0000-000000000002",
     "f1e2d3c4-0003-0000-0000-000000000003"
-  ],
-  "pol": "trade_execution_policy_v3",
-  "pol_decision": "approved"
+  ]
 }
 </pre><a href="#appendix-D.3-4" class="pilcrow">¶</a>
 </div>
diff --git a/draft-nennemann-wimse-execution-context-00.md b/draft-nennemann-wimse-execution-context-00.md
index ecf565a..3f0ae04 100644
--- a/draft-nennemann-wimse-execution-context-00.md
+++ b/draft-nennemann-wimse-execution-context-00.md
@@ -28,7 +28,6 @@ normative:
   RFC7517:
   RFC7519:
   RFC7518:
-  RFC8126:
   RFC9562:
   RFC9110:
   I-D.ietf-wimse-arch:
@@ -39,6 +38,12 @@ informative:
   RFC8693:
   RFC9421:
   I-D.ni-wimse-ai-agent-identity:
+  I-D.nennemann-wimse-ect-policy-compensation:
+    title: "Policy Evaluation and Compensation Extensions for Execution Context Tokens"
+    target: https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect-policy-compensation/
+    date: false
+    author:
+      - fullname: Christian Nennemann
   SPIFFE:
     title: "Secure Production Identity Framework for Everyone (SPIFFE)"
     target: https://spiffe.io/docs/latest/spiffe-about/overview/
@@ -89,16 +94,16 @@ This document defines Execution Context Tokens (ECTs), an extension
 to the Workload Identity in Multi System Environments (WIMSE)
 architecture for distributed agentic workflows in regulated
 environments.  ECTs provide signed, structured records of task
-execution order, policy evaluation outcomes, and compliance state
-across
-agent-to-agent communication.  By extending WIMSE Workload Identity
+execution order and compliance state across agent-to-agent
+communication.  By extending WIMSE Workload Identity
 Tokens with execution context claims in JSON Web Token (JWT)
 format, this specification enables regulated systems to maintain
 structured audit trails that support compliance verification.
 ECTs use a directed acyclic graph (DAG) structure to represent task
-dependencies, record policy evaluation outcomes at each decision
-point, and integrate with WIMSE Workload Identity Tokens (WIT)
-using the same signing model and cryptographic primitives.  A new
+dependencies and integrate with WIMSE Workload Identity Tokens (WIT)
+using the same signing model and cryptographic primitives.
+Policy evaluation and compensation extensions are defined in
+{{I-D.nennemann-wimse-ect-policy-compensation}}.  A new
 HTTP header field,
 Execution-Context, is defined for transporting ECTs alongside
 existing WIMSE headers.  ECTs are a technical building block that
@@ -121,8 +126,7 @@ Workload-Proof-Token HTTP headers.
 
 However, workload identity alone does not address execution
 accountability.  Knowing who performed an action does not record
-what was done, what policy was applied, or whether compliance
-requirements were evaluated at each decision point.
+what was done or in what order.
 
 Regulated environments increasingly deploy autonomous agents that
 coordinate across organizational boundaries.  Multiple regulatory
@@ -134,7 +138,7 @@ detailed mapping).
 This document defines an extension to the WIMSE architecture that
 addresses the gap between workload identity and execution
 accountability.  WIMSE authenticates agents; this extension records
-what they did, in what order, and what policy was evaluated.
+what they did and in what order.
 
 As identified in {{I-D.ni-wimse-ai-agent-identity}}, call context
 in agentic workflows needs to be visible and preserved.  ECTs
@@ -148,13 +152,13 @@ systems:
 
 1.  WIMSE authenticates agents but does not record what they
     actually did.  A WIT proves "Agent A is authorized" but not
-    "Agent A executed Task X, under Policy Y, producing Output Z."
+    "Agent A executed Task X, producing Output Z."
 
-2.  No standard mechanism exists to record policy evaluation
-    outcomes at each decision point in a multi-agent workflow.
+2.  No standard mechanism exists to cryptographically order and
+    link task execution across a multi-agent workflow.
 
-3.  No mechanism exists to cryptographically link compensation and
-    rollback decisions to original actions.
+3.  No mechanism exists to reconstruct the complete execution
+    history of a distributed workflow for audit purposes.
 
 Existing observability tools such as distributed tracing
 {{OPENTELEMETRY}} provide visibility for debugging and monitoring
@@ -168,11 +172,12 @@ This document defines:
 
 - The Execution Context Token (ECT) format ({{ect-format}})
 - DAG structure for task dependency ordering ({{dag-validation}})
-- Policy checkpoint recording ({{policy-claims}})
 - Integration with the WIMSE identity framework
   ({{wimse-integration}})
 - An HTTP header for ECT transport ({{http-header}})
 - Audit ledger interface requirements ({{ledger-interface}})
+- Policy evaluation and compensation extensions are defined
+  separately in {{I-D.nennemann-wimse-ect-policy-compensation}}
 
 The following are out of scope and are handled by WIMSE:
 
@@ -194,11 +199,10 @@ beyond the scope of this specification.  The regulatory references
 in this document are intended to motivate the design requirements,
 not to claim that implementing ECTs satisfies these regulations.
 
-ECTs provide evidence of claimed execution ordering and policy
-evaluation.  They do not independently verify that the claimed
-execution actually occurred as described, that the policy
-evaluation was correct, or that the agent faithfully performed the
-stated action.  The trustworthiness of ECT claims depends on the
+ECTs provide evidence of claimed execution ordering.  They do not
+independently verify that the claimed execution actually occurred
+as described or that the agent faithfully performed the stated
+action.  The trustworthiness of ECT claims depends on the
 trustworthiness of the signing agent and the integrity of the
 broader deployment environment.
 
@@ -222,17 +226,13 @@ Directed Acyclic Graph (DAG):
 
 Execution Context Token (ECT):
 : A JSON Web Token {{RFC7519}} defined by this specification that
-  records task execution details and policy evaluation outcomes.
+  records task execution details.
 
 Audit Ledger:
 : An append-only, immutable log of all ECTs within a workflow or
   set of workflows, used for regulatory audit and compliance
   verification.
 
-Policy Checkpoint:
-: A point in a workflow where a policy evaluation outcome is
-  recorded within an ECT.
-
 Workload Identity Token (WIT):
 : A WIMSE credential proving a workload's identity within a trust
   domain.
@@ -268,9 +268,8 @@ the WIMSE scope and are not addressed by workload identity alone:
 
 - Recording what agents actually do with their authenticated
   identity
-- Recording policy evaluation outcomes at each hop
 - Maintaining structured execution records
-- Linking compensation or rollback actions to original tasks
+- Linking actions to their predecessors with cryptographic assurance
 
 ## Extension Model
 
@@ -288,7 +287,7 @@ between the identity layer and the application layer:
 +--------------------------------------------------+
 |  ECT Layer (Execution Accountability) [This Spec]|
 |    ECT: "Task executed, dependencies met,        |
-|          policy evaluated, outcome recorded"      |
+|          inputs/outputs hashed"                   |
 +--------------------------------------------------+
                        |
                        v
@@ -343,8 +342,8 @@ The receiving agent (Agent B) verifies in order:
     trust domain.  WPT verification, if present, per
     {{I-D.ietf-wimse-s2s-protocol}}.
 
-2.  ECT (this extension): Records what Agent A did, what policy was
-    evaluated, and what precedent tasks exist.
+2.  ECT (this extension): Records what Agent A did and what
+    precedent tasks exist.
 
 3.  Ledger (if deployed): Appends the verified ECT to the audit
     ledger.
@@ -484,59 +483,6 @@ par:
   a root task with no dependencies.  A workflow MAY contain
   multiple root tasks.
 
-### Policy Evaluation {#policy-claims}
-
-The following claims record policy evaluation outcomes:
-
-pol:
-: OPTIONAL.  String.  The identifier of the policy rule that was
-  evaluated for this task (e.g.,
-  "clinical_data_access_policy_v1").  MUST be present when
-  "pol_decision" is present.
-
-pol_decision:
-: OPTIONAL.  String.  The result of the policy evaluation.  When
-  present, MUST be one of the values registered in the ECT Policy
-  Decision Values registry ({{pol-decision-registry}}).  MUST be
-  present when "pol" is present.  Initial values are:
-
-  *  "approved": The policy evaluation succeeded and the task
-     was authorized to proceed.
-
-  *  "rejected": The policy evaluation failed.  A "rejected" ECT
-     MUST still be recorded for accountability.  An ECT with
-     "pol_decision" of "rejected" MAY appear as a parent in the
-     "par" array of a subsequent ECT, but only for compensation,
-     rollback, or remediation tasks.  Agents MUST NOT proceed
-     with normal workflow execution based on a parent ECT whose
-     "pol_decision" is "rejected".
-
-  *  "pending_human_review": The policy evaluation requires human
-     judgment before proceeding.  Agents MUST NOT proceed with
-     dependent tasks until a subsequent ECT from a human reviewer
-     records an "approved" decision referencing this task as a
-     parent.
-
-  When "pol" and "pol_decision" are absent, the ECT records task
-  execution without a policy checkpoint.  Regulated deployments
-  SHOULD include policy claims on all ECTs to maintain complete
-  audit trails.
-
-pol_enforcer:
-: OPTIONAL.  StringOrURI.  The identity of the entity (system or
-  person) that evaluated the policy decision.  When present,
-  SHOULD use SPIFFE ID format.
-
-This specification intentionally defines only the recording of
-policy evaluation outcomes.  The mechanisms by which policies are
-defined, distributed to agents, and evaluated are out of scope.
-The "pol" claim is an opaque identifier referencing an external
-policy; the semantics and enforcement of that policy are
-determined by the deployment environment.  Implementations may
-use any policy engine or framework (e.g., OPA/Rego, Cedar, XACML,
-or custom solutions) provided that the evaluation outcome is
-faithfully recorded in the ECT claims defined above.
-
 ### Data Integrity {#data-integrity-claims}
 
 The following claims provide integrity verification for task
@@ -560,12 +506,11 @@ out_hash:
 
 ### Compensation and Rollback {#compensation-claims}
 
-Compensation and rollback actions are recorded using the "par"
-claim to reference the original task and the "exec_act" claim to
-describe the remediation action.  The referenced parent ECTs may
-have passed their own "exp" time; ECT expiration applies to the
-verification window of the ECT itself, not to its validity as a
-parent reference in the ECT store.
+Compensation and rollback extensions are defined in
+{{I-D.nennemann-wimse-ect-policy-compensation}}.  The referenced
+parent ECTs may have passed their own "exp" time; ECT expiration
+applies to the verification window of the ECT itself, not to its
+validity as a parent reference in the ECT store.
 
 ### Extensions {#extension-claims}
 
@@ -598,14 +543,9 @@ they use short names without reverse domain prefixes:
   attestation, witnesses should submit independent signed ECTs.
 - "inp\_classification": String.  Data sensitivity classification
   (e.g., "public", "confidential", "restricted").
-- "pol\_timestamp": NumericDate.  Time at which the policy
-  decision was made, if distinct from "iat".
-- "compensation\_required": Boolean.  Indicates whether this task
-  is a compensation or rollback action.
-- "compensation\_reason": String.  Structured reason code for the
-  compensation action (e.g., "policy\_violation\_in\_parent\_trade").
-  SHOULD use structured identifiers rather than free-form text
-  to minimize information leakage (see {{data-minimization}}).
+
+Additional extension keys for policy evaluation and compensation
+are defined in {{I-D.nennemann-wimse-ect-policy-compensation}}.
 
 ## Complete ECT Example
 
@@ -623,15 +563,10 @@ The following is a complete ECT payload example:
   "exec_act": "recommend_treatment",
   "par": [],
 
-  "pol": "clinical_reasoning_policy_v2",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
 
   "ext": {
-    "pol_timestamp": 1772064145,
     "exec_time_ms": 245,
     "regulated_domain": "medtech",
     "model_version": "clinical-reasoning-v4.2"
@@ -720,16 +655,7 @@ the following DAG validation steps:
     lead back to the current ECT's "jti".  If a cycle is detected,
     the ECT MUST be rejected.
 
-5.  Parent Policy Decision: If any parent ECT contains a
-    "pol_decision" of "rejected" or "pending_human_review", the
-    current ECT's "exec_act" MUST indicate a compensation,
-    rollback, remediation, or human review action.
-    Implementations MUST NOT accept an ECT representing normal
-    workflow continuation when a parent's "pol_decision" is not
-    "approved".  This rule only applies when the parent ECT
-    contains policy claims.
-
-6.  Trust Domain Consistency: Parent tasks SHOULD belong to the
+5.  Trust Domain Consistency: Parent tasks SHOULD belong to the
     same trust domain or to a trust domain with which a federation
     relationship has been established.
 
@@ -842,13 +768,9 @@ verification steps in order:
 12. Verify all required claims ("jti", "exec_act", "par") are
     present and well-formed.
 
-13. If "pol" or "pol_decision" is present, verify that both are
-    present and that "pol_decision" is one of "approved",
-    "rejected", or "pending_human_review".
+13. Perform DAG validation per {{dag-validation}}.
 
-14. Perform DAG validation per {{dag-validation}}.
-
-15. If all checks pass and an audit ledger is deployed, the ECT
+14. If all checks pass and an audit ledger is deployed, the ECT
     SHOULD be appended to the ledger.
 
 If any verification step fails, the ECT MUST be rejected and the
@@ -922,14 +844,6 @@ function verify_ect(ect_jws, verifier_id,
     if claim not in payload:
       return reject("Missing required claim: " + claim)
 
-  // Validate policy claims (optional, but must be paired)
-  if "pol" in payload or "pol_decision" in payload:
-    if "pol" not in payload or "pol_decision" not in payload:
-      return reject("pol and pol_decision must both be present")
-    if payload.pol_decision not in
-       ["approved", "rejected", "pending_human_review"]:
-      return reject("Invalid pol_decision value")
-
   // Validate DAG (against ECT store or inline parent ECTs)
   result = validate_dag(payload, ect_store,
                          clock_skew_tolerance)
@@ -996,28 +910,22 @@ software used in medical devices.
 Agent A (Spec Reviewer):
   jti: task-001    par: []
   exec_act: review_requirements_spec
-  pol: spec_review_policy_v2     pol_decision: approved
 
 Agent B (Code Generator):
   jti: task-002    par: [task-001]
   exec_act: implement_module
-  pol: coding_standards_v3       pol_decision: approved
 
 Agent C (Test Agent):
   jti: task-003    par: [task-002]
   exec_act: execute_test_suite
-  pol: test_coverage_policy_v1   pol_decision: approved
 
 Agent D (Build Agent):
   jti: task-004    par: [task-003]
   exec_act: build_release_artifact
-  pol: build_validation_v2       pol_decision: approved
 
 Human Release Manager:
   jti: task-005    par: [task-004]
   exec_act: approve_release
-  pol: release_approval_policy   pol_decision: approved
-  pol_enforcer: spiffe://meddev.example/human/release-mgr-42
   ext: {witnessed_by: [...]}  (extension metadata)
 ~~~
 {: #fig-medtech-sdlc title="Medical Device SDLC Workflow"}
@@ -1056,7 +964,6 @@ task-005 (approve_release) [human, witnessed]
 The reconstructed DAG provides cryptographic evidence that:
 
 - Each phase was executed by an identified and authenticated agent.
-- Policy checkpoints were evaluated at every phase transition.
 - The execution sequence was maintained (no step was bypassed).
 - A human-in-the-loop approved the final release, with independent
   witness attestation.
@@ -1084,17 +991,14 @@ execution.
 Agent A (Risk Assessment):
   jti: task-001    par: []
   exec_act: calculate_risk_exposure
-  pol: risk_limits_policy_v2  pol_decision: approved
 
 Agent B (Compliance):
   jti: task-002    par: [task-001]
   exec_act: verify_compliance
-  pol: compliance_check_v1    pol_decision: approved
 
 Agent C (Execution):
   jti: task-003    par: [task-002]
   exec_act: execute_trade
-  pol: execution_policy_v3    pol_decision: approved
 ~~~
 {: #fig-finance title="Financial Trading Workflow"}
 
@@ -1108,34 +1012,10 @@ This can contribute to compliance with:
 
 ## Compensation and Rollback
 
-When a compliance violation is discovered after execution, ECTs
-provide a mechanism to record authorized compensation actions with
-a cryptographic link to the original task:
-
-~~~json
-{
-  "iss": "spiffe://bank.example/agent/operations",
-  "aud": "spiffe://bank.example/system/ledger",
-  "iat": 1772150550,
-  "exp": 1772151150,
-  "jti": "550e8400-e29b-41d4-a716-446655440099",
-  "wid": "d3e4f5a6-b7c8-9012-def0-123456789012",
-  "exec_act": "initiate_trade_rollback",
-  "par": ["550e8400-e29b-41d4-a716-446655440003"],
-  "pol": "compensation_policy_v1",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://bank.example/human/compliance-officer",
-  "ext": {
-    "compensation_required": true,
-    "compensation_reason": "policy_violation_in_parent_trade"
-  }
-}
-~~~
-{: #fig-compensation title="Compensation ECT Example"}
-
-The "par" claim links the compensation action to the original
-trade, creating an auditable chain from execution through
-violation discovery to remediation.
+Compensation and rollback use cases are described in
+{{I-D.nennemann-wimse-ect-policy-compensation}}.  The core
+ECT mechanism supports compensation through the "par" claim,
+which links a remediation ECT to the original task.
 
 ## Autonomous Logistics Coordination
 
@@ -1147,27 +1027,22 @@ required checks were completed:
 Agent A (Route Planning):
   jti: task-001    par: []
   exec_act: plan_route
-  pol: route_policy_v1        pol_decision: approved
 
 Agent B (Customs):
   jti: task-002    par: [task-001]
   exec_act: validate_customs
-  pol: customs_policy_v2      pol_decision: approved
 
 Agent C (Safety):
   jti: task-003    par: [task-001]
   exec_act: verify_cargo_safety
-  pol: safety_policy_v1       pol_decision: approved
 
 Agent D (Payment):
   jti: task-004    par: [task-002, task-003]
   exec_act: authorize_payment
-  pol: payment_policy_v3      pol_decision: approved
 
 System (Commitment):
   jti: task-005    par: [task-004]
   exec_act: commit_shipment
-  pol: commitment_policy_v1   pol_decision: approved
 ~~~
 {: #fig-logistics title="Logistics Workflow with Parallel Tasks"}
 
@@ -1198,13 +1073,11 @@ The following threat actors are considered:
 ECTs are self-asserted by the executing agent.  The agent claims
 what it did, and this claim is signed with its private key.  A
 compromised or malicious agent could create ECTs with false claims
-(e.g., setting "pol_decision" to "approved" without actually
-evaluating the policy).
+(e.g., claiming an action was performed when it was not).
 
 ECTs do not independently verify that:
 
 - The claimed execution actually occurred as described
-- The policy evaluation was correctly performed
 - The input/output hashes correspond to the actual data processed
 - The agent faithfully performed the stated action
 
@@ -1235,8 +1108,6 @@ organizational controls are in place:
   keys and how keys are protected.
 - Ledger integrity governance: The ledger is maintained by an
   entity independent of the workflow agents.
-- Policy lifecycle management: Policy identifiers in ECTs map to
-  actual, validated policy rules.
 - Agent deployment governance: Agents are deployed and maintained
   in a manner that preserves their integrity.
 
@@ -1286,8 +1157,7 @@ The defense-in-depth model provides:
 - TLS/mTLS (transport layer): Prevents network-level tampering.
 - WIT/WPT (WIMSE identity layer): Proves agent identity and
   request authorization.
-- ECT (execution accountability layer): Records what the agent did
-  and under what policy.
+- ECT (execution accountability layer): Records what the agent did.
 
 ## Key Compromise
 
@@ -1375,8 +1245,6 @@ ECTs necessarily reveal:
 
 - Agent identities ("iss", "aud") for accountability purposes
 - Action descriptions ("exec_act") for audit trail completeness
-- Policy evaluation outcomes ("pol", "pol_decision") for
-  compliance verification
 - Timestamps ("iat", "exp") for temporal ordering
 
 ECTs are designed to NOT reveal:
@@ -1392,12 +1260,8 @@ ECTs are designed to NOT reveal:
 Implementations SHOULD minimize the information included in ECTs.
 The "exec_act" claim SHOULD use structured identifiers (e.g.,
 "process_payment") rather than natural language descriptions.
-The "pol" claim SHOULD reference policy identifiers rather than
-embedding policy content.
-
-The "compensation_reason" extension key in "ext"
-({{compensation-claims}}) deserves particular attention: because
-it is human-readable, it risks exposing sensitive operational
+Extension keys in "ext" ({{extension-claims}}) deserve particular
+attention: human-readable values risk exposing sensitive operational
 details.  See {{extension-claims}} for guidance on using
 structured identifiers.
 
@@ -1417,8 +1281,7 @@ general access to the data values is not needed.
 
 ECTs are designed for interpretation by qualified human auditors
 and regulators.  ECTs provide structural records of execution
-ordering and policy evaluation; they are not intended for public
-disclosure.
+ordering; they are not intended for public disclosure.
 
 # IANA Considerations
 
@@ -1502,28 +1365,14 @@ the "JSON Web Token Claims" registry maintained by IANA:
 | wid | Workflow Identifier | IETF | {{exec-claims}} |
 | exec_act | Action/Task Type | IETF | {{exec-claims}} |
 | par | Parent Task Identifiers | IETF | {{exec-claims}} |
-| pol | Policy Rule Identifier | IETF | {{policy-claims}} |
-| pol_decision | Policy Decision Result | IETF | {{policy-claims}} |
-| pol_enforcer | Policy Enforcer Identity | IETF | {{policy-claims}} |
 | inp_hash | Input Data Hash | IETF | {{data-integrity-claims}} |
 | out_hash | Output Data Hash | IETF | {{data-integrity-claims}} |
 | ext | Extension Object | IETF | {{extension-claims}} |
 {: #table-claims title="JWT Claims Registrations"}
 
-## ECT Policy Decision Values Registry {#pol-decision-registry}
-
-This document establishes the "ECT Policy Decision Values"
-registry under the "JSON Web Token (JWT)" group.  Registration
-policy is Specification Required per {{RFC8126}}.
-
-The initial contents of the registry are:
-
-| Value | Description | Change Controller | Reference |
-|:---:|:---|:---:|:---:|
-| approved | Policy evaluation succeeded | IETF | {{policy-claims}} |
-| rejected | Policy evaluation failed | IETF | {{policy-claims}} |
-| pending_human_review | Awaiting human judgment | IETF | {{policy-claims}} |
-{: #table-pol-decision title="ECT Policy Decision Values"}
+Policy evaluation claims and the ECT Policy Decision Values
+registry are defined in
+{{I-D.nennemann-wimse-ect-policy-compensation}}.
 
 --- back
 
@@ -1537,9 +1386,9 @@ The WIMSE architecture {{I-D.ietf-wimse-arch}} and service-to-
 service protocol {{I-D.ietf-wimse-s2s-protocol}} provide the
 identity foundation upon which ECTs are built.  WIT/WPT answer
 "who is this agent?" and "does it control the claimed key?" while
-ECTs record "what did this agent do?" and "what policy was
-evaluated?"  Together they form an identity-plus-accountability
-framework for regulated agentic systems.
+ECTs record "what did this agent do?"  Together they form an
+identity-plus-accountability framework for regulated agentic
+systems.
 
 ## OAuth 2.0 Token Exchange and the "act" Claim
 {:numbered="false"}
@@ -1551,16 +1400,14 @@ delegation chain: "who is acting on behalf of whom."  While
 the nesting superficially resembles a chain, it is strictly
 linear (each "act" object contains at most one nested "act"),
 represents authorization delegation rather than task execution,
-and carries no task identifiers, policy decisions, or
-input/output integrity data.  The "act" chain cannot represent
+and carries no task identifiers or input/output integrity data.  The "act" chain cannot represent
 branching (fan-out) or convergence (fan-in) and therefore
 cannot form a DAG.
 
 ECTs intentionally use the distinct claim name "exec_act" for the
 action/task type to avoid collision with the "act" claim.  The
 two concepts are orthogonal: "act" records "who authorized whom,"
-ECTs record "what was done, in what order, with what policy
-outcomes."
+ECTs record "what was done, in what order."
 
 ## Transaction Tokens
 {:numbered="false"}
@@ -1581,7 +1428,7 @@ However, "req_wl" cannot form a DAG because:
   token from the Transaction Token Service appear in "req_wl";
   workloads that forward the token unchanged are not recorded.
 - It carries no task-level granularity, no parent references,
-  no policy evaluation outcomes, and no execution content.
+  and no execution content.
 
 Extensions for agentic use cases
 ({{I-D.oauth-transaction-tokens-for-agents}}) add agent
@@ -1592,7 +1439,7 @@ ECTs and Transaction Tokens are complementary: a Txn-Token
 propagates authorization context ("this request is authorized
 for scope X on behalf of user Y"), while an ECT records
 execution accountability ("task T was performed, depending on
-tasks P1 and P2, with policy Z evaluated and approved").  An
+tasks P1 and P2").  An
 agent request could carry both a Txn-Token for authorization
 and an ECT for execution recording.  The WPT "tth" claim
 defined in {{I-D.ietf-wimse-s2s-protocol}} can hash-bind a
@@ -1637,7 +1484,7 @@ identifier referenced in SCITT Signed Statements, linking a
 complete ECT audit trail to a supply chain transparency record.
 For example, in a regulated manufacturing workflow, each agent
 step produces an ECT (recording what was done, by whom, under
-what policy), while the overall workflow identified by "wid" is
+under what constraints), while the overall workflow identified by "wid" is
 registered as a SCITT Signed Statement on a Transparency Service.
 This enables auditors to verify both the individual execution
 steps (via ECT DAG validation) and the end-to-end supply chain
@@ -1651,7 +1498,7 @@ identifiers or Receipt references for tighter integration.
 
 W3C Verifiable Credentials represent claims about subjects (e.g.,
 identity, qualifications).  ECTs represent execution records of
-actions (what happened, in what order, under what policy).  While
+actions (what happened, in what order).  While
 both use JWT/JWS as a serialization format, their semantics and
 use cases are distinct.
 
@@ -1664,8 +1511,7 @@ use cases are distinct.
 A minimal conforming implementation needs to:
 
 1.  Create JWTs with all required claims ("iss", "aud", "iat",
-    "exp", "jti", "exec_act", "par") and policy claims ("pol",
-    "pol_decision") when policy evaluation was performed.
+    "exp", "jti", "exec_act", "par").
 2.  Sign ECTs with the agent's private key using an algorithm
     matching the WIT (ES256 recommended).
 3.  Verify ECT signatures against WIT public keys.
@@ -1754,8 +1600,6 @@ ECT Payload:
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "fetch_patient_data",
   "par": [],
-  "pol": "clinical_data_access_policy_v1",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -1773,9 +1617,7 @@ task, and creates its own ECT:
   "jti": "550e8400-e29b-41d4-a716-446655440002",
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "validate_safety",
-  "par": ["550e8400-e29b-41d4-a716-446655440001"],
-  "pol": "safety_validation_policy_v2",
-  "pol_decision": "approved"
+  "par": ["550e8400-e29b-41d4-a716-446655440001"]
 }
 ~~~
 
@@ -1806,8 +1648,6 @@ Task 1 (Spec Review Agent):
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "review_requirements_spec",
   "par": [],
-  "pol": "spec_review_policy_v2",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -1824,9 +1664,7 @@ Task 2 (Code Generation Agent):
   "jti": "a1b2c3d4-0001-0000-0000-000000000002",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "implement_module",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
-  "pol": "coding_standards_v3",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000001"]
 }
 ~~~
 
@@ -1841,9 +1679,7 @@ Task 3 (Autonomous Test Agent):
   "jti": "a1b2c3d4-0001-0000-0000-000000000003",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "execute_test_suite",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
-  "pol": "test_coverage_policy_v1",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000002"]
 }
 ~~~
 
@@ -1859,8 +1695,6 @@ Task 4 (Build Agent):
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "build_release_artifact",
   "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
-  "pol": "build_validation_v2",
-  "pol_decision": "approved",
   "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
 }
 ~~~
@@ -1877,9 +1711,6 @@ Task 5 (Human Release Manager Approval):
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "approve_release",
   "par": ["a1b2c3d4-0001-0000-0000-000000000004"],
-  "pol": "release_approval_policy",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
   "ext": {
     "witnessed_by": [
       "spiffe://meddev.example/audit/qa-observer-1"
@@ -1948,9 +1779,7 @@ Task 004 ECT payload:
   "par": [
     "f1e2d3c4-0002-0000-0000-000000000002",
     "f1e2d3c4-0003-0000-0000-000000000003"
-  ],
-  "pol": "trade_execution_policy_v3",
-  "pol_decision": "approved"
+  ]
 }
 ~~~
 
diff --git a/draft-nennemann-wimse-execution-context-00.txt b/draft-nennemann-wimse-execution-context-00.txt
index c906d0c..038922b 100644
--- a/draft-nennemann-wimse-execution-context-00.txt
+++ b/draft-nennemann-wimse-execution-context-00.txt
@@ -17,19 +17,20 @@ Abstract
    to the Workload Identity in Multi System Environments (WIMSE)
    architecture for distributed agentic workflows in regulated
    environments.  ECTs provide signed, structured records of task
-   execution order, policy evaluation outcomes, and compliance state
-   across agent-to-agent communication.  By extending WIMSE Workload
-   Identity Tokens with execution context claims in JSON Web Token (JWT)
-   format, this specification enables regulated systems to maintain
-   structured audit trails that support compliance verification.  ECTs
-   use a directed acyclic graph (DAG) structure to represent task
-   dependencies, record policy evaluation outcomes at each decision
-   point, and integrate with WIMSE Workload Identity Tokens (WIT) using
-   the same signing model and cryptographic primitives.  A new HTTP
-   header field, Execution-Context, is defined for transporting ECTs
-   alongside existing WIMSE headers.  ECTs are a technical building
-   block that supports, but does not by itself constitute, compliance
-   with regulatory frameworks.
+   execution order and compliance state across agent-to-agent
+   communication.  By extending WIMSE Workload Identity Tokens with
+   execution context claims in JSON Web Token (JWT) format, this
+   specification enables regulated systems to maintain structured audit
+   trails that support compliance verification.  ECTs use a directed
+   acyclic graph (DAG) structure to represent task dependencies and
+   integrate with WIMSE Workload Identity Tokens (WIT) using the same
+   signing model and cryptographic primitives.  Policy evaluation and
+   compensation extensions are defined in
+   [I-D.nennemann-wimse-ect-policy-compensation].  A new HTTP header
+   field, Execution-Context, is defined for transporting ECTs alongside
+   existing WIMSE headers.  ECTs are a technical building block that
+   supports, but does not by itself constitute, compliance with
+   regulatory frameworks.
 
 Status of This Memo
 
@@ -52,7 +53,6 @@ Status of This Memo
 
 
 
-
 Nennemann                Expires 29 August 2026                 [Page 1]
 
 Internet-Draft           WIMSE Execution Context           February 2026
@@ -80,32 +80,32 @@ Table of Contents
      1.3.  Scope and Applicability . . . . . . . . . . . . . . . . .   5
      1.4.  Relationship to Regulatory Compliance . . . . . . . . . .   5
    2.  Conventions and Definitions . . . . . . . . . . . . . . . . .   6
-   3.  WIMSE Architecture Integration  . . . . . . . . . . . . . . .   7
+   3.  WIMSE Architecture Integration  . . . . . . . . . . . . . . .   6
      3.1.  WIMSE Foundation  . . . . . . . . . . . . . . . . . . . .   7
      3.2.  Extension Model . . . . . . . . . . . . . . . . . . . . .   7
      3.3.  Integration Points  . . . . . . . . . . . . . . . . . . .   8
    4.  Execution Context Token Format  . . . . . . . . . . . . . . .   9
      4.1.  JOSE Header . . . . . . . . . . . . . . . . . . . . . . .   9
-     4.2.  JWT Claims  . . . . . . . . . . . . . . . . . . . . . . .  10
-       4.2.1.  Standard JWT Claims . . . . . . . . . . . . . . . . .  10
+     4.2.  JWT Claims  . . . . . . . . . . . . . . . . . . . . . . .   9
+       4.2.1.  Standard JWT Claims . . . . . . . . . . . . . . . . .   9
        4.2.2.  Execution Context . . . . . . . . . . . . . . . . . .  11
-       4.2.3.  Policy Evaluation . . . . . . . . . . . . . . . . . .  11
-       4.2.4.  Data Integrity  . . . . . . . . . . . . . . . . . . .  12
-       4.2.5.  Compensation and Rollback . . . . . . . . . . . . . .  13
-       4.2.6.  Extensions  . . . . . . . . . . . . . . . . . . . . .  13
-     4.3.  Complete ECT Example  . . . . . . . . . . . . . . . . . .  14
-   5.  HTTP Header Transport . . . . . . . . . . . . . . . . . . . .  15
-     5.1.  Execution-Context Header Field  . . . . . . . . . . . . .  15
-   6.  DAG Validation  . . . . . . . . . . . . . . . . . . . . . . .  16
-     6.1.  Overview  . . . . . . . . . . . . . . . . . . . . . . . .  16
-     6.2.  Validation Rules  . . . . . . . . . . . . . . . . . . . .  16
-     6.3.  DAG Validation Algorithm  . . . . . . . . . . . . . . . .  17
-   7.  Signature and Token Verification  . . . . . . . . . . . . . .  19
-     7.1.  Verification Procedure  . . . . . . . . . . . . . . . . .  19
-     7.2.  Verification Pseudocode . . . . . . . . . . . . . . . . .  20
-   8.  Audit Ledger Interface  . . . . . . . . . . . . . . . . . . .  22
-   9.  Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . .  22
-     9.1.  Medical Device SDLC Workflow  . . . . . . . . . . . . . .  23
+       4.2.3.  Data Integrity  . . . . . . . . . . . . . . . . . . .  11
+       4.2.4.  Compensation and Rollback . . . . . . . . . . . . . .  12
+       4.2.5.  Extensions  . . . . . . . . . . . . . . . . . . . . .  12
+     4.3.  Complete ECT Example  . . . . . . . . . . . . . . . . . .  13
+   5.  HTTP Header Transport . . . . . . . . . . . . . . . . . . . .  13
+     5.1.  Execution-Context Header Field  . . . . . . . . . . . . .  13
+   6.  DAG Validation  . . . . . . . . . . . . . . . . . . . . . . .  14
+     6.1.  Overview  . . . . . . . . . . . . . . . . . . . . . . . .  14
+     6.2.  Validation Rules  . . . . . . . . . . . . . . . . . . . .  14
+     6.3.  DAG Validation Algorithm  . . . . . . . . . . . . . . . .  15
+   7.  Signature and Token Verification  . . . . . . . . . . . . . .  17
+     7.1.  Verification Procedure  . . . . . . . . . . . . . . . . .  17
+     7.2.  Verification Pseudocode . . . . . . . . . . . . . . . . .  18
+   8.  Audit Ledger Interface  . . . . . . . . . . . . . . . . . . .  20
+   9.  Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . .  20
+     9.1.  Medical Device SDLC Workflow  . . . . . . . . . . . . . .  20
+       9.1.1.  FDA Audit with DAG Reconstruction . . . . . . . . . .  21
 
 
 
@@ -114,54 +114,54 @@ Nennemann                Expires 29 August 2026                 [Page 2]
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-       9.1.1.  FDA Audit with DAG Reconstruction . . . . . . . . . .  24
-     9.2.  Financial Trading Workflow  . . . . . . . . . . . . . . .  25
-     9.3.  Compensation and Rollback . . . . . . . . . . . . . . . .  25
-     9.4.  Autonomous Logistics Coordination . . . . . . . . . . . .  26
-   10. Security Considerations . . . . . . . . . . . . . . . . . . .  27
-     10.1.  Threat Model . . . . . . . . . . . . . . . . . . . . . .  27
-     10.2.  Self-Assertion Limitation  . . . . . . . . . . . . . . .  28
-     10.3.  Organizational Prerequisites . . . . . . . . . . . . . .  28
-     10.4.  Signature Verification . . . . . . . . . . . . . . . . .  29
-     10.5.  Replay Attack Prevention . . . . . . . . . . . . . . . .  29
-     10.6.  Man-in-the-Middle Protection . . . . . . . . . . . . . .  29
-     10.7.  Key Compromise . . . . . . . . . . . . . . . . . . . . .  30
-     10.8.  Collusion and False Claims . . . . . . . . . . . . . . .  30
-     10.9.  Denial of Service  . . . . . . . . . . . . . . . . . . .  31
-     10.10. Timestamp Accuracy . . . . . . . . . . . . . . . . . . .  31
-     10.11. ECT Size Constraints . . . . . . . . . . . . . . . . . .  31
-   11. Privacy Considerations  . . . . . . . . . . . . . . . . . . .  31
-     11.1.  Data Exposure in ECTs  . . . . . . . . . . . . . . . . .  31
-     11.2.  Data Minimization  . . . . . . . . . . . . . . . . . . .  32
-     11.3.  Storage and Access Control . . . . . . . . . . . . . . .  32
-     11.4.  Regulatory Access  . . . . . . . . . . . . . . . . . . .  33
-   12. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  33
-     12.1.  Media Type Registration  . . . . . . . . . . . . . . . .  33
-     12.2.  HTTP Header Field Registration . . . . . . . . . . . . .  34
-     12.3.  JWT Claims Registration  . . . . . . . . . . . . . . . .  34
-     12.4.  ECT Policy Decision Values Registry  . . . . . . . . . .  35
-   13. References  . . . . . . . . . . . . . . . . . . . . . . . . .  36
-     13.1.  Normative References . . . . . . . . . . . . . . . . . .  36
-     13.2.  Informative References . . . . . . . . . . . . . . . . .  37
-   Related Work  . . . . . . . . . . . . . . . . . . . . . . . . . .  39
-     WIMSE Workload Identity . . . . . . . . . . . . . . . . . . . .  39
-     OAuth 2.0 Token Exchange and the "act" Claim  . . . . . . . . .  39
-     Transaction Tokens  . . . . . . . . . . . . . . . . . . . . . .  40
-     Distributed Tracing (OpenTelemetry) . . . . . . . . . . . . . .  40
-     Blockchain and Distributed Ledgers  . . . . . . . . . . . . . .  41
-     SCITT (Supply Chain Integrity, Transparency, and Trust) . . . .  41
-     W3C Verifiable Credentials  . . . . . . . . . . . . . . . . . .  41
-   Implementation Guidance . . . . . . . . . . . . . . . . . . . . .  41
-     Minimal Implementation  . . . . . . . . . . . . . . . . . . . .  41
-     Storage Recommendations . . . . . . . . . . . . . . . . . . . .  42
-     Performance Considerations  . . . . . . . . . . . . . . . . . .  42
-     Interoperability  . . . . . . . . . . . . . . . . . . . . . . .  42
-   Regulatory Compliance Mapping . . . . . . . . . . . . . . . . . .  43
-   Examples  . . . . . . . . . . . . . . . . . . . . . . . . . . . .  43
-     Example 1: Simple Two-Agent Workflow  . . . . . . . . . . . . .  43
-     Example 2: Medical Device SDLC with Release Approval  . . . . .  45
-     Example 3: Parallel Execution with Join . . . . . . . . . . . .  48
-   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .  48
+     9.2.  Financial Trading Workflow  . . . . . . . . . . . . . . .  22
+     9.3.  Compensation and Rollback . . . . . . . . . . . . . . . .  23
+     9.4.  Autonomous Logistics Coordination . . . . . . . . . . . .  23
+   10. Security Considerations . . . . . . . . . . . . . . . . . . .  24
+     10.1.  Threat Model . . . . . . . . . . . . . . . . . . . . . .  24
+     10.2.  Self-Assertion Limitation  . . . . . . . . . . . . . . .  25
+     10.3.  Organizational Prerequisites . . . . . . . . . . . . . .  25
+     10.4.  Signature Verification . . . . . . . . . . . . . . . . .  26
+     10.5.  Replay Attack Prevention . . . . . . . . . . . . . . . .  26
+     10.6.  Man-in-the-Middle Protection . . . . . . . . . . . . . .  26
+     10.7.  Key Compromise . . . . . . . . . . . . . . . . . . . . .  27
+     10.8.  Collusion and False Claims . . . . . . . . . . . . . . .  27
+     10.9.  Denial of Service  . . . . . . . . . . . . . . . . . . .  28
+     10.10. Timestamp Accuracy . . . . . . . . . . . . . . . . . . .  28
+     10.11. ECT Size Constraints . . . . . . . . . . . . . . . . . .  28
+   11. Privacy Considerations  . . . . . . . . . . . . . . . . . . .  28
+     11.1.  Data Exposure in ECTs  . . . . . . . . . . . . . . . . .  28
+     11.2.  Data Minimization  . . . . . . . . . . . . . . . . . . .  29
+     11.3.  Storage and Access Control . . . . . . . . . . . . . . .  29
+     11.4.  Regulatory Access  . . . . . . . . . . . . . . . . . . .  29
+   12. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  29
+     12.1.  Media Type Registration  . . . . . . . . . . . . . . . .  29
+     12.2.  HTTP Header Field Registration . . . . . . . . . . . . .  30
+     12.3.  JWT Claims Registration  . . . . . . . . . . . . . . . .  31
+   13. References  . . . . . . . . . . . . . . . . . . . . . . . . .  31
+     13.1.  Normative References . . . . . . . . . . . . . . . . . .  31
+     13.2.  Informative References . . . . . . . . . . . . . . . . .  32
+   Related Work  . . . . . . . . . . . . . . . . . . . . . . . . . .  34
+     WIMSE Workload Identity . . . . . . . . . . . . . . . . . . . .  34
+     OAuth 2.0 Token Exchange and the "act" Claim  . . . . . . . . .  34
+     Transaction Tokens  . . . . . . . . . . . . . . . . . . . . . .  35
+     Distributed Tracing (OpenTelemetry) . . . . . . . . . . . . . .  36
+     Blockchain and Distributed Ledgers  . . . . . . . . . . . . . .  36
+     SCITT (Supply Chain Integrity, Transparency, and Trust) . . . .  36
+     W3C Verifiable Credentials  . . . . . . . . . . . . . . . . . .  37
+   Implementation Guidance . . . . . . . . . . . . . . . . . . . . .  37
+     Minimal Implementation  . . . . . . . . . . . . . . . . . . . .  37
+     Storage Recommendations . . . . . . . . . . . . . . . . . . . .  37
+     Performance Considerations  . . . . . . . . . . . . . . . . . .  37
+     Interoperability  . . . . . . . . . . . . . . . . . . . . . . .  38
+   Regulatory Compliance Mapping . . . . . . . . . . . . . . . . . .  38
+   Examples  . . . . . . . . . . . . . . . . . . . . . . . . . . . .  39
+     Example 1: Simple Two-Agent Workflow  . . . . . . . . . . . . .  39
+     Example 2: Medical Device SDLC with Release Approval  . . . . .  40
+     Example 3: Parallel Execution with Join . . . . . . . . . . . .  43
+   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .  44
+   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  44
+
 
 
 
@@ -170,8 +170,6 @@ Nennemann                Expires 29 August 2026                 [Page 3]
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  48
-
 1.  Introduction
 
 1.1.  Motivation
@@ -185,19 +183,18 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    However, workload identity alone does not address execution
    accountability.  Knowing who performed an action does not record what
-   was done, what policy was applied, or whether compliance requirements
-   were evaluated at each decision point.
+   was done or in what order.
 
    Regulated environments increasingly deploy autonomous agents that
    coordinate across organizational boundaries.  Multiple regulatory
    frameworks — including [EU-AI-ACT], [FDA-21CFR11], [MIFID-II], and
    [DORA] — require structured, auditable records of automated decision-
-   making and execution (see Table 3 for a detailed mapping).
+   making and execution (see Table 2 for a detailed mapping).
 
    This document defines an extension to the WIMSE architecture that
    addresses the gap between workload identity and execution
    accountability.  WIMSE authenticates agents; this extension records
-   what they did, in what order, and what policy was evaluated.
+   what they did and in what order.
 
    As identified in [I-D.ni-wimse-ai-agent-identity], call context in
    agentic workflows needs to be visible and preserved.  ECTs provide a
@@ -210,13 +207,16 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    1.  WIMSE authenticates agents but does not record what they actually
        did.  A WIT proves "Agent A is authorized" but not "Agent A
-       executed Task X, under Policy Y, producing Output Z."
+       executed Task X, producing Output Z."
+
+   2.  No standard mechanism exists to cryptographically order and link
+       task execution across a multi-agent workflow.
+
+   3.  No mechanism exists to reconstruct the complete execution history
+       of a distributed workflow for audit purposes.
+
 
-   2.  No standard mechanism exists to record policy evaluation outcomes
-       at each decision point in a multi-agent workflow.
 
-   3.  No mechanism exists to cryptographically link compensation and
-       rollback decisions to original actions.
 
 
 
@@ -240,14 +240,15 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    *  DAG structure for task dependency ordering (Section 6)
 
-   *  Policy checkpoint recording (Section 4.2.3)
-
    *  Integration with the WIMSE identity framework (Section 3)
 
    *  An HTTP header for ECT transport (Section 5)
 
    *  Audit ledger interface requirements (Section 8)
 
+   *  Policy evaluation and compensation extensions are defined
+      separately in [I-D.nennemann-wimse-ect-policy-compensation]
+
    The following are out of scope and are handled by WIMSE:
 
    *  Workload authentication and identity provisioning
@@ -271,9 +272,8 @@ Internet-Draft           WIMSE Execution Context           February 2026
    this document are intended to motivate the design requirements, not
    to claim that implementing ECTs satisfies these regulations.
 
-   ECTs provide evidence of claimed execution ordering and policy
-   evaluation.  They do not independently verify that the claimed
-   execution actually occurred as described, that the policy evaluation
+
+
 
 
 
@@ -282,10 +282,12 @@ Nennemann                Expires 29 August 2026                 [Page 5]
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-   was correct, or that the agent faithfully performed the stated
-   action.  The trustworthiness of ECT claims depends on the
-   trustworthiness of the signing agent and the integrity of the broader
-   deployment environment.
+   ECTs provide evidence of claimed execution ordering.  They do not
+   independently verify that the claimed execution actually occurred as
+   described or that the agent faithfully performed the stated action.
+   The trustworthiness of ECT claims depends on the trustworthiness of
+   the signing agent and the integrity of the broader deployment
+   environment.
 
 2.  Conventions and Definitions
 
@@ -307,16 +309,12 @@ Internet-Draft           WIMSE Execution Context           February 2026
       dependency ordering where edges are directed and no cycles exist.
 
    Execution Context Token (ECT):  A JSON Web Token [RFC7519] defined by
-      this specification that records task execution details and policy
-      evaluation outcomes.
+      this specification that records task execution details.
 
    Audit Ledger:  An append-only, immutable log of all ECTs within a
       workflow or set of workflows, used for regulatory audit and
       compliance verification.
 
-   Policy Checkpoint:  A point in a workflow where a policy evaluation
-      outcome is recorded within an ECT.
-
    Workload Identity Token (WIT):  A WIMSE credential proving a
       workload's identity within a trust domain.
 
@@ -330,6 +328,8 @@ Internet-Draft           WIMSE Execution Context           February 2026
    Witness:  A third-party entity that observes and attests to the
       execution of a task, providing additional accountability.
 
+3.  WIMSE Architecture Integration
+
 
 
 
@@ -338,8 +338,6 @@ Nennemann                Expires 29 August 2026                 [Page 6]
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-3.  WIMSE Architecture Integration
-
 3.1.  WIMSE Foundation
 
    The WIMSE architecture [I-D.ietf-wimse-arch] defines:
@@ -359,41 +357,15 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  Recording what agents actually do with their authenticated
       identity
 
-   *  Recording policy evaluation outcomes at each hop
-
    *  Maintaining structured execution records
 
-   *  Linking compensation or rollback actions to original tasks
+   *  Linking actions to their predecessors with cryptographic assurance
 
 3.2.  Extension Model
 
    ECTs extend WIMSE by adding an execution accountability layer between
    the identity layer and the application layer:
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                 [Page 7]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    +--------------------------------------------------+
    |  WIMSE Layer (Identity)                          |
    |    WIT: "I am Agent X (spiffe://td/agent/x)"    |
@@ -404,7 +376,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
    +--------------------------------------------------+
    |  ECT Layer (Execution Accountability) [This Spec]|
    |    ECT: "Task executed, dependencies met,        |
-   |          policy evaluated, outcome recorded"      |
+   |          inputs/outputs hashed"                   |
    +--------------------------------------------------+
                           |
                           v
@@ -415,6 +387,13 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
                Figure 1: WIMSE Extension Architecture Layers
 
+
+
+Nennemann                Expires 29 August 2026                 [Page 7]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    This extension reuses the WIMSE signing model, extends JWT claims
    using standard JWT extensibility [RFC7519], and maintains WIMSE
    concepts including trust domains and workload identifiers.
@@ -443,13 +422,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
      Workload-Identity:    <WIT for Agent A>
      Execution-Context:    <ECT recording what A did>
 
-
-
-Nennemann                Expires 29 August 2026                 [Page 8]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
                        Figure 2: HTTP Header Stacking
 
    When a Workload Proof Token (WPT) is available per
@@ -463,12 +435,21 @@ Internet-Draft           WIMSE Execution Context           February 2026
        domain.  WPT verification, if present, per
        [I-D.ietf-wimse-s2s-protocol].
 
-   2.  ECT (this extension): Records what Agent A did, what policy was
-       evaluated, and what precedent tasks exist.
+   2.  ECT (this extension): Records what Agent A did and what precedent
+       tasks exist.
 
    3.  Ledger (if deployed): Appends the verified ECT to the audit
        ledger.
 
+
+
+
+
+Nennemann                Expires 29 August 2026                 [Page 8]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
 4.  Execution Context Token Format
 
    An Execution Context Token is a JSON Web Token (JWT) [RFC7519] signed
@@ -498,14 +479,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
       from other JWT types, consistent with the WIMSE convention for
       type parameter values.
 
-
-
-
-Nennemann                Expires 29 August 2026                 [Page 9]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    kid:  REQUIRED.  The key identifier referencing the public key from
       the agent's WIT [RFC7517].  Used by verifiers to look up the
       correct public key for signature verification.
@@ -526,6 +499,13 @@ Internet-Draft           WIMSE Execution Context           February 2026
       "sub" claim of the agent's WIT.  Non-WIMSE deployments MAY use
       other URI schemes (e.g., HTTPS URLs or URN:UUID identifiers).
 
+
+
+Nennemann                Expires 29 August 2026                 [Page 9]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    aud:  REQUIRED.  StringOrURI or array of StringOrURI.  The intended
       recipient(s) of the ECT.  Because ECTs serve as both inter-agent
       messages and audit records, the "aud" claim SHOULD contain the
@@ -555,13 +535,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
       delivered — it is independent of the "aud" values in the parent
       ECTs.
 
-
-
-Nennemann                Expires 29 August 2026                [Page 10]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    iat:  REQUIRED.  NumericDate.  The time at which the ECT was issued.
       The ECT records a completed action, so the "iat" value reflects
       when the record was created, not when task execution began.
@@ -581,6 +554,14 @@ Internet-Draft           WIMSE Execution Context           February 2026
       identifier (for replay detection) and the task identifier (for DAG
       parent references in "par").  Receivers MUST reject ECTs whose
       "jti" has already been seen within the expiration window.  When
+
+
+
+Nennemann                Expires 29 August 2026                [Page 10]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
       "wid" is present, uniqueness is scoped to the workflow; when "wid"
       is absent, uniqueness MUST be enforced globally across the ECT
       store.
@@ -605,75 +586,11 @@ Internet-Draft           WIMSE Execution Context           February 2026
       root task with no dependencies.  A workflow MAY contain multiple
       root tasks.
 
-4.2.3.  Policy Evaluation
-
-   The following claims record policy evaluation outcomes:
-
-   pol:  OPTIONAL.  String.  The identifier of the policy rule that was
-
-
-
-Nennemann                Expires 29 August 2026                [Page 11]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
-      evaluated for this task (e.g., "clinical_data_access_policy_v1").
-      MUST be present when "pol_decision" is present.
-
-   pol_decision:  OPTIONAL.  String.  The result of the policy
-      evaluation.  When present, MUST be one of the values registered in
-      the ECT Policy Decision Values registry (Section 12.4).  MUST be
-      present when "pol" is present.  Initial values are:
-
-      *  "approved": The policy evaluation succeeded and the task was
-         authorized to proceed.
-
-      *  "rejected": The policy evaluation failed.  A "rejected" ECT
-         MUST still be recorded for accountability.  An ECT with
-         "pol_decision" of "rejected" MAY appear as a parent in the
-         "par" array of a subsequent ECT, but only for compensation,
-         rollback, or remediation tasks.  Agents MUST NOT proceed with
-         normal workflow execution based on a parent ECT whose
-         "pol_decision" is "rejected".
-
-      *  "pending_human_review": The policy evaluation requires human
-         judgment before proceeding.  Agents MUST NOT proceed with
-         dependent tasks until a subsequent ECT from a human reviewer
-         records an "approved" decision referencing this task as a
-         parent.
-
-      When "pol" and "pol_decision" are absent, the ECT records task
-      execution without a policy checkpoint.  Regulated deployments
-      SHOULD include policy claims on all ECTs to maintain complete
-      audit trails.
-
-   pol_enforcer:  OPTIONAL.  StringOrURI.  The identity of the entity
-      (system or person) that evaluated the policy decision.  When
-      present, SHOULD use SPIFFE ID format.
-
-   This specification intentionally defines only the recording of policy
-   evaluation outcomes.  The mechanisms by which policies are defined,
-   distributed to agents, and evaluated are out of scope.  The "pol"
-   claim is an opaque identifier referencing an external policy; the
-   semantics and enforcement of that policy are determined by the
-   deployment environment.  Implementations may use any policy engine or
-   framework (e.g., OPA/Rego, Cedar, XACML, or custom solutions)
-   provided that the evaluation outcome is faithfully recorded in the
-   ECT claims defined above.
-
-4.2.4.  Data Integrity
+4.2.3.  Data Integrity
 
    The following claims provide integrity verification for task inputs
    and outputs without revealing the data itself:
 
-
-
-Nennemann                Expires 29 August 2026                [Page 12]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    inp_hash:  OPTIONAL.  String.  A cryptographic hash of the input
       data, formatted as "hash-algorithm:base64url-encoded-hash" (e.g.,
       "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg").  The hash
@@ -689,16 +606,27 @@ Internet-Draft           WIMSE Execution Context           February 2026
       data, using the same format and algorithm requirements as
       "inp_hash".
 
-4.2.5.  Compensation and Rollback
 
-   Compensation and rollback actions are recorded using the "par" claim
-   to reference the original task and the "exec_act" claim to describe
-   the remediation action.  The referenced parent ECTs may have passed
-   their own "exp" time; ECT expiration applies to the verification
-   window of the ECT itself, not to its validity as a parent reference
-   in the ECT store.
 
-4.2.6.  Extensions
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 11]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
+4.2.4.  Compensation and Rollback
+
+   Compensation and rollback extensions are defined in
+   [I-D.nennemann-wimse-ect-policy-compensation].  The referenced parent
+   ECTs may have passed their own "exp" time; ECT expiration applies to
+   the verification window of the ECT itself, not to its validity as a
+   parent reference in the ECT store.
+
+4.2.5.  Extensions
 
    ext:  OPTIONAL.  Object.  An extension object for domain-specific
       claims not defined by this specification.  Implementations that do
@@ -722,14 +650,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  "regulated_domain": String.  Regulatory domain (e.g., "medtech",
       "finance", "military").
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 13]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    *  "model_version": String.  AI/ML model version.
 
    *  "witnessed_by": Array of StringOrURI.  Identifiers of third-party
@@ -740,52 +660,24 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  "inp_classification": String.  Data sensitivity classification
       (e.g., "public", "confidential", "restricted").
 
-   *  "pol_timestamp": NumericDate.  Time at which the policy decision
-      was made, if distinct from "iat".
+   Additional extension keys for policy evaluation and compensation are
+   defined in [I-D.nennemann-wimse-ect-policy-compensation].
 
-   *  "compensation_required": Boolean.  Indicates whether this task is
-      a compensation or rollback action.
 
-   *  "compensation_reason": String.  Structured reason code for the
-      compensation action (e.g., "policy_violation_in_parent_trade").
-      SHOULD use structured identifiers rather than free-form text to
-      minimize information leakage (see Section 11.2).
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 12]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
 
 4.3.  Complete ECT Example
 
    The following is a complete ECT payload example:
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 14]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    {
      "iss": "spiffe://example.com/agent/clinical",
      "aud": "spiffe://example.com/agent/safety",
@@ -797,15 +689,10 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "exec_act": "recommend_treatment",
      "par": [],
 
-     "pol": "clinical_reasoning_policy_v2",
-     "pol_decision": "approved",
-     "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-
      "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
      "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
 
      "ext": {
-       "pol_timestamp": 1772064145,
        "exec_time_ms": 245,
        "regulated_domain": "medtech",
        "model_version": "clinical-reasoning-v4.2"
@@ -837,7 +724,8 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-Nennemann                Expires 29 August 2026                [Page 15]
+
+Nennemann                Expires 29 August 2026                [Page 13]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -893,7 +781,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-Nennemann                Expires 29 August 2026                [Page 16]
+Nennemann                Expires 29 August 2026                [Page 14]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -913,15 +801,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
        lead back to the current ECT's "jti".  If a cycle is detected,
        the ECT MUST be rejected.
 
-   5.  Parent Policy Decision: If any parent ECT contains a
-       "pol_decision" of "rejected" or "pending_human_review", the
-       current ECT's "exec_act" MUST indicate a compensation, rollback,
-       remediation, or human review action.  Implementations MUST NOT
-       accept an ECT representing normal workflow continuation when a
-       parent's "pol_decision" is not "approved".  This rule only
-       applies when the parent ECT contains policy claims.
-
-   6.  Trust Domain Consistency: Parent tasks SHOULD belong to the same
+   5.  Trust Domain Consistency: Parent tasks SHOULD belong to the same
        trust domain or to a trust domain with which a federation
        relationship has been established.
 
@@ -949,7 +829,15 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-Nennemann                Expires 29 August 2026                [Page 17]
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 15]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -1005,7 +893,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-Nennemann                Expires 29 August 2026                [Page 18]
+Nennemann                Expires 29 August 2026                [Page 16]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -1061,7 +949,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-Nennemann                Expires 29 August 2026                [Page 19]
+Nennemann                Expires 29 August 2026                [Page 17]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -1075,13 +963,9 @@ Internet-Draft           WIMSE Execution Context           February 2026
    12.  Verify all required claims ("jti", "exec_act", "par") are
         present and well-formed.
 
-   13.  If "pol" or "pol_decision" is present, verify that both are
-        present and that "pol_decision" is one of "approved",
-        "rejected", or "pending_human_review".
+   13.  Perform DAG validation per Section 6.
 
-   14.  Perform DAG validation per Section 6.
-
-   15.  If all checks pass and an audit ledger is deployed, the ECT
+   14.  If all checks pass and an audit ledger is deployed, the ECT
         SHOULD be appended to the ledger.
 
    If any verification step fails, the ECT MUST be rejected and the
@@ -1114,18 +998,18 @@ Internet-Draft           WIMSE Execution Context           February 2026
      // Look up public key
      public_key = trust_domain_keys.get(header.kid)
      if public_key is null:
-
-
-
-Nennemann                Expires 29 August 2026                [Page 20]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
        return reject("Unknown key identifier")
 
      // Verify signature
      if not verify_jws_signature(header, payload,
+
+
+
+Nennemann                Expires 29 August 2026                [Page 18]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
                                   signature, public_key):
        return reject("Invalid signature")
 
@@ -1161,23 +1045,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
        if claim not in payload:
          return reject("Missing required claim: " + claim)
 
-     // Validate policy claims (optional, but must be paired)
-     if "pol" in payload or "pol_decision" in payload:
-       if "pol" not in payload or "pol_decision" not in payload:
-         return reject("pol and pol_decision must both be present")
-       if payload.pol_decision not in
-          ["approved", "rejected", "pending_human_review"]:
-         return reject("Invalid pol_decision value")
-
      // Validate DAG (against ECT store or inline parent ECTs)
-
-
-
-Nennemann                Expires 29 August 2026                [Page 21]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
      result = validate_dag(payload, ect_store,
                             clock_skew_tolerance)
      if result is error:
@@ -1190,6 +1058,14 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
                    Figure 7: ECT Verification Pseudocode
 
+
+
+
+Nennemann                Expires 29 August 2026                [Page 19]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
 8.  Audit Ledger Interface
 
    ECTs MAY be recorded in an immutable audit ledger for compliance
@@ -1226,14 +1102,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
    include additional domain-specific requirements beyond the scope of
    this specification.
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 22]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    Note: task identifiers in this section are abbreviated for
    readability.  In production, all "jti" values are required to be
    UUIDs per Section 4.2.2.
@@ -1246,31 +1114,33 @@ Internet-Draft           WIMSE Execution Context           February 2026
    Section 11.10(e) and [EU-MDR] require audit trails documenting the
    complete development process for software used in medical devices.
 
+
+
+
+Nennemann                Expires 29 August 2026                [Page 20]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    Agent A (Spec Reviewer):
      jti: task-001    par: []
      exec_act: review_requirements_spec
-     pol: spec_review_policy_v2     pol_decision: approved
 
    Agent B (Code Generator):
      jti: task-002    par: [task-001]
      exec_act: implement_module
-     pol: coding_standards_v3       pol_decision: approved
 
    Agent C (Test Agent):
      jti: task-003    par: [task-002]
      exec_act: execute_test_suite
-     pol: test_coverage_policy_v1   pol_decision: approved
 
    Agent D (Build Agent):
      jti: task-004    par: [task-003]
      exec_act: build_release_artifact
-     pol: build_validation_v2       pol_decision: approved
 
    Human Release Manager:
      jti: task-005    par: [task-004]
      exec_act: approve_release
-     pol: release_approval_policy   pol_decision: approved
-     pol_enforcer: spiffe://meddev.example/human/release-mgr-42
      ext: {witnessed_by: [...]}  (extension metadata)
 
                    Figure 8: Medical Device SDLC Workflow
@@ -1281,15 +1151,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
    explicitly approved the release.  The DAG structure ensures no phase
    was skipped or reordered.
 
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 23]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
 9.1.1.  FDA Audit with DAG Reconstruction
 
    During a regulatory audit, an FDA reviewer requests evidence of the
@@ -1297,6 +1158,26 @@ Internet-Draft           WIMSE Execution Context           February 2026
    authority retrieves all ECTs sharing the same workflow identifier
    ("wid") from the audit ledger and reconstructs the complete DAG:
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 21]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    task-001 (review_requirements_spec)
      |
      v
@@ -1317,8 +1198,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    *  Each phase was executed by an identified and authenticated agent.
 
-   *  Policy checkpoints were evaluated at every phase transition.
-
    *  The execution sequence was maintained (no step was bypassed).
 
    *  A human-in-the-loop approved the final release, with independent
@@ -1337,15 +1216,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  [EU-AI-ACT] Article 12: Automatic logging capabilities for high-
       risk AI systems involved in the development process.
 
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 24]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    *  [EU-AI-ACT] Article 14: ECTs can record evidence that human
       oversight events occurred during the release process.
 
@@ -1355,20 +1225,26 @@ Internet-Draft           WIMSE Execution Context           February 2026
    compliance verification, and trade execution.  The DAG structure
    records that compliance checks were evaluated before trade execution.
 
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 22]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    Agent A (Risk Assessment):
      jti: task-001    par: []
      exec_act: calculate_risk_exposure
-     pol: risk_limits_policy_v2  pol_decision: approved
 
    Agent B (Compliance):
      jti: task-002    par: [task-001]
      exec_act: verify_compliance
-     pol: compliance_check_v1    pol_decision: approved
 
    Agent C (Execution):
      jti: task-003    par: [task-002]
      exec_act: execute_trade
-     pol: execution_policy_v3    pol_decision: approved
 
                    Figure 10: Financial Trading Workflow
 
@@ -1384,47 +1260,10 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 9.3.  Compensation and Rollback
 
-   When a compliance violation is discovered after execution, ECTs
-   provide a mechanism to record authorized compensation actions with a
-   cryptographic link to the original task:
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 25]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
-   {
-     "iss": "spiffe://bank.example/agent/operations",
-     "aud": "spiffe://bank.example/system/ledger",
-     "iat": 1772150550,
-     "exp": 1772151150,
-     "jti": "550e8400-e29b-41d4-a716-446655440099",
-     "wid": "d3e4f5a6-b7c8-9012-def0-123456789012",
-     "exec_act": "initiate_trade_rollback",
-     "par": ["550e8400-e29b-41d4-a716-446655440003"],
-     "pol": "compensation_policy_v1",
-     "pol_decision": "approved",
-     "pol_enforcer": "spiffe://bank.example/human/compliance-officer",
-     "ext": {
-       "compensation_required": true,
-       "compensation_reason": "policy_violation_in_parent_trade"
-     }
-   }
-
-                    Figure 11: Compensation ECT Example
-
-   The "par" claim links the compensation action to the original trade,
-   creating an auditable chain from execution through violation
-   discovery to remediation.
+   Compensation and rollback use cases are described in
+   [I-D.nennemann-wimse-ect-policy-compensation].  The core ECT
+   mechanism supports compensation through the "par" claim, which links
+   a remediation ECT to the original task.
 
 9.4.  Autonomous Logistics Coordination
 
@@ -1446,14 +1285,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 26]
+Nennemann                Expires 29 August 2026                [Page 23]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
@@ -1461,29 +1293,24 @@ Internet-Draft           WIMSE Execution Context           February 2026
    Agent A (Route Planning):
      jti: task-001    par: []
      exec_act: plan_route
-     pol: route_policy_v1        pol_decision: approved
 
    Agent B (Customs):
      jti: task-002    par: [task-001]
      exec_act: validate_customs
-     pol: customs_policy_v2      pol_decision: approved
 
    Agent C (Safety):
      jti: task-003    par: [task-001]
      exec_act: verify_cargo_safety
-     pol: safety_policy_v1       pol_decision: approved
 
    Agent D (Payment):
      jti: task-004    par: [task-002, task-003]
      exec_act: authorize_payment
-     pol: payment_policy_v3      pol_decision: approved
 
    System (Commitment):
      jti: task-005    par: [task-004]
      exec_act: commit_shipment
-     pol: commitment_policy_v1   pol_decision: approved
 
-             Figure 12: Logistics Workflow with Parallel Tasks
+             Figure 11: Logistics Workflow with Parallel Tasks
 
    Note that tasks 002 and 003 both depend only on task-001 and can
    execute in parallel.  Task 004 depends on both, demonstrating the
@@ -1507,29 +1334,29 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  Ledger tamperer: An entity attempting to modify or delete ledger
       entries after they have been recorded.
 
+   *  Time manipulator: An entity attempting to manipulate timestamps to
+      alter perceived execution ordering.
 
 
-Nennemann                Expires 29 August 2026                [Page 27]
+
+
+
+Nennemann                Expires 29 August 2026                [Page 24]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-   *  Time manipulator: An entity attempting to manipulate timestamps to
-      alter perceived execution ordering.
-
 10.2.  Self-Assertion Limitation
 
    ECTs are self-asserted by the executing agent.  The agent claims what
    it did, and this claim is signed with its private key.  A compromised
-   or malicious agent could create ECTs with false claims (e.g., setting
-   "pol_decision" to "approved" without actually evaluating the policy).
+   or malicious agent could create ECTs with false claims (e.g.,
+   claiming an action was performed when it was not).
 
    ECTs do not independently verify that:
 
    *  The claimed execution actually occurred as described
 
-   *  The policy evaluation was correctly performed
-
    *  The input/output hashes correspond to the actual data processed
 
    *  The agent faithfully performed the stated action
@@ -1562,20 +1389,19 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  Ledger integrity governance: The ledger is maintained by an entity
       independent of the workflow agents.
 
+   *  Agent deployment governance: Agents are deployed and maintained in
+      a manner that preserves their integrity.
 
 
 
-Nennemann                Expires 29 August 2026                [Page 28]
+
+
+
+Nennemann                Expires 29 August 2026                [Page 25]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-   *  Policy lifecycle management: Policy identifiers in ECTs map to
-      actual, validated policy rules.
-
-   *  Agent deployment governance: Agents are deployed and maintained in
-      a manner that preserves their integrity.
-
 10.4.  Signature Verification
 
    ECTs MUST be signed with the agent's private key using JWS [RFC7515].
@@ -1618,21 +1444,19 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    The defense-in-depth model provides:
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 29]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    *  TLS/mTLS (transport layer): Prevents network-level tampering.
 
    *  WIT/WPT (WIMSE identity layer): Proves agent identity and request
       authorization.
 
-   *  ECT (execution accountability layer): Records what the agent did
-      and under what policy.
+   *  ECT (execution accountability layer): Records what the agent did.
+
+
+
+Nennemann                Expires 29 August 2026                [Page 26]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
 
 10.7.  Key Compromise
 
@@ -1673,18 +1497,23 @@ Internet-Draft           WIMSE Execution Context           February 2026
    *  Cross-verification: Multiple independent ledger replicas can be
       compared for consistency.
 
+   *  Out-of-band audit: External auditors periodically verify ledger
+      contents against expected workflow patterns.
 
 
 
 
-Nennemann                Expires 29 August 2026                [Page 30]
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 27]
 
 Internet-Draft           WIMSE Execution Context           February 2026
 
 
-   *  Out-of-band audit: External auditors periodically verify ledger
-      contents against expected workflow patterns.
-
 10.9.  Denial of Service
 
    ECT signature verification is computationally inexpensive
@@ -1722,7 +1551,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
    maximum of 256 entries.  Workflows requiring more parent references
    SHOULD introduce intermediate aggregation tasks.  The "ext" object
    SHOULD NOT exceed 4096 bytes when serialized as JSON and SHOULD NOT
-   exceed a nesting depth of 5 levels (see also Section 4.2.6).
+   exceed a nesting depth of 5 levels (see also Section 4.2.5).
 
 11.  Privacy Considerations
 
@@ -1730,20 +1559,16 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    ECTs necessarily reveal:
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 31]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    *  Agent identities ("iss", "aud") for accountability purposes
 
    *  Action descriptions ("exec_act") for audit trail completeness
 
-   *  Policy evaluation outcomes ("pol", "pol_decision") for compliance
-      verification
+
+
+Nennemann                Expires 29 August 2026                [Page 28]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
 
    *  Timestamps ("iat", "exp") for temporal ordering
 
@@ -1762,14 +1587,10 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    Implementations SHOULD minimize the information included in ECTs.
    The "exec_act" claim SHOULD use structured identifiers (e.g.,
-   "process_payment") rather than natural language descriptions.  The
-   "pol" claim SHOULD reference policy identifiers rather than embedding
-   policy content.
-
-   The "compensation_reason" extension key in "ext" (Section 4.2.5)
-   deserves particular attention: because it is human-readable, it risks
-   exposing sensitive operational details.  See Section 4.2.6 for
-   guidance on using structured identifiers.
+   "process_payment") rather than natural language descriptions.
+   Extension keys in "ext" (Section 4.2.5) deserve particular attention:
+   human-readable values risk exposing sensitive operational details.
+   See Section 4.2.5 for guidance on using structured identifiers.
 
 11.3.  Storage and Access Control
 
@@ -1783,22 +1604,11 @@ Internet-Draft           WIMSE Execution Context           February 2026
    controls, since auditors may need to verify hash correctness but
    general access to the data values is not needed.
 
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 32]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
 11.4.  Regulatory Access
 
    ECTs are designed for interpretation by qualified human auditors and
-   regulators.  ECTs provide structural records of execution ordering
-   and policy evaluation; they are not intended for public disclosure.
+   regulators.  ECTs provide structural records of execution ordering;
+   they are not intended for public disclosure.
 
 12.  IANA Considerations
 
@@ -1809,6 +1619,13 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    Type name:  application
 
+
+
+Nennemann                Expires 29 August 2026                [Page 29]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    Subtype name:  wimse-exec+jwt
 
    Required parameters:  none
@@ -1842,14 +1659,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    Author:  Christian Nennemann
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 33]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    Change controller:  IETF
 
 12.2.  HTTP Header Field Registration
@@ -1864,122 +1673,46 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    Specification document:  This document, Section 5
 
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 30]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
 12.3.  JWT Claims Registration
 
    This document requests registration of the following claims in the
    "JSON Web Token Claims" registry maintained by IANA:
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 34]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
-   +==============+===================+===================+===========+
-   |  Claim Name  | Claim Description | Change Controller | Reference |
-   +==============+===================+===================+===========+
-   |     wid      | Workflow          |        IETF       |  Section  |
-   |              | Identifier        |                   |   4.2.2   |
-   +--------------+-------------------+-------------------+-----------+
-   |   exec_act   | Action/Task Type  |        IETF       |  Section  |
-   |              |                   |                   |   4.2.2   |
-   +--------------+-------------------+-------------------+-----------+
-   |     par      | Parent Task       |        IETF       |  Section  |
-   |              | Identifiers       |                   |   4.2.2   |
-   +--------------+-------------------+-------------------+-----------+
-   |     pol      | Policy Rule       |        IETF       |  Section  |
-   |              | Identifier        |                   |   4.2.3   |
-   +--------------+-------------------+-------------------+-----------+
-   | pol_decision | Policy Decision   |        IETF       |  Section  |
-   |              | Result            |                   |   4.2.3   |
-   +--------------+-------------------+-------------------+-----------+
-   | pol_enforcer | Policy Enforcer   |        IETF       |  Section  |
-   |              | Identity          |                   |   4.2.3   |
-   +--------------+-------------------+-------------------+-----------+
-   |   inp_hash   | Input Data Hash   |        IETF       |  Section  |
-   |              |                   |                   |   4.2.4   |
-   +--------------+-------------------+-------------------+-----------+
-   |   out_hash   | Output Data Hash  |        IETF       |  Section  |
-   |              |                   |                   |   4.2.4   |
-   +--------------+-------------------+-------------------+-----------+
-   |     ext      | Extension Object  |        IETF       |  Section  |
-   |              |                   |                   |   4.2.6   |
-   +--------------+-------------------+-------------------+-----------+
+   +============+=====================+===================+===========+
+   | Claim Name | Claim Description   | Change Controller | Reference |
+   +============+=====================+===================+===========+
+   |    wid     | Workflow Identifier |        IETF       |  Section  |
+   |            |                     |                   |   4.2.2   |
+   +------------+---------------------+-------------------+-----------+
+   |  exec_act  | Action/Task Type    |        IETF       |  Section  |
+   |            |                     |                   |   4.2.2   |
+   +------------+---------------------+-------------------+-----------+
+   |    par     | Parent Task         |        IETF       |  Section  |
+   |            | Identifiers         |                   |   4.2.2   |
+   +------------+---------------------+-------------------+-----------+
+   |  inp_hash  | Input Data Hash     |        IETF       |  Section  |
+   |            |                     |                   |   4.2.3   |
+   +------------+---------------------+-------------------+-----------+
+   |  out_hash  | Output Data Hash    |        IETF       |  Section  |
+   |            |                     |                   |   4.2.3   |
+   +------------+---------------------+-------------------+-----------+
+   |    ext     | Extension Object    |        IETF       |  Section  |
+   |            |                     |                   |   4.2.5   |
+   +------------+---------------------+-------------------+-----------+
 
                     Table 1: JWT Claims Registrations
 
-12.4.  ECT Policy Decision Values Registry
-
-   This document establishes the "ECT Policy Decision Values" registry
-   under the "JSON Web Token (JWT)" group.  Registration policy is
-   Specification Required per [RFC8126].
-
-   The initial contents of the registry are:
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 35]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
-   +======================+===================+============+===========+
-   |        Value         | Description       |   Change   | Reference |
-   |                      |                   | Controller |           |
-   +======================+===================+============+===========+
-   |       approved       | Policy            |    IETF    |  Section  |
-   |                      | evaluation        |            |   4.2.3   |
-   |                      | succeeded         |            |           |
-   +----------------------+-------------------+------------+-----------+
-   |       rejected       | Policy            |    IETF    |  Section  |
-   |                      | evaluation        |            |   4.2.3   |
-   |                      | failed            |            |           |
-   +----------------------+-------------------+------------+-----------+
-   | pending_human_review | Awaiting          |    IETF    |  Section  |
-   |                      | human             |            |   4.2.3   |
-   |                      | judgment          |            |           |
-   +----------------------+-------------------+------------+-----------+
-
-                    Table 2: ECT Policy Decision Values
+   Policy evaluation claims and the ECT Policy Decision Values registry
+   are defined in [I-D.nennemann-wimse-ect-policy-compensation].
 
 13.  References
 
@@ -1997,6 +1730,14 @@ Internet-Draft           WIMSE Execution Context           February 2026
               Campbell, B., Salowey, J. A., Schwenkschuster, A., and Y.
               Sheffer, "WIMSE Workload-to-Workload Authentication", Work
               in Progress, Internet-Draft, draft-ietf-wimse-s2s-
+
+
+
+Nennemann                Expires 29 August 2026                [Page 31]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
               protocol-07, 16 October 2025,
               <https://datatracker.ietf.org/doc/html/draft-ietf-wimse-
               s2s-protocol-07>.
@@ -2010,14 +1751,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
               Signature (JWS)", RFC 7515, DOI 10.17487/RFC7515, May
               2015, <https://www.rfc-editor.org/rfc/rfc7515>.
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 36]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    [RFC7517]  Jones, M., "JSON Web Key (JWK)", RFC 7517,
               DOI 10.17487/RFC7517, May 2015,
               <https://www.rfc-editor.org/rfc/rfc7517>.
@@ -2030,11 +1763,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
               (JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015,
               <https://www.rfc-editor.org/rfc/rfc7519>.
 
-   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
-              Writing an IANA Considerations Section in RFCs", BCP 26,
-              RFC 8126, DOI 10.17487/RFC8126, June 2017,
-              <https://www.rfc-editor.org/rfc/rfc8126>.
-
    [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
               2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
               May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
@@ -2058,6 +1786,14 @@ Internet-Draft           WIMSE Execution Context           February 2026
    [EU-AI-ACT]
               European Parliament and Council of the European Union,
               "Regulation (EU) 2024/1689 of the European Parliament and
+
+
+
+Nennemann                Expires 29 August 2026                [Page 32]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
               of the Council laying down harmonised rules on artificial
               intelligence (Artificial Intelligence Act)", 13 June 2024,
               <https://eur-lex.europa.eu/eli/reg/2024/1689>.
@@ -2066,14 +1802,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
               "Regulation (EU) 2017/745 on medical devices (MDR)", 5
               April 2017, <https://eur-lex.europa.eu/eli/reg/2017/745>.
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 37]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    [FDA-21CFR11]
               U.S. Food and Drug Administration, "Title 21, Code of
               Federal Regulations, Part 11: Electronic Records;
@@ -2095,6 +1823,12 @@ Internet-Draft           WIMSE Execution Context           February 2026
               October 2025, <https://datatracker.ietf.org/doc/html/
               draft-ietf-scitt-architecture-22>.
 
+   [I-D.nennemann-wimse-ect-policy-compensation]
+              Nennemann, C., "Policy Evaluation and Compensation
+              Extensions for Execution Context Tokens",
+              <https://datatracker.ietf.org/doc/draft-nennemann-wimse-
+              ect-policy-compensation/>.
+
    [I-D.ni-wimse-ai-agent-identity]
               Yuan, N. and P. C. Liu, "WIMSE Applicability for AI
               Agents", Work in Progress, Internet-Draft, draft-ni-wimse-
@@ -2109,6 +1843,13 @@ Internet-Draft           WIMSE Execution Context           February 2026
               <https://datatracker.ietf.org/doc/html/draft-oauth-
               transaction-tokens-for-agents-04>.
 
+
+
+Nennemann                Expires 29 August 2026                [Page 33]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    [MIFID-II] European Parliament and Council of the European Union,
               "Directive 2014/65/EU of the European Parliament and of
               the Council on markets in financial instruments (MiFID
@@ -2120,16 +1861,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
               Specification",
               <https://opentelemetry.io/docs/specs/otel/>.
 
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 38]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    [RFC3552]  Rescorla, E. and B. Korver, "Guidelines for Writing RFC
               Text on Security Considerations", BCP 72, RFC 3552,
               DOI 10.17487/RFC3552, July 2003,
@@ -2156,9 +1887,8 @@ WIMSE Workload Identity
    protocol [I-D.ietf-wimse-s2s-protocol] provide the identity
    foundation upon which ECTs are built.  WIT/WPT answer "who is this
    agent?" and "does it control the claimed key?" while ECTs record
-   "what did this agent do?" and "what policy was evaluated?"  Together
-   they form an identity-plus-accountability framework for regulated
-   agentic systems.
+   "what did this agent do?"  Together they form an identity-plus-
+   accountability framework for regulated agentic systems.
 
 OAuth 2.0 Token Exchange and the "act" Claim
 
@@ -2168,23 +1898,22 @@ OAuth 2.0 Token Exchange and the "act" Claim
    acting on behalf of whom."  While the nesting superficially resembles
    a chain, it is strictly linear (each "act" object contains at most
    one nested "act"), represents authorization delegation rather than
-   task execution, and carries no task identifiers, policy decisions, or
-   input/output integrity data.  The "act" chain cannot represent
-   branching (fan-out) or convergence (fan-in) and therefore cannot form
-   a DAG.
+
+
+
+Nennemann                Expires 29 August 2026                [Page 34]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
+   task execution, and carries no task identifiers or input/output
+   integrity data.  The "act" chain cannot represent branching (fan-out)
+   or convergence (fan-in) and therefore cannot form a DAG.
 
    ECTs intentionally use the distinct claim name "exec_act" for the
    action/task type to avoid collision with the "act" claim.  The two
    concepts are orthogonal: "act" records "who authorized whom," ECTs
-   record "what was done, in what order, with what policy outcomes."
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 39]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
+   record "what was done, in what order."
 
 Transaction Tokens
 
@@ -2205,8 +1934,8 @@ Transaction Tokens
       from the Transaction Token Service appear in "req_wl"; workloads
       that forward the token unchanged are not recorded.
 
-   *  It carries no task-level granularity, no parent references, no
-      policy evaluation outcomes, and no execution content.
+   *  It carries no task-level granularity, no parent references, and no
+      execution content.
 
    Extensions for agentic use cases
    ([I-D.oauth-transaction-tokens-for-agents]) add agent identity and
@@ -2216,12 +1945,22 @@ Transaction Tokens
    ECTs and Transaction Tokens are complementary: a Txn-Token propagates
    authorization context ("this request is authorized for scope X on
    behalf of user Y"), while an ECT records execution accountability
-   ("task T was performed, depending on tasks P1 and P2, with policy Z
-   evaluated and approved").  An agent request could carry both a Txn-
-   Token for authorization and an ECT for execution recording.  The WPT
-   "tth" claim defined in [I-D.ietf-wimse-s2s-protocol] can hash-bind a
-   WPT to a co-present Txn-Token; a similar binding mechanism for ECTs
-   is a potential future extension.
+   ("task T was performed, depending on tasks P1 and P2").  An agent
+   request could carry both a Txn-Token for authorization and an ECT for
+   execution recording.  The WPT "tth" claim defined in
+   [I-D.ietf-wimse-s2s-protocol] can hash-bind a WPT to a co-present
+   Txn-Token; a similar binding mechanism for ECTs is a potential future
+   extension.
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 35]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
 
 Distributed Tracing (OpenTelemetry)
 
@@ -2234,14 +1973,6 @@ Distributed Tracing (OpenTelemetry)
    OpenTelemetry data is typically controlled by the platform operator
    and can be modified or deleted without detection.  ECTs and
    distributed traces are complementary: traces provide observability
-
-
-
-Nennemann                Expires 29 August 2026                [Page 40]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    while ECTs provide signed execution records.  ECTs may reference
    OpenTelemetry trace identifiers in the "ext" claim for correlation.
 
@@ -2264,8 +1995,8 @@ SCITT (Supply Chain Integrity, Transparency, and Trust)
    SCITT Signed Statements, linking a complete ECT audit trail to a
    supply chain transparency record.  For example, in a regulated
    manufacturing workflow, each agent step produces an ECT (recording
-   what was done, by whom, under what policy), while the overall
-   workflow identified by "wid" is registered as a SCITT Signed
+   what was done, by whom, under under what constraints), while the
+   overall workflow identified by "wid" is registered as a SCITT Signed
    Statement on a Transparency Service.  This enables auditors to verify
    both the individual execution steps (via ECT DAG validation) and the
    end-to-end supply chain integrity (via SCITT Receipts) using the
@@ -2274,13 +2005,25 @@ SCITT (Supply Chain Integrity, Transparency, and Trust)
    Transparency Service identifiers or Receipt references for tighter
    integration.
 
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 36]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
 W3C Verifiable Credentials
 
    W3C Verifiable Credentials represent claims about subjects (e.g.,
    identity, qualifications).  ECTs represent execution records of
-   actions (what happened, in what order, under what policy).  While
-   both use JWT/JWS as a serialization format, their semantics and use
-   cases are distinct.
+   actions (what happened, in what order).  While both use JWT/JWS as a
+   serialization format, their semantics and use cases are distinct.
 
 Implementation Guidance
 
@@ -2288,19 +2031,8 @@ Minimal Implementation
 
    A minimal conforming implementation needs to:
 
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 41]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    1.  Create JWTs with all required claims ("iss", "aud", "iat", "exp",
-       "jti", "exec_act", "par") and policy claims ("pol",
-       "pol_decision") when policy evaluation was performed.
+       "jti", "exec_act", "par").
 
    2.  Sign ECTs with the agent's private key using an algorithm
        matching the WIT (ES256 recommended).
@@ -2335,6 +2067,13 @@ Performance Considerations
 
    *  JSON serialization: sub-millisecond per ECT.
 
+
+
+Nennemann                Expires 29 August 2026                [Page 37]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    *  Total per-request overhead: approximately 5-10ms, acceptable for
       regulated workflows where correctness is prioritized over latency.
 
@@ -2346,14 +2085,6 @@ Interoperability
    expected to be tested against multiple JWT libraries to ensure
    interoperability.
 
-
-
-
-Nennemann                Expires 29 August 2026                [Page 42]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
 Regulatory Compliance Mapping
 
    The following table summarizes how ECTs can contribute to compliance
@@ -2361,6 +2092,44 @@ Regulatory Compliance Mapping
    block; achieving compliance requires additional organizational
    measures beyond this specification.
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 38]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
     +============+========================+==========================+
     | Regulation | Requirement            | ECT Contribution         |
     +============+========================+==========================+
@@ -2391,7 +2160,7 @@ Regulatory Compliance Mapping
     |            |                        | trail                    |
     +------------+------------------------+--------------------------+
 
-                  Table 3: Regulatory Compliance Mapping
+                  Table 2: Regulatory Compliance Mapping
 
 Examples
 
@@ -2401,15 +2170,6 @@ Example 1: Simple Two-Agent Workflow
 
    ECT JOSE Header:
 
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 43]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    {
      "alg": "ES256",
      "typ": "wimse-exec+jwt",
@@ -2418,6 +2178,14 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
    ECT Payload:
 
+
+
+
+Nennemann                Expires 29 August 2026                [Page 39]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    {
      "iss": "spiffe://example.com/agent/data-retrieval",
      "aud": "spiffe://example.com/agent/validator",
@@ -2427,8 +2195,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
      "exec_act": "fetch_patient_data",
      "par": [],
-     "pol": "clinical_data_access_policy_v1",
-     "pol_decision": "approved",
      "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
      "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
    }
@@ -2444,9 +2210,7 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "jti": "550e8400-e29b-41d4-a716-446655440002",
      "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
      "exec_act": "validate_safety",
-     "par": ["550e8400-e29b-41d4-a716-446655440001"],
-     "pol": "safety_validation_policy_v2",
-     "pol_decision": "approved"
+     "par": ["550e8400-e29b-41d4-a716-446655440001"]
    }
 
    The resulting DAG:
@@ -2456,16 +2220,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
      v
    task-...-0002 (validate_safety)
 
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 44]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
 Example 2: Medical Device SDLC with Release Approval
 
    A multi-step medical device software lifecycle workflow with
@@ -2473,6 +2227,21 @@ Example 2: Medical Device SDLC with Release Approval
 
    Task 1 (Spec Review Agent):
 
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 40]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    {
      "iss": "spiffe://meddev.example/agent/spec-reviewer",
      "aud": "spiffe://meddev.example/agent/code-gen",
@@ -2482,8 +2251,6 @@ Example 2: Medical Device SDLC with Release Approval
      "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
      "exec_act": "review_requirements_spec",
      "par": [],
-     "pol": "spec_review_policy_v2",
-     "pol_decision": "approved",
      "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
      "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
    }
@@ -2498,30 +2265,11 @@ Example 2: Medical Device SDLC with Release Approval
      "jti": "a1b2c3d4-0001-0000-0000-000000000002",
      "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
      "exec_act": "implement_module",
-     "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
-     "pol": "coding_standards_v3",
-     "pol_decision": "approved"
+     "par": ["a1b2c3d4-0001-0000-0000-000000000001"]
    }
 
    Task 3 (Autonomous Test Agent):
 
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 45]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    {
      "iss": "spiffe://meddev.example/agent/test-runner",
      "aud": "spiffe://meddev.example/agent/build",
@@ -2530,13 +2278,26 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "jti": "a1b2c3d4-0001-0000-0000-000000000003",
      "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
      "exec_act": "execute_test_suite",
-     "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
-     "pol": "test_coverage_policy_v1",
-     "pol_decision": "approved"
+     "par": ["a1b2c3d4-0001-0000-0000-000000000002"]
    }
 
    Task 4 (Build Agent):
 
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 41]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    {
      "iss": "spiffe://meddev.example/agent/build",
      "aud": "spiffe://meddev.example/human/release-mgr-42",
@@ -2546,38 +2307,11 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
      "exec_act": "build_release_artifact",
      "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
-     "pol": "build_validation_v2",
-     "pol_decision": "approved",
      "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
    }
 
    Task 5 (Human Release Manager Approval):
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 46]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    {
      "iss": "spiffe://meddev.example/human/release-mgr-42",
      "aud": "spiffe://meddev.example/system/ledger",
@@ -2587,9 +2321,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
      "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
      "exec_act": "approve_release",
      "par": ["a1b2c3d4-0001-0000-0000-000000000004"],
-     "pol": "release_approval_policy",
-     "pol_decision": "approved",
-     "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
      "ext": {
        "witnessed_by": [
          "spiffe://meddev.example/audit/qa-observer-1"
@@ -2603,6 +2334,26 @@ Internet-Draft           WIMSE Execution Context           February 2026
    "ext" object in task 5 carries witness metadata via the
    "witnessed_by" extension key.
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 42]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    task-...-0001 (review_requirements_spec)
      |
      v
@@ -2623,17 +2374,6 @@ Internet-Draft           WIMSE Execution Context           February 2026
    that the SDLC followed the prescribed process with human oversight at
    the release gate.
 
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 47]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
 Example 3: Parallel Execution with Join
 
    A workflow where two tasks execute in parallel and a third task
@@ -2651,6 +2391,25 @@ Example 3: Parallel Execution with Join
 
    Task 004 ECT payload:
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Nennemann                Expires 29 August 2026                [Page 43]
+
+Internet-Draft           WIMSE Execution Context           February 2026
+
+
    {
      "iss": "spiffe://bank.example/agent/execution",
      "aud": "spiffe://bank.example/system/ledger",
@@ -2662,9 +2421,7 @@ Example 3: Parallel Execution with Join
      "par": [
        "f1e2d3c4-0002-0000-0000-000000000002",
        "f1e2d3c4-0003-0000-0000-000000000003"
-     ],
-     "pol": "trade_execution_policy_v3",
-     "pol_decision": "approved"
+     ]
    }
 
    The "par" array with two entries records that both compliance
@@ -2682,14 +2439,6 @@ Author's Address
 
    Christian Nennemann
    Independent Researcher
-
-
-
-Nennemann                Expires 29 August 2026                [Page 48]
-
-Internet-Draft           WIMSE Execution Context           February 2026
-
-
    Email: ietf@nennemann.de
 
 
@@ -2712,33 +2461,4 @@ Internet-Draft           WIMSE Execution Context           February 2026
 
 
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Nennemann                Expires 29 August 2026                [Page 49]
+Nennemann                Expires 29 August 2026                [Page 44]
diff --git a/draft-nennemann-wimse-execution-context-00.xml b/draft-nennemann-wimse-execution-context-00.xml
index c4695da..19426e4 100644
--- a/draft-nennemann-wimse-execution-context-00.xml
+++ b/draft-nennemann-wimse-execution-context-00.xml
@@ -32,22 +32,22 @@
     <abstract>
 
 
-<?line 86?>
+<?line 91?>
 
 <t>This document defines Execution Context Tokens (ECTs), an extension
 to the Workload Identity in Multi System Environments (WIMSE)
 architecture for distributed agentic workflows in regulated
 environments.  ECTs provide signed, structured records of task
-execution order, policy evaluation outcomes, and compliance state
-across
-agent-to-agent communication.  By extending WIMSE Workload Identity
+execution order and compliance state across agent-to-agent
+communication.  By extending WIMSE Workload Identity
 Tokens with execution context claims in JSON Web Token (JWT)
 format, this specification enables regulated systems to maintain
 structured audit trails that support compliance verification.
 ECTs use a directed acyclic graph (DAG) structure to represent task
-dependencies, record policy evaluation outcomes at each decision
-point, and integrate with WIMSE Workload Identity Tokens (WIT)
-using the same signing model and cryptographic primitives.  A new
+dependencies and integrate with WIMSE Workload Identity Tokens (WIT)
+using the same signing model and cryptographic primitives.
+Policy evaluation and compensation extensions are defined in
+<xref target="I-D.nennemann-wimse-ect-policy-compensation"/>.  A new
 HTTP header field,
 Execution-Context, is defined for transporting ECTs alongside
 existing WIMSE headers.  ECTs are a technical building block that
@@ -65,7 +65,7 @@ regulatory frameworks.</t>
   <middle>
 
 
-<?line 108?>
+<?line 113?>
 
 <section anchor="introduction"><name>Introduction</name>
 
@@ -81,8 +81,7 @@ Workload-Proof-Token HTTP headers.</t>
 
 <t>However, workload identity alone does not address execution
 accountability.  Knowing who performed an action does not record
-what was done, what policy was applied, or whether compliance
-requirements were evaluated at each decision point.</t>
+what was done or in what order.</t>
 
 <t>Regulated environments increasingly deploy autonomous agents that
 coordinate across organizational boundaries.  Multiple regulatory
@@ -94,7 +93,7 @@ detailed mapping).</t>
 <t>This document defines an extension to the WIMSE architecture that
 addresses the gap between workload identity and execution
 accountability.  WIMSE authenticates agents; this extension records
-what they did, in what order, and what policy was evaluated.</t>
+what they did and in what order.</t>
 
 <t>As identified in <xref target="I-D.ni-wimse-ai-agent-identity"/>, call context
 in agentic workflows needs to be visible and preserved.  ECTs
@@ -110,11 +109,11 @@ systems:</t>
 <t><list style="numbers" type="1">
   <t>WIMSE authenticates agents but does not record what they
 actually did.  A WIT proves "Agent A is authorized" but not
-"Agent A executed Task X, under Policy Y, producing Output Z."</t>
-  <t>No standard mechanism exists to record policy evaluation
-outcomes at each decision point in a multi-agent workflow.</t>
-  <t>No mechanism exists to cryptographically link compensation and
-rollback decisions to original actions.</t>
+"Agent A executed Task X, producing Output Z."</t>
+  <t>No standard mechanism exists to cryptographically order and
+link task execution across a multi-agent workflow.</t>
+  <t>No mechanism exists to reconstruct the complete execution
+history of a distributed workflow for audit purposes.</t>
 </list></t>
 
 <t>Existing observability tools such as distributed tracing
@@ -131,11 +130,12 @@ regulatory audit scenarios.</t>
 <t><list style="symbols">
   <t>The Execution Context Token (ECT) format (<xref target="ect-format"/>)</t>
   <t>DAG structure for task dependency ordering (<xref target="dag-validation"/>)</t>
-  <t>Policy checkpoint recording (<xref target="policy-claims"/>)</t>
   <t>Integration with the WIMSE identity framework
 (<xref target="wimse-integration"/>)</t>
   <t>An HTTP header for ECT transport (<xref target="http-header"/>)</t>
   <t>Audit ledger interface requirements (<xref target="ledger-interface"/>)</t>
+  <t>Policy evaluation and compensation extensions are defined
+separately in <xref target="I-D.nennemann-wimse-ect-policy-compensation"/></t>
 </list></t>
 
 <t>The following are out of scope and are handled by WIMSE:</t>
@@ -161,11 +161,10 @@ beyond the scope of this specification.  The regulatory references
 in this document are intended to motivate the design requirements,
 not to claim that implementing ECTs satisfies these regulations.</t>
 
-<t>ECTs provide evidence of claimed execution ordering and policy
-evaluation.  They do not independently verify that the claimed
-execution actually occurred as described, that the policy
-evaluation was correct, or that the agent faithfully performed the
-stated action.  The trustworthiness of ECT claims depends on the
+<t>ECTs provide evidence of claimed execution ordering.  They do not
+independently verify that the claimed execution actually occurred
+as described or that the agent faithfully performed the stated
+action.  The trustworthiness of ECT claims depends on the
 trustworthiness of the signing agent and the integrity of the
 broader deployment environment.</t>
 
@@ -202,18 +201,13 @@ edges are directed and no cycles exist.</t>
   <dt>Execution Context Token (ECT):</dt>
   <dd>
     <t>A JSON Web Token <xref target="RFC7519"/> defined by this specification that
-records task execution details and policy evaluation outcomes.</t>
+records task execution details.</t>
   </dd>
   <dt>Audit Ledger:</dt>
   <dd>
     <t>An append-only, immutable log of all ECTs within a workflow or
 set of workflows, used for regulatory audit and compliance
 verification.</t>
-  </dd>
-  <dt>Policy Checkpoint:</dt>
-  <dd>
-    <t>A point in a workflow where a policy evaluation outcome is
-recorded within an ECT.</t>
   </dd>
   <dt>Workload Identity Token (WIT):</dt>
   <dd>
@@ -260,9 +254,8 @@ the WIMSE scope and are not addressed by workload identity alone:</t>
 <t><list style="symbols">
   <t>Recording what agents actually do with their authenticated
 identity</t>
-  <t>Recording policy evaluation outcomes at each hop</t>
   <t>Maintaining structured execution records</t>
-  <t>Linking compensation or rollback actions to original tasks</t>
+  <t>Linking actions to their predecessors with cryptographic assurance</t>
 </list></t>
 
 </section>
@@ -282,7 +275,7 @@ between the identity layer and the application layer:</t>
 +--------------------------------------------------+
 |  ECT Layer (Execution Accountability) [This Spec]|
 |    ECT: "Task executed, dependencies met,        |
-|          policy evaluated, outcome recorded"      |
+|          inputs/outputs hashed"                   |
 +--------------------------------------------------+
                        |
                        v
@@ -335,8 +328,8 @@ via the WIT public key.</t>
   <t>WIT (WIMSE layer): Verifies Agent A's identity within the
 trust domain.  WPT verification, if present, per
 <xref target="I-D.ietf-wimse-s2s-protocol"/>.</t>
-  <t>ECT (this extension): Records what Agent A did, what policy was
-evaluated, and what precedent tasks exist.</t>
+  <t>ECT (this extension): Records what Agent A did and what
+precedent tasks exist.</t>
   <t>Ledger (if deployed): Appends the verified ECT to the audit
 ledger.</t>
 </list></t>
@@ -503,67 +496,6 @@ multiple root tasks.</t>
   </dd>
 </dl>
 
-</section>
-<section anchor="policy-claims"><name>Policy Evaluation</name>
-
-<t>The following claims record policy evaluation outcomes:</t>
-
-<dl>
-  <dt>pol:</dt>
-  <dd>
-    <t><bcp14>OPTIONAL</bcp14>.  String.  The identifier of the policy rule that was
-evaluated for this task (e.g.,
-"clinical_data_access_policy_v1").  <bcp14>MUST</bcp14> be present when
-"pol_decision" is present.</t>
-  </dd>
-  <dt>pol_decision:</dt>
-  <dd>
-    <t><bcp14>OPTIONAL</bcp14>.  String.  The result of the policy evaluation.  When
-present, <bcp14>MUST</bcp14> be one of the values registered in the ECT Policy
-Decision Values registry (<xref target="pol-decision-registry"/>).  <bcp14>MUST</bcp14> be
-present when "pol" is present.  Initial values are:
-</t>
-
-    <t><list style="symbols">
-      <t>"approved": The policy evaluation succeeded and the task
-was authorized to proceed.</t>
-      <t>"rejected": The policy evaluation failed.  A "rejected" ECT
-<bcp14>MUST</bcp14> still be recorded for accountability.  An ECT with
-"pol_decision" of "rejected" <bcp14>MAY</bcp14> appear as a parent in the
-"par" array of a subsequent ECT, but only for compensation,
-rollback, or remediation tasks.  Agents <bcp14>MUST NOT</bcp14> proceed
-with normal workflow execution based on a parent ECT whose
-"pol_decision" is "rejected".</t>
-      <t>"pending_human_review": The policy evaluation requires human
-judgment before proceeding.  Agents <bcp14>MUST NOT</bcp14> proceed with
-dependent tasks until a subsequent ECT from a human reviewer
-records an "approved" decision referencing this task as a
-parent.</t>
-    </list></t>
-
-    <t>When "pol" and "pol_decision" are absent, the ECT records task
-execution without a policy checkpoint.  Regulated deployments
-<bcp14>SHOULD</bcp14> include policy claims on all ECTs to maintain complete
-audit trails.</t>
-  </dd>
-  <dt>pol_enforcer:</dt>
-  <dd>
-    <t><bcp14>OPTIONAL</bcp14>.  StringOrURI.  The identity of the entity (system or
-person) that evaluated the policy decision.  When present,
-<bcp14>SHOULD</bcp14> use SPIFFE ID format.</t>
-  </dd>
-</dl>
-
-<t>This specification intentionally defines only the recording of
-policy evaluation outcomes.  The mechanisms by which policies are
-defined, distributed to agents, and evaluated are out of scope.
-The "pol" claim is an opaque identifier referencing an external
-policy; the semantics and enforcement of that policy are
-determined by the deployment environment.  Implementations may
-use any policy engine or framework (e.g., OPA/Rego, Cedar, XACML,
-or custom solutions) provided that the evaluation outcome is
-faithfully recorded in the ECT claims defined above.</t>
-
 </section>
 <section anchor="data-integrity-claims"><name>Data Integrity</name>
 
@@ -594,12 +526,11 @@ using the same format and algorithm requirements as "inp_hash".</t>
 </section>
 <section anchor="compensation-claims"><name>Compensation and Rollback</name>
 
-<t>Compensation and rollback actions are recorded using the "par"
-claim to reference the original task and the "exec_act" claim to
-describe the remediation action.  The referenced parent ECTs may
-have passed their own "exp" time; ECT expiration applies to the
-verification window of the ECT itself, not to its validity as a
-parent reference in the ECT store.</t>
+<t>Compensation and rollback extensions are defined in
+<xref target="I-D.nennemann-wimse-ect-policy-compensation"/>.  The referenced
+parent ECTs may have passed their own "exp" time; ECT expiration
+applies to the verification window of the ECT itself, not to its
+validity as a parent reference in the ECT store.</t>
 
 </section>
 <section anchor="extension-claims"><name>Extensions</name>
@@ -638,16 +569,11 @@ task.  Note: this is self-asserted; for verifiable witness
 attestation, witnesses should submit independent signed ECTs.</t>
   <t>"inp_classification": String.  Data sensitivity classification
 (e.g., "public", "confidential", "restricted").</t>
-  <t>"pol_timestamp": NumericDate.  Time at which the policy
-decision was made, if distinct from "iat".</t>
-  <t>"compensation_required": Boolean.  Indicates whether this task
-is a compensation or rollback action.</t>
-  <t>"compensation_reason": String.  Structured reason code for the
-compensation action (e.g., "policy_violation_in_parent_trade").
-<bcp14>SHOULD</bcp14> use structured identifiers rather than free-form text
-to minimize information leakage (see <xref target="data-minimization"/>).</t>
 </list></t>
 
+<t>Additional extension keys for policy evaluation and compensation
+are defined in <xref target="I-D.nennemann-wimse-ect-policy-compensation"/>.</t>
+
 </section>
 </section>
 <section anchor="complete-ect-example"><name>Complete ECT Example</name>
@@ -666,15 +592,10 @@ to minimize information leakage (see <xref target="data-minimization"/>).</t>
   "exec_act": "recommend_treatment",
   "par": [],
 
-  "pol": "clinical_reasoning_policy_v2",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://example.com/policy/clinical-engine",
-
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564",
 
   "ext": {
-    "pol_timestamp": 1772064145,
     "exec_time_ms": 245,
     "regulated_domain": "medtech",
     "model_version": "clinical-reasoning-v4.2"
@@ -763,14 +684,6 @@ ECT <bcp14>MUST</bcp14> be rejected.</t>
   <t>Acyclicity: Following the chain of parent references <bcp14>MUST NOT</bcp14>
 lead back to the current ECT's "jti".  If a cycle is detected,
 the ECT <bcp14>MUST</bcp14> be rejected.</t>
-  <t>Parent Policy Decision: If any parent ECT contains a
-"pol_decision" of "rejected" or "pending_human_review", the
-current ECT's "exec_act" <bcp14>MUST</bcp14> indicate a compensation,
-rollback, remediation, or human review action.
-Implementations <bcp14>MUST NOT</bcp14> accept an ECT representing normal
-workflow continuation when a parent's "pol_decision" is not
-"approved".  This rule only applies when the parent ECT
-contains policy claims.</t>
   <t>Trust Domain Consistency: Parent tasks <bcp14>SHOULD</bcp14> belong to the
 same trust domain or to a trust domain with which a federation
 relationship has been established.</t>
@@ -876,9 +789,6 @@ identity <bcp14>MUST</bcp14> appear in "aud".</t>
 verifier's current time, to account for clock skew).</t>
   <t>Verify all required claims ("jti", "exec_act", "par") are
 present and well-formed.</t>
-  <t>If "pol" or "pol_decision" is present, verify that both are
-present and that "pol_decision" is one of "approved",
-"rejected", or "pending_human_review".</t>
   <t>Perform DAG validation per <xref target="dag-validation"/>.</t>
   <t>If all checks pass and an audit ledger is deployed, the ECT
 <bcp14>SHOULD</bcp14> be appended to the ledger.</t>
@@ -956,14 +866,6 @@ function verify_ect(ect_jws, verifier_id,
     if claim not in payload:
       return reject("Missing required claim: " + claim)
 
-  // Validate policy claims (optional, but must be paired)
-  if "pol" in payload or "pol_decision" in payload:
-    if "pol" not in payload or "pol_decision" not in payload:
-      return reject("pol and pol_decision must both be present")
-    if payload.pol_decision not in
-       ["approved", "rejected", "pending_human_review"]:
-      return reject("Invalid pol_decision value")
-
   // Validate DAG (against ECT store or inline parent ECTs)
   result = validate_dag(payload, ect_store,
                          clock_skew_tolerance)
@@ -1031,28 +933,22 @@ software used in medical devices.</t>
 Agent A (Spec Reviewer):
   jti: task-001    par: []
   exec_act: review_requirements_spec
-  pol: spec_review_policy_v2     pol_decision: approved
 
 Agent B (Code Generator):
   jti: task-002    par: [task-001]
   exec_act: implement_module
-  pol: coding_standards_v3       pol_decision: approved
 
 Agent C (Test Agent):
   jti: task-003    par: [task-002]
   exec_act: execute_test_suite
-  pol: test_coverage_policy_v1   pol_decision: approved
 
 Agent D (Build Agent):
   jti: task-004    par: [task-003]
   exec_act: build_release_artifact
-  pol: build_validation_v2       pol_decision: approved
 
 Human Release Manager:
   jti: task-005    par: [task-004]
   exec_act: approve_release
-  pol: release_approval_policy   pol_decision: approved
-  pol_enforcer: spiffe://meddev.example/human/release-mgr-42
   ext: {witnessed_by: [...]}  (extension metadata)
 ]]></artwork></figure>
 
@@ -1090,7 +986,6 @@ task-005 (approve_release) [human, witnessed]
 
 <t><list style="symbols">
   <t>Each phase was executed by an identified and authenticated agent.</t>
-  <t>Policy checkpoints were evaluated at every phase transition.</t>
   <t>The execution sequence was maintained (no step was bypassed).</t>
   <t>A human-in-the-loop approved the final release, with independent
 witness attestation.</t>
@@ -1123,17 +1018,14 @@ execution.</t>
 Agent A (Risk Assessment):
   jti: task-001    par: []
   exec_act: calculate_risk_exposure
-  pol: risk_limits_policy_v2  pol_decision: approved
 
 Agent B (Compliance):
   jti: task-002    par: [task-001]
   exec_act: verify_compliance
-  pol: compliance_check_v1    pol_decision: approved
 
 Agent C (Execution):
   jti: task-003    par: [task-002]
   exec_act: execute_trade
-  pol: execution_policy_v3    pol_decision: approved
 ]]></artwork></figure>
 
 <t>This can contribute to compliance with:</t>
@@ -1149,33 +1041,10 @@ systems.</t>
 </section>
 <section anchor="compensation-and-rollback"><name>Compensation and Rollback</name>
 
-<t>When a compliance violation is discovered after execution, ECTs
-provide a mechanism to record authorized compensation actions with
-a cryptographic link to the original task:</t>
-
-<figure title="Compensation ECT Example" anchor="fig-compensation"><sourcecode type="json"><![CDATA[
-{
-  "iss": "spiffe://bank.example/agent/operations",
-  "aud": "spiffe://bank.example/system/ledger",
-  "iat": 1772150550,
-  "exp": 1772151150,
-  "jti": "550e8400-e29b-41d4-a716-446655440099",
-  "wid": "d3e4f5a6-b7c8-9012-def0-123456789012",
-  "exec_act": "initiate_trade_rollback",
-  "par": ["550e8400-e29b-41d4-a716-446655440003"],
-  "pol": "compensation_policy_v1",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://bank.example/human/compliance-officer",
-  "ext": {
-    "compensation_required": true,
-    "compensation_reason": "policy_violation_in_parent_trade"
-  }
-}
-]]></sourcecode></figure>
-
-<t>The "par" claim links the compensation action to the original
-trade, creating an auditable chain from execution through
-violation discovery to remediation.</t>
+<t>Compensation and rollback use cases are described in
+<xref target="I-D.nennemann-wimse-ect-policy-compensation"/>.  The core
+ECT mechanism supports compensation through the "par" claim,
+which links a remediation ECT to the original task.</t>
 
 </section>
 <section anchor="autonomous-logistics-coordination"><name>Autonomous Logistics Coordination</name>
@@ -1188,27 +1057,22 @@ required checks were completed:</t>
 Agent A (Route Planning):
   jti: task-001    par: []
   exec_act: plan_route
-  pol: route_policy_v1        pol_decision: approved
 
 Agent B (Customs):
   jti: task-002    par: [task-001]
   exec_act: validate_customs
-  pol: customs_policy_v2      pol_decision: approved
 
 Agent C (Safety):
   jti: task-003    par: [task-001]
   exec_act: verify_cargo_safety
-  pol: safety_policy_v1       pol_decision: approved
 
 Agent D (Payment):
   jti: task-004    par: [task-002, task-003]
   exec_act: authorize_payment
-  pol: payment_policy_v3      pol_decision: approved
 
 System (Commitment):
   jti: task-005    par: [task-004]
   exec_act: commit_shipment
-  pol: commitment_policy_v1   pol_decision: approved
 ]]></artwork></figure>
 
 <t>Note that tasks 002 and 003 both depend only on task-001 and can
@@ -1243,14 +1107,12 @@ to alter perceived execution ordering.</t>
 <t>ECTs are self-asserted by the executing agent.  The agent claims
 what it did, and this claim is signed with its private key.  A
 compromised or malicious agent could create ECTs with false claims
-(e.g., setting "pol_decision" to "approved" without actually
-evaluating the policy).</t>
+(e.g., claiming an action was performed when it was not).</t>
 
 <t>ECTs do not independently verify that:</t>
 
 <t><list style="symbols">
   <t>The claimed execution actually occurred as described</t>
-  <t>The policy evaluation was correctly performed</t>
   <t>The input/output hashes correspond to the actual data processed</t>
   <t>The agent faithfully performed the stated action</t>
 </list></t>
@@ -1284,8 +1146,6 @@ organizational controls are in place:</t>
 keys and how keys are protected.</t>
   <t>Ledger integrity governance: The ledger is maintained by an
 entity independent of the workflow agents.</t>
-  <t>Policy lifecycle management: Policy identifiers in ECTs map to
-actual, validated policy rules.</t>
   <t>Agent deployment governance: Agents are deployed and maintained
 in a manner that preserves their integrity.</t>
 </list></t>
@@ -1340,8 +1200,7 @@ transport security is already established.  HTTP Message Signatures
   <t>TLS/mTLS (transport layer): Prevents network-level tampering.</t>
   <t>WIT/WPT (WIMSE identity layer): Proves agent identity and
 request authorization.</t>
-  <t>ECT (execution accountability layer): Records what the agent did
-and under what policy.</t>
+  <t>ECT (execution accountability layer): Records what the agent did.</t>
 </list></t>
 
 </section>
@@ -1442,8 +1301,6 @@ serialized as JSON and <bcp14>SHOULD NOT</bcp14> exceed a nesting depth of
 <t><list style="symbols">
   <t>Agent identities ("iss", "aud") for accountability purposes</t>
   <t>Action descriptions ("exec_act") for audit trail completeness</t>
-  <t>Policy evaluation outcomes ("pol", "pol_decision") for
-compliance verification</t>
   <t>Timestamps ("iat", "exp") for temporal ordering</t>
 </list></t>
 
@@ -1463,12 +1320,8 @@ hashes via "inp_hash" and "out_hash")</t>
 <t>Implementations <bcp14>SHOULD</bcp14> minimize the information included in ECTs.
 The "exec_act" claim <bcp14>SHOULD</bcp14> use structured identifiers (e.g.,
 "process_payment") rather than natural language descriptions.
-The "pol" claim <bcp14>SHOULD</bcp14> reference policy identifiers rather than
-embedding policy content.</t>
-
-<t>The "compensation_reason" extension key in "ext"
-(<xref target="compensation-claims"/>) deserves particular attention: because
-it is human-readable, it risks exposing sensitive operational
+Extension keys in "ext" (<xref target="extension-claims"/>) deserve particular
+attention: human-readable values risk exposing sensitive operational
 details.  See <xref target="extension-claims"/> for guidance on using
 structured identifiers.</t>
 
@@ -1490,8 +1343,7 @@ general access to the data values is not needed.</t>
 
 <t>ECTs are designed for interpretation by qualified human auditors
 and regulators.  ECTs provide structural records of execution
-ordering and policy evaluation; they are not intended for public
-disclosure.</t>
+ordering; they are not intended for public disclosure.</t>
 
 </section>
 </section>
@@ -1615,18 +1467,6 @@ the "JSON Web Token Claims" registry maintained by IANA:</t>
       <c>Parent Task Identifiers</c>
       <c>IETF</c>
       <c><xref target="exec-claims"/></c>
-      <c>pol</c>
-      <c>Policy Rule Identifier</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
-      <c>pol_decision</c>
-      <c>Policy Decision Result</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
-      <c>pol_enforcer</c>
-      <c>Policy Enforcer Identity</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
       <c>inp_hash</c>
       <c>Input Data Hash</c>
       <c>IETF</c>
@@ -1641,33 +1481,9 @@ the "JSON Web Token Claims" registry maintained by IANA:</t>
       <c><xref target="extension-claims"/></c>
 </texttable>
 
-</section>
-<section anchor="pol-decision-registry"><name>ECT Policy Decision Values Registry</name>
-
-<t>This document establishes the "ECT Policy Decision Values"
-registry under the "JSON Web Token (JWT)" group.  Registration
-policy is Specification Required per <xref target="RFC8126"/>.</t>
-
-<t>The initial contents of the registry are:</t>
-
-<texttable title="ECT Policy Decision Values" anchor="_table-pol-decision">
-      <ttcol align='center'>Value</ttcol>
-      <ttcol align='left'>Description</ttcol>
-      <ttcol align='center'>Change Controller</ttcol>
-      <ttcol align='center'>Reference</ttcol>
-      <c>approved</c>
-      <c>Policy evaluation succeeded</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
-      <c>rejected</c>
-      <c>Policy evaluation failed</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
-      <c>pending_human_review</c>
-      <c>Awaiting human judgment</c>
-      <c>IETF</c>
-      <c><xref target="policy-claims"/></c>
-</texttable>
+<t>Policy evaluation claims and the ECT Policy Decision Values
+registry are defined in
+<xref target="I-D.nennemann-wimse-ect-policy-compensation"/>.</t>
 
 </section>
 </section>
@@ -1736,23 +1552,6 @@ policy is Specification Required per <xref target="RFC8126"/>.</t>
   <seriesInfo name="RFC" value="7518"/>
   <seriesInfo name="DOI" value="10.17487/RFC7518"/>
 </reference>
-<reference anchor="RFC8126">
-  <front>
-    <title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
-    <author fullname="M. Cotton" initials="M." surname="Cotton"/>
-    <author fullname="B. Leiba" initials="B." surname="Leiba"/>
-    <author fullname="T. Narten" initials="T." surname="Narten"/>
-    <date month="June" year="2017"/>
-    <abstract>
-      <t>Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
-      <t>To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t>
-      <t>This is the third edition of this document; it obsoletes RFC 5226.</t>
-    </abstract>
-  </front>
-  <seriesInfo name="BCP" value="26"/>
-  <seriesInfo name="RFC" value="8126"/>
-  <seriesInfo name="DOI" value="10.17487/RFC8126"/>
-</reference>
 <reference anchor="RFC9562">
   <front>
     <title>Universally Unique IDentifiers (UUIDs)</title>
@@ -1963,6 +1762,15 @@ been incorporated into this document. This document obsoletes RFC
    
 </reference>
 
+<reference anchor="I-D.nennemann-wimse-ect-policy-compensation" target="https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect-policy-compensation/">
+  <front>
+    <title>Policy Evaluation and Compensation Extensions for Execution Context Tokens</title>
+    <author fullname="Christian Nennemann">
+      <organization></organization>
+    </author>
+    <date />
+  </front>
+</reference>
 <reference anchor="SPIFFE" target="https://spiffe.io/docs/latest/spiffe-about/overview/">
   <front>
     <title>Secure Production Identity Framework for Everyone (SPIFFE)</title>
@@ -2128,7 +1936,7 @@ been incorporated into this document. This document obsoletes RFC
 </references>
 
 
-<?line 1546?>
+<?line 1395?>
 
 <section numbered="false" anchor="related-work"><name>Related Work</name>
 
@@ -2138,9 +1946,9 @@ been incorporated into this document. This document obsoletes RFC
 service protocol <xref target="I-D.ietf-wimse-s2s-protocol"/> provide the
 identity foundation upon which ECTs are built.  WIT/WPT answer
 "who is this agent?" and "does it control the claimed key?" while
-ECTs record "what did this agent do?" and "what policy was
-evaluated?"  Together they form an identity-plus-accountability
-framework for regulated agentic systems.</t>
+ECTs record "what did this agent do?"  Together they form an
+identity-plus-accountability framework for regulated agentic
+systems.</t>
 
 </section>
 <section numbered="false" anchor="oauth-20-token-exchange-and-the-act-claim"><name>OAuth 2.0 Token Exchange and the "act" Claim</name>
@@ -2152,16 +1960,14 @@ delegation chain: "who is acting on behalf of whom."  While
 the nesting superficially resembles a chain, it is strictly
 linear (each "act" object contains at most one nested "act"),
 represents authorization delegation rather than task execution,
-and carries no task identifiers, policy decisions, or
-input/output integrity data.  The "act" chain cannot represent
+and carries no task identifiers or input/output integrity data.  The "act" chain cannot represent
 branching (fan-out) or convergence (fan-in) and therefore
 cannot form a DAG.</t>
 
 <t>ECTs intentionally use the distinct claim name "exec_act" for the
 action/task type to avoid collision with the "act" claim.  The
 two concepts are orthogonal: "act" records "who authorized whom,"
-ECTs record "what was done, in what order, with what policy
-outcomes."</t>
+ECTs record "what was done, in what order."</t>
 
 </section>
 <section numbered="false" anchor="transaction-tokens"><name>Transaction Tokens</name>
@@ -2183,7 +1989,7 @@ the branching is invisible.</t>
 token from the Transaction Token Service appear in "req_wl";
 workloads that forward the token unchanged are not recorded.</t>
   <t>It carries no task-level granularity, no parent references,
-no policy evaluation outcomes, and no execution content.</t>
+and no execution content.</t>
 </list></t>
 
 <t>Extensions for agentic use cases
@@ -2195,7 +2001,7 @@ ordering or DAG structure.</t>
 propagates authorization context ("this request is authorized
 for scope X on behalf of user Y"), while an ECT records
 execution accountability ("task T was performed, depending on
-tasks P1 and P2, with policy Z evaluated and approved").  An
+tasks P1 and P2").  An
 agent request could carry both a Txn-Token for authorization
 and an ECT for execution recording.  The WPT "tth" claim
 defined in <xref target="I-D.ietf-wimse-s2s-protocol"/> can hash-bind a
@@ -2240,7 +2046,7 @@ identifier referenced in SCITT Signed Statements, linking a
 complete ECT audit trail to a supply chain transparency record.
 For example, in a regulated manufacturing workflow, each agent
 step produces an ECT (recording what was done, by whom, under
-what policy), while the overall workflow identified by "wid" is
+under what constraints), while the overall workflow identified by "wid" is
 registered as a SCITT Signed Statement on a Transparency Service.
 This enables auditors to verify both the individual execution
 steps (via ECT DAG validation) and the end-to-end supply chain
@@ -2254,7 +2060,7 @@ identifiers or Receipt references for tighter integration.</t>
 
 <t>W3C Verifiable Credentials represent claims about subjects (e.g.,
 identity, qualifications).  ECTs represent execution records of
-actions (what happened, in what order, under what policy).  While
+actions (what happened, in what order).  While
 both use JWT/JWS as a serialization format, their semantics and
 use cases are distinct.</t>
 
@@ -2268,8 +2074,7 @@ use cases are distinct.</t>
 
 <t><list style="numbers" type="1">
   <t>Create JWTs with all required claims ("iss", "aud", "iat",
-"exp", "jti", "exec_act", "par") and policy claims ("pol",
-"pol_decision") when policy evaluation was performed.</t>
+"exp", "jti", "exec_act", "par").</t>
   <t>Sign ECTs with the agent's private key using an algorithm
 matching the WIT (ES256 recommended).</t>
   <t>Verify ECT signatures against WIT public keys.</t>
@@ -2377,8 +2182,6 @@ Agent B:</t>
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "fetch_patient_data",
   "par": [],
-  "pol": "clinical_data_access_policy_v1",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -2396,9 +2199,7 @@ task, and creates its own ECT:</t>
   "jti": "550e8400-e29b-41d4-a716-446655440002",
   "wid": "b1c2d3e4-f5a6-7890-bcde-f01234567890",
   "exec_act": "validate_safety",
-  "par": ["550e8400-e29b-41d4-a716-446655440001"],
-  "pol": "safety_validation_policy_v2",
-  "pol_decision": "approved"
+  "par": ["550e8400-e29b-41d4-a716-446655440001"]
 }
 ]]></sourcecode></figure>
 
@@ -2429,8 +2230,6 @@ autonomous agents and human release approval:</t>
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "review_requirements_spec",
   "par": [],
-  "pol": "spec_review_policy_v2",
-  "pol_decision": "approved",
   "inp_hash": "sha-256:n4bQgYhMfWWaL-qgxVrQFaO_TxsrC4Is0V1sFbDwCgg",
   "out_hash": "sha-256:LCa0a2j_xo_5m0U8HTBBNBNCLXBkg7-g-YpeiGJm564"
 }
@@ -2447,9 +2246,7 @@ autonomous agents and human release approval:</t>
   "jti": "a1b2c3d4-0001-0000-0000-000000000002",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "implement_module",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000001"],
-  "pol": "coding_standards_v3",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000001"]
 }
 ]]></sourcecode></figure>
 
@@ -2464,9 +2261,7 @@ autonomous agents and human release approval:</t>
   "jti": "a1b2c3d4-0001-0000-0000-000000000003",
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "execute_test_suite",
-  "par": ["a1b2c3d4-0001-0000-0000-000000000002"],
-  "pol": "test_coverage_policy_v1",
-  "pol_decision": "approved"
+  "par": ["a1b2c3d4-0001-0000-0000-000000000002"]
 }
 ]]></sourcecode></figure>
 
@@ -2482,8 +2277,6 @@ autonomous agents and human release approval:</t>
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "build_release_artifact",
   "par": ["a1b2c3d4-0001-0000-0000-000000000003"],
-  "pol": "build_validation_v2",
-  "pol_decision": "approved",
   "out_hash": "sha-256:Ry1YfOoW2XpC5Mq8HkGzNx3dL9vBa4sUjE7iKt0wPZc"
 }
 ]]></sourcecode></figure>
@@ -2500,9 +2293,6 @@ autonomous agents and human release approval:</t>
   "wid": "c2d3e4f5-a6b7-8901-cdef-012345678901",
   "exec_act": "approve_release",
   "par": ["a1b2c3d4-0001-0000-0000-000000000004"],
-  "pol": "release_approval_policy",
-  "pol_decision": "approved",
-  "pol_enforcer": "spiffe://meddev.example/human/release-mgr-42",
   "ext": {
     "witnessed_by": [
       "spiffe://meddev.example/audit/qa-observer-1"
@@ -2571,9 +2361,7 @@ task-...-0004 (execute_trade)
   "par": [
     "f1e2d3c4-0002-0000-0000-000000000002",
     "f1e2d3c4-0003-0000-0000-000000000003"
-  ],
-  "pol": "trade_execution_policy_v3",
-  "pol_decision": "approved"
+  ]
 }
 ]]></sourcecode></figure>
 
@@ -2597,523 +2385,477 @@ tracing is built.</t>
   </back>
 
 <!-- ##markdown-source:
-H4sIAAAAAAAAA9W963bbVpYw+B9PgY/+EbKaoERZsh2mqvqTZTlW2rJVkhxX
-upKlBkmQREwCLACUzHbcax5iHmCeZR5lnmT29VwAULJT+THjldgSCZzLPvvs
-+yWKoqBKq2UyCjunH5PJpkrzLDzJsyr5WIXX+YckK8NZXoQv0rIq0vGmSqbh
-8TzJqnQSvs+LD7Nlfld2gng8LpJbGOT92fnVadgYqhNM4iqZ58V2FJbVNJjm
-kyxewazTIp5VUZZkWbKKsyy6S1dlEiX6fjTh96P9/aDcjFdpWcKn1XYNr56d
-Xr8Mss1qnBSjYArDjwJYweMgLpIYVnIFQxRpte0Ed7DOeZFv1rq+TvAh2cKn
-01EQhlFoZgtlNvoU31rm8TRMp7jdakufxrL3O907f7qZplVYFXG6pN8n+Wq9
-TONsktCvRTLfLGMEXbktq2RVBkG8qRZ5QfPD/2E42yyXDJGTRQGwhpfDNwoV
-eiIv5nGW/neMC4XNZ9NknWS4tPAyKZO4mCySgh6EV9LlKEyTava/DWAH0yQI
-srxYwfu3Cc57+fLk6dHwyP741P74rf3xmfz4bHjwRH789ujJgf44HO7jj2fR
-iwFOKOeHq2n5uDwoo3WRV/kkX46CIM1mtQU9PjrSkZ89+faxTnJ4MNTRslSn
-SCM6i0iPB5+4ujh7+fJ0RGBQtCY8SMKLIp9uJnTKZ/JG+LIAiONJEoqf3ibF
-Ns+SsMvD9Do8TlzMk2oULqpqXY729sp1OpslgzTfAyQu9/Bcy0o+jeJxvqn2
-chjpNk3u9mgAQs1wFi9LxIbTd9HxWXR8cu2v8pJRBJfXPX3XCw/2Dw73hk+e
-fRvms7BaJOHppsjXCWDFRVwAaq3w4ONsql+f5Jtski7DZbxNs3k4ze+ycBEX
-qzxLS8C7YrNMyhAGj4sqnaWTNF6GKeD6cpkCECew52P7xZn7xfGk2gGIZFNE
-y+TjIMGVxfDPXrJM9wDX98zinf3jZ9H+k2j4mD60+I9/IsTu0c496ubqoHiX
-AbxgiJcvjqOD4cnLy+HQh+o1/hseDPswxDTB918m06SAPVp4l32crgrh3fB0
-mUyqAmA2gQcmQCDK79zPrtJ5FleATWU7RO7u7gbJZFYM5vntHmBdARvYo7XA
-8vYmi3hdJUV0tgeUTH853lvD5NFw2IIqO6D0bnA1CF/m+ZRg86LYzMPj6SrN
-kELTjuDx87OXZy+iszMfHC/SAvYC1w1OY3i49+Ro7/TdV+IXoNAqLj4kVQn4
-E87SDIgcIxPMvsG3yrB7nsLs4dnZVyHONC32ZFke2gwBbY6i4dEfjzYv3l4e
-P3gLD/YOjo4Ocd/TdJ5WsFUYhOEMPwMqpMuULgqSEJzGwqQEYMOHXZzn99wh
-ntq/QwfREP47/OOBAXTp/MXlQ+AYPt17enhEWJBM0wlscprcppMED/3F5e/Y
-JA/oH/jTaB/P/I/f49uL0zfXp69Pz0+vL3/yt/oWmOl1skxWSVVsw6t1MkFq
-SHtv3xSMjGSSXzDcoIQXy70cvmij/Tu2c7LMN9PwDTFC2MNqDcII0PCXsJup
-XmjDSctJWlXEYNMK8AuIkcdoc5whAkKQlTFxu6giIU4f2vV9BOjLDBUeDaII
-ZJox0pNJFQTXi7QEjjKh6w0HDhgOB75TXOyenlyXvT6cCEhWFXyCO6hyOpL3
-KlQZHgxU5HyzrNLwikSj8DS7TYHaCiUhca0XuNulizZ1xNGGSIZjGpErSJwB
-B4DnsLgQhJBbkBvCEgh6Mu2HSLtocOCUTPcJh+LyQ2CFQ/g4KfrhOl+mk22Y
-3MbLDd8NYPkg8CVln5DQyn4wLKwgiCdFXpYBSytVzlDGx1abTFAM1vV8y9Ca
-4tGzFN0AViAQvkurRVNqDSfLGEQj3P0PV2/fhO+TMR9J2P3h/XUvYGGrD+cA
-x1m6GB4mWTxGAaEhqIZwbiBOZhX8HzhQcgReeGYRV2G5Wa/zonK3D1KQmWIQ
-EOA3ZRLGcHrIh3CYyXYC0AznRbxeAKE8/r5nzwLnLpI1kFiEFx2GyryTFKHN
-R3XPgYSwriSeLABnJymh4TqHvfA5ofgD81YJg3MHyA1Svz8DEG5KPB1E5BKo
-DqEPfrAC4WLJh19s11VO24FtrYt0leKtRsQ7DrPkLnh1fX0RLpIYUAk4RbKc
-9gNzkSK5SP0Q7xtdsymzFbyuCF2cjOAYL/NsXgIKA36itmBwhoc2iA66EMAb
-bs4iI2o93qRLwrDxMp98oJML5OQAoHCf4J4D3LK8CsdwN6syWc4Qv2CKCi5b
-3z1eBFsgGAOKXThTabocMAVZpdPpEtSORyhRGvEbfn8UnucAFqZtQF5+N10w
-U4afPrWoIJ8/600H1M7Hm7IyWh0pYEQ3GGWqBSiI88UDCEBnrI8EoFIAlTDf
-X1z3AOy0GzqKEpWASYJXXn4MVfkJGst1VSNYthLZRX5nllyGzprh4BGxc/ig
-CJnChHDAyxAES5DFQouputzI7Ag2EZhPaRMR0wkHOfEMX+V3yS2SvIYqTPiX
-WFyJp1O4pqWlSUD0JsC+qngM4lG1Bbj8R5bf4ZLuFnkIAhQSIyQAoJGwUmbG
-4lsd3CFRuYuR8WSAd/Sr3HT8NF4DGiLphutxt0gIDI7WXST/3ACRYWy5S+AW
-CHnAOWtEISSiAPu9NNTP5RmAiZMiiRGeyy28tF7mWzyJPMtX+aZk9sNEMJjk
-sHSQ/4CoyJm4WjveP+LpRUoUgfB7DQqKvUQWo8vw//k//k+ce7mhC/vpk9Ec
-P3/uw6+O0sMfqMwPvwWIp58+oeAJyIQDCUAcTtdnIo6E32V6uLMVMU6FT7SK
-P+AKcEzLdLplksAU9H5kNwDTIcWK4W3gGUuA5QqOCl7vDXYJEq6cEKqcQDfI
-Y/sEYEG0pKSn5vE6HCfVXQK424Kj7nqbCClTOFdKz/I7ZpF2UQIexkl4HtAg
-BfgBiaJPRDDA+epoarAOdn9cytqA7iP7EZq126KBx8p3WsxS8E5T2MmSZEp8
-egwcFw4MzxOXQoyzuIWpmRcEKvTEILsDlQB9cYWv6d2lPTv3htmix9CCuCw3
-BV4wJA9AxoF4wHSr8AoFHXwJz7gAxAB40fEgFIE/4W5FH8abW+Rw/5KSGbze
-OdlZIJIHSKHDe0/J51YiC5gTYmkbMAfgR8dFHBhoOHEEeKlDVkz4LC1FKk//
-O5l2aFQYkN43zzAawSKvQQoJ/94P4RYDwbngg/6pj4MCe8Nb8nZTgfwe/ueg
-EwQHMOmbHMVAvPRTB+4EFQFAuxDDNr9dggzTLAQrnCaSEZEqFS3geB7z5G1z
-eodKAFqm2Qein4DxzBCRSeASiny5HMcgK+jUNAJAa54iQWPqjehwqoJIPka8
-k4sGD+cgIpYbWDwSc0duR+0Cngde6OlllmkzOvMwJPQn4818rqQITVtAcXAE
-xgTCA33VF8QcvAUOzfOibhbj6eNpNyGiqgEOWsUAmCJKbulm8k3Hz0GuoKdw
-da4kxNJxOQGxukhzuStXE1AZ6dVj5F0TAdAOqohKGMkSO9Qs0rJ6Icv0YffT
-J6CSEf/2+XMP3gVZ2hGlSYpE3DUS9JbJFgIC3p7G8whQL2V9k0cQ7IabOvnA
-6Ma4Kq8wxkasdPAbZyJS42qJelhSbqiyYXCAXTAKk77UvsgjHXvCCJtnT66t
-IIyvoiYe8QPyEoEdeM4cXsEhi1k8SUJPFoD3+IHIPIAvkxA6A1RnIQXFZrh7
-yA9Lc2z4IVylKTI1EI5pX3RMRmasyZSkZei+CTHx/iDCRuF/EBORy6APr+IM
-rjHRUTj8AuXVaY7qV5iUyGjTcmFsHd6zJ8DPcR64kMt0lqBWlbhPIP5dJmLv
-XKRrvMKXFl9PrOAUtKoNDsNAAjsBlt2i78EW4RBXZTCW7RKquBLHrmvm8Gnh
-tarAyLWGEQG0gCpLpN1WIanrIwCabatOAlgwAzEQniPWW7l3Du7nSW0YIrbO
-K4W1hAk61UW7AJk0EMtSLASkoQIU4G00GPdDe72YgMzRS5DRlCsQL/GhYJxs
-c/iKFEzCO7Jk1dV10TKcbZqVlkF9c3SWiOtw66ekzrPqldAsTMG8K9IPiOTl
-bE7gA08BOvStUUCRS5QgyJAgViYOgIgXuEYWJpsT2gyN6Z63pUIksxBNCSwX
-5K1uFQ1S6/UC3CH7wpZXiJuRwR2TjREA8gmJH1PiQUk5gWuH+GhebUxM0htg
-IhoqSMkwjzKjncWAJui02zraDHwdkM1nKnxRTqrCqwxYCAeToagFgEBqJvYa
-3hJ5Z3CAlocJH8TWwNPHgiVMOJG+8GPBGGQrpJispxACOMoMciLkI7d4lMjK
-yYOAHCel35kOfgCA35E+0Dl/d3Xd6fO/4Zu39PPl6d/enV2evsCfr14dv35t
-fgjkiatXb9+9fmF/sm+evD0/P33zgl+GT0Pvo6BzfvxTh69H5+3F9dnbN8ev
-O437SijNAi8RcZB0CeRlYI4W33l+cvF//1/DQxCz/9fly5OD4fBbEC34l2fD
-p4fwCyiOchnzDA6SfyXpEYTUJC5IvkL5O16j5R8NfID5C/KtwX0DaP7pHwiZ
-X0bhn8eT9fDwr/IBbtj7UGHmfUgwa37SeJmB2PJRyzQGmt7nNUj76z3+yftd
-4e58+Od/B/kwCaPhs3//a1DnlXAAK+YYm7KFuAKHJCl6FIyQqzuKs2psfb6U
-bO5SxgrSwQ6TjtxaEclLEmvYJErSsCMBo7BO0yKnnSCSgNyeEle30rJwNED+
-DQraaQbSeykKFMr0CXr4cxLqkbK9UNPlsZguv7emS56LbZlW9DImTALWLhns
-DhEKZkLZhKFpjaQkbYbE1EWfInH7HrmQV1KzAn/6JM59Y1+aMl9tmINJ1Q6N
-VYAWbYkqa/alQ7DbbK+o8JI89prELT3+NW49wusG+vNqtWH7wzKf06nAXSPW
-0ThNABQsqEzo8Izu22eUQ+mwIX37pnh42bdGByLdnhjplmHm6FVmbjob+GDn
-ZkGLMOCC9ejqM9wMTLXDpsgmRZ6WheSJFeOIeSK5N9fkm9IKkwY+xCxgbhYT
-3bkc4yTbJt2J1mT0g//WORpTxPKCjzoA/ecGpM5omdwmGNTiy7Z4u0g+fUET
-e5vIAd7rysf7ONthCduK2Ianu4iRQ5tNpqC0oV2FuDBI/ewaQYuFxHkARvMP
-nz/D65UjLyMg0grZJ68MoFVMI/S0w/Hx6HTtWVVNGJfjCiM5SjVBWZE0JNyk
-a9B3BNt4Ok1lMzXjEnJZBsaxa8Fy1aNPj5qaD4np/J7j+wuu2+1huyzergL5
-gDWbYED2kHY8g537mKbqSLdzFsYrDgQL/0403/36p07PnbxpJ3dndlBQRJ11
-QQIqzI6SCOju+SQloYpRhaw4uAKRuOkdfBLRVpZECyD7arTI13XF7DaNWaa6
-x0Lfwn98G32dD7pSp4sNYqBDkk70iORoRPwqD6x+7KuZjk2difQOCzwd8qXR
-ysn6JdYxa/vKjS6eFp4lDQ085qjdcb7AowZQRQiLa9DX8xxQqOU0Cl+nGVmR
-PSMT0hm1L4klybMuEW+na3FqjLHn6GwTFYM9pgJCABNeSaY2O09jGW+TIlCr
-McnQClL6yojWMVtpaAz6BoD9P//zP4CPkzSFy1YF/xZ99Z9/C35Tm+Zrmq2r
-N7MX7vzzG76Er12PQv/idTnsbLS3V0336OD3PvY67jsX/A5ftfuvDL70u7a0
-c9k7vrj93ZBDrUngZuWfY++Ae+E/yKCGIRy/CBTgNQwGs2IM6n6uLxk0cNDy
-fHDzH/8qkMNJeL6y+46+9f9x2L1dM7Maha5cBghopDAmAD2zBAJDhy4aKAmo
-brH4xnYEdN05BrfOvwIFuFfBp1H4aJbOI7prJQfm/MXEE+vt9xgqoULZ+Sw2
-VNdhs1EfkZBX11PfF7pRhj+8Vy1cXPvGVI/fyHhCOBzxuS8WOCZ+pWgsIviU
-jtPO5YosZNQI+SxlV+ujR550cIFSaAlCgiMeRCSalrDZYxIsbQBD+bCx1fi3
-0UZgeZax6zn2Zhj5h7cmkiDsfEgBxUF0gpFA1QtJvTX2JubXmzFcEmHXdl8w
-e76yJpNvEE4oDqOdWBZqrRRln0O2YPYOCH4dsT6JnothI2Z7KJU0oWhM4UY6
-PHvhCIi9gbtB2sRY438s+CiqQ8SPmvAhslDrfnRYY6NZzoGFVYtV2PVACZ87
-oOzRMmBcWPZEBjYvWl06qQnAPOl74OJ0BYl4r+IP7Eglo7mI7nxJJUJgTo4L
-PP1GuIkuL8UIgqJA56QJL6khVCDBAQ1WSPNeyrx07uo6g0Xwj88xBK0RjDBC
-qvFnlOgsKzr+K8Yj1pfJTyKYC1/gQfV++lePhjiuAUNJaImveKtXFUgcMACS
-DoZkq7Qqwip6CG9B5SUiuQbp4QHJsK8ymGAv0wMQNKrAApbR+ZqIAqqJzNxc
-JdU6N5lVBWwgZMeu2FNj5PDfmauTlm0m0hQXHqjQSz5QurGI4QMWYwGkSXpr
-7YtdObOejECWEbZWGMfstYThsHTUG4U/6qNyjC0aKyIgnqOnrJGY4m29H6Yz
-2Sdg7VoSGx4A+4AdrgiHru/Ah7VJOLdgjOAmefFrLntOobDs3nr1EUZTDUWz
-hhj0syovhVUzSUumMOfxmg27CHUB45TdWKxhEvuk+ZiFkt64y67zksnbp0eO
-o49ZwY4XEGtbAwFdThYIBYy9h02cO75wZV84AvXSBhahzwTjQ69ga/FSNHsA
-BrzCQ3lfhGoXRbprrAwoXDD7I0Ip1/PTo19zOF7x7TGG1vkSDYfibCxU0nI1
-Q2GFTv1aghr9CQBNBBgzna4Ojp50+vhJtV3jJzbt6N9+vav4K2R88BXHZMQR
-XJYonUbDg8ed4LNPbXhFQmfMQmUzpx9j1PqQ1MD0aI9QY7B4BzSuvDRQr7EB
-QBfy0sgtH2B8P+6+jW/sZhlheGa0T9a0aBD14xFMzEk/g+vEqyOYofkMbkTi
-HWInAw20A49dbVcYBY1+dl0H6PnJYD7oh69wWATnq6vHzw7x96PhQa+BDGQD
-JklTA5XiUkdF05BJvCCsgYmjIlnD9VFjFBxjDbKGxSfECOsnjJ9NOWBhk5YL
-jpAJmXUxy0QJEBPNyj5Zh+FZExRjJa2J8aVQDEBIbzjSEkENMRyQqeXoawKT
-ilV6wyyZpoXh8L70Yc7rKZ3XO7EWCLEpSJle5vmHcLMW0isuLW9ogKjFvZqZ
-FG8mAOKEXVVwMe8qdfnbe7mOt8Q65TqW4TjXiNoI9X0YDFmnJ1yL2O0HldUi
-me+1UtPiHiErt4PyMuuWmZZ5PWO4ooqGGqdZgHGPW9IbgyBlK6JzdFcV2uzf
-Fu8uzyisCP7VY9zq2bH1Ut1yofD4XZJvaoSFMYsG1hpn0tpQoDW0jpjBfxn1
-/8/EUCNmqH/d+zOAfPHX/+qrcKmL6pSbsYrWYmxzZVkMGMoiFbKdJZL+h0I4
-Xw3cbzlZJGgQ0nsO0tUVfPG6ZFP9u8s3o3fvcMVWz0EZHHjebmCiPQgk0Ji8
-mT6QrxfWi8229nSdwsjdsmfSPQjCz5NJjCtlLzVad5G0EEKSs5ADpRAwSVnG
-c7X9kiYr1ipWRTrwWU0NcdiNMZ3xPRPnBQk77BTH6NUUPjJO6sSgALy7xsyK
-lPSnFK0PMWZowOd/gv/+RNofGiXZGQEaa4ro+Kc/jchFKY4FZPCErkyzMhas
-RH4jKzmFrCZhhjdKFADZlN7TyhgMv2HBp2loNMEGvoBoxEIVPTVeDHHzLkZR
-K61U0JGQHLjg42QRL2d6YnxHBmbj7FzDncsbNuW3bfP4ZcWqGfxhf9ly60lX
-OrVgaTxDohyHv+YkzYZxZXdNrh620CJ56bUAS3fiCLZ28WxtxllROK+vd4Xy
-7tiRA4GmEVKqROwckzFBmlAmR6TXZSnRijM5d7o3sliK8CeUd3CUYcBP//yP
-jqEdCQsoA9i72BBxKR15sv05DtLcE9PPz79g5Psp2oWV9XDYmCAVx5AAGUHP
-ubVgk4+9VJpGGyBwApHkmEbgo6SM4HH1bDydccg53lQKn3CZ+EqDq2UQVsn4
-auN4FpUxupvCSjFBA8dwVX15m2Y6e0GL7cBnHSMd4VlolI59n+5mRbbnQt1W
-OBzn4cZjtMaOY2TXGGpC29GLhFQDRhgnevHhIQoFr2rqnd4iXgNLGqGhTrJw
-EbBBUKqR3TebFRzV5AVsXaNU0lWC9v27RSpiJS0HqCfd0ymKkMrx1TUc640x
-IS/9sOStdmBOWRYKNphFi4dDl6JaJCZiF+Ns6AQk2JIf8F3O42QeI8NPPtbF
-vOY24JlUzGi0I4c7tMjAQtlJSsQjhHM6wr+GR+EqzSjAgIkGbQclMJCoMKtH
-9rAG5ReOLJuSnzjF2GsVO9iLGoPyQYaDCWbcoCz7AbBE4gsm6PhC7ICFiibu
-CSudbDzrhN03AJbnCYyX9IQhcdiqsRIR4o9dzifQrZ9OaVxMFI6GLvgEpehk
-uQ02oC7QUaPDHFbza5W2smoSeebLfEzupU2W/nOT1AxxLmkT5kDwomN1GS2s
-naQEEWhIKsPyAiTOXqXsuSeHE2OdiGiofcdE7DENhR2zHVhvJ1R/bukugV3b
-zhK7fDZ0eNMEzclI8WvLNI9jpCrVwDj+Xq+VDbgzFAFJ4CVxSSS2Yib9FYYO
-JJTxbgFKrSxzgQr3ErBjCmwAHVEl5TAYI4mDxUSNEL/QToJ3A1QZuO9paQ0k
-fAYULYaEB12JU6E4gWVu3/HVMq/H48bbylQSrMwwIc5qDloSWpQulFVOEVCP
-HrXZLD49wsvrawpWIBcZnKJc7hPxQSS6Y71Jg5J8JDRs2zla4jVU7QMvwVJM
-t3QAIEw5YpEJFBKwGmgazkqoSY5gi5UBRRfeAPLtuhu4Vclp0qBrUgqdNUqY
-GkYChyZlQbiRjSYUmaUjdOIGtCwkXGyckGjS5KaMZ0m1xXC6SbycUC7FzTRH
-yZYwEkhHMmLQKuVA9oSSNLuD4GSx7sg07OjGOiEg3oJBCehCnyDgbvN0Shrk
-csk5CIZJ8jPdY0x3VwpVJHNUmQs6WwUiFvUgIMKFqcHvWOX+kgCJAcAXDu91
-BBkS/53YEryWrjNPRZGECb05T1op3j5jzSADKox0m+ab0lhLEzXIHmdhslqj
-pEJrg0vICSgYDRMWeS5LIzBkeX0NDnqi9iSSGSoeJu1LhyjlHklM0qn1u396
-5IfZ77hJD2bCwk1aY82V9pt0vfDQU8MweDQUWUSfIeuoTaTjigepBIgZ8bIz
-WaYUNn6DGRaAUYy9NNrN7ZDQsq5yI2XCV+GpG000cWncgNZvvrpvI/ACALi2
-CS+i+D1P1rjwyEvkNZGmHCROjf1NjgkLSGg2zo/u48VW0iMik0GnX6Afymze
-LkEIM7zi7Rkl4ZSiwWQ5MSb7s77RoTSq2wRNlNdt+8SUm0mSTCWAUNma6Dux
-m/SEt5uIDKWp8fDMuu4ZfkbZfYTn9mGRfkPZY1mhBjy2vnLODaxn4ok/k/KJ
-Wefw0QDOxJkCL5OE55LVWjiy41xgfmwtCTGqiiU6p1gg5kRnCvnF9bgRKaL0
-aFAKRX5jXLxYGuW2huxBKK0ZU8An0GWCABLN0tIAR5hVuT92hHSWDlq3Dxhh
-t28OaM2lAm4Wm1Wc3SANS+52HpbJWaCneZZfN9M50ccxSZa6BeGt7ftzzsiq
-IewOgRNNlw1Qsy4W87whr1K8OVaHyBxsthluvjFUqQweOb/OsCN4vLfXh0LH
-ffhRMovIOlVNf5ErYQ8HN4iZPyba06Y/kXyn2YqOcQwNdL6jT19l4pxnNrDV
-KadgZHMKrrTlFITUiQhWtJI6zyqm+rSQLvmtyyo6W+NAqChRwOXIaUPAHQKp
-4KpLQ3ZzqFpYQyQL7JrT64cP+9KFpvnSfbOKH2UKzoJ7Aoh5ezZEgeLgSDfV
-BBs82kAkyL6fW5gbhZ8szDb5u5bZNSCGyrhjVCuMVl3HNbXGxUdJWS4w74d3
-8J0EFAKaV+mE1Sw5wpXR1a2jkReOofNW+k12JW00tdZVDOoaltLItua2Z3OM
-0c8LJ+hDJMi3F8d7gLl5PzxJQLXsh38/Pjl/3Q+Q9m1Ajl+Byr4k9C97mrUz
-tQkv7fHOTgKMoe4Oj6xZ8MniIVLOC8y7PDOJK58eoZgQmUyWB0QdzSqymS+e
-z1wTHQMnkF+i983dBjKUgPgsNnFOA6VKF1STbn0Dytlit9LhZ5bis8aciVPS
-eHht+IZwYkrYweci4x4bIQ94crgplhFgVA6wi/CBjiNElYs4Ojh6MsoOx3+b
-/7Q4n71/H7+O/jn/+GPxt5fx259vrj+WxcnhWbn/47B8OX5xdzKfd6QABbxP
-63LcghaPrXoDgE2KCaxExGGN10EzyfGb4/AN6QVnWqUPoPsKRz02o14aeUdU
-FVl0x+zg8bPDjnx+NDyg9d3rhTQjIFGEo3Noj/kKWM0SldUYVYU8Qwups1FW
-D4jdTXfNhhwNxdJ1VYMTGaiS+IMqP1evjnFK3d/5i6M+fTbUSh/0upXnJlS8
-Cbn7bcLVwIr4LsyBc1dlE0vgPgA6/m50Y7Q2+FarTSMWFTL3GOh4qbCIloru
-HbmbJ7UU8PBSw3M/PXLlJHtJG280AnrjwhEA7SpJSAskyTCvhZR5EcBGgHVU
-VH3PpHwJa7GimpeB56RyOoZRoqOLGIPQY4q0rihGGq3UMNW6Q3a574ieOVZF
-Lj2ieQKBR37EEmhtjkJZJI88Jys46e5kAUdhpm5Rcqmob2SRaJaSrCvyiz0I
-DJHysejtGIVGUWRNbGROn3JCPbkLI+XeiMBMZDno6D7na+NmBWLml0xNKpBA
-tkxnahmd7ks6z3K2eq9QihD7AjmkjYWhNNU9puiDIDhJMGXfqS2G76ANo3TJ
-BRL5okw0JQHWJIXsmMJ2AJsHxqNBXPCG6jF1esbY0bKQwA+vmmJyDFnbzGpI
-bsnJqkBuhzHzacxKJWvvbSLmyBJUr76mIVCcDAxDcTPGuiFMdxYI8gPey+nZ
-/L8Qx4U3D/e/fQJnVWkZMnwFRwtA9iIzCawb1BLHxPjAgEcBpf6ULURUHmal
-xDNu0pB0zAEPo/nBZDMvB82kCcUNOMQvsAgGorCtckpVCpF7lY7XlyezY0kS
-IgyHPpY+AnJLL5YLZDeMNa5c4KAMHMIs/SiZNER6fr5BgvDzzarsjFiCSYqB
-E6oYTjeFisDhKkXkAbqXTWHfEepwojz8fMMzwCCG0DvZ+JpjY0QBoGmYio+M
-lItLJvjjCtXnuNgCU8XRKbL55xvcAWo9ztDHZ3vnr6VGmXxNb9xxhhSuZ7yF
-F47bPe9nnpubrnktmco4vJ24B9V9OMFqqoZ4oOa+UZIcZctZhPS3ANh8R4TJ
-hi2GskqUByg/S+IDdfGUj7tZTsUb7PnHJLaNXWARMbufb2BhcAtNbUcHTiSX
-loiOVXqL5Nl/FL0AapGl4BmyuebZLJWcPfwd7i2GLKGmzscC0jljTYlFRGC6
-msOq4XNbq3HJKMJorFnF04SCIjlmaSJef3JK0Twuc/75RgUgmO95ni+TmAi2
-2i9NwSyjVrPHMn4oOad1JnRwuWC8cmsp4pchCrhaHlWEJCsxTByqTOCC3QMa
-p/lSZkjhf+aRAMgC4ICQ9bRSJ/PI9Xe7VuxZkSQUNRlKfW9UxNMMiNJ/I8O1
-Ei7A6gNojlreilQTeVDLk3BU1Ilo78SnJcavTt1S10HqRUoJ56nHJ2Lk+2iH
-y51d82pbZREbPb/3P6/uARodkGUUDp8+Pdh/cjg82qcPUc4xHz6VD9FKDuMe
-He0nzw7396Pk4NtxdDicHkbx0+GT6PDwyZOjo0P4Zn8IQ+MbdxIsuT8eTg6m
-j6PkcHYUPXn67NsoHk+mUTLbHx48PjzCTzoyr4hyI7w1SNLh1sIBJ3FlvRwo
-Io7Cf/zCc6CSPnLMy4xeaART4/KBvObaf0aOdcl8q9aVndDjEQ24I1avZbNG
-ah49qKe1qmm0DBX93UFen8T78cGvNx/zm6PV/rtnr66fP3/z/M3J678//zB/
-Gs2jn9ZJ+v0Pq6Mnh7IUZLij8FNg7IYurdGjPjxiuyYDHZ9gFnZgvjC8ybIm
-y3b4EWIgDn8x5xCZc4huDwcHqLp9rkXIop0gQllBYmS9y3Mhd8IJlH0UutH6
-16bqz6dHbtEfSQyspzPIWy9Rmmu1T6lFiqTs5uv1Cp0B+/+Gw30pbtcsx6li
-KtucRMpxxxANO7X+U6zS+v5Kg6j9WOnAdYdz3LXoMTyMxKOKSon11p7X7Qmo
-VlTIWzEWtWJxag1z5NOw2xmAkDtZxBiDxulHx5pIUkoB2nhnEokaOcv7k0nq
-iQ5ucVWT/CHpJEwFg+9Pr8O9eJ0KzYrI8krHsTccDINXeVmNQvmOljJwLmzQ
-klmSbH9YjL+fpIPBAKMbB4Pmcr2H0OsHDzUSSWQaL5FEc13I1o/nyVhnEkrq
-4UdsJKf0SzJRmlBX1yUtMO8H5u2d8GWsWhIeS3KeHMy0TwETAebybPksFQse
-RDxr1pWsmEICGjRYBVMlH1obhnVUASt5gE236ZQTkSUS0kRzrMVEYookYeDt
-p0+uPk14fzYjO6fAiJwKVH/CTxhBbDSrdaIvjE28MPCVuyTVJNTpG9RDvSTg
-AW33MvBUY2tMGEq1SKwdXwaUcbz8Ups/pGXiawGV35SB7zmhZBB0bf9o6kaR
-qdSr00YU8K10m5CcaJJy4vC+QiUScUYnQeKfG84Cu/JwVvOG2KlGcj0BEMmq
-Cl5aW5LknV01vsRJDRBqVn/qB1SCmsCBvpC8MMURM57FA7V1q6Gqy4gVkAqi
-ki9qbyACAMqKQVjKwBpDlHi9jLYQqCMeYW5BTP5YW652jraHyrfPUHRekjKJ
-zAIv7lQO28cMDdBilEozvMUsVDpnfYmRgnIPHVwx2xU3BLkz0zYjp6w6qDyR
-tLa7skrWWmrzmhEfq+VLPBC7EzliiQ1uajyWqK9aVpekzFOsP9Uz6Gooux+l
-Q9yIREYprcWvyy21gAV9pxat1FN6YDzGxuLJUgqtVSOruOKl9frp6tWbKhlj
-EmdCBSzxEoy4FUw98ASobVlZLwfbL23orSQkad4NE3YO/6HwV5cIWBMfDcC7
-7QoOOQEpdc+KxSpFH3qfUYjd4SaGxSJbzxJRl8ZJ6UuO2d5k03vhhFlu18kK
-pJ54Gb6VWyv44QR64uUm2LkTSZprqAk/cwr3FM2sHioqplOtFksDrJcbdfuS
-wj3fFDakkgMqK9ByqcJn2HUKXY3Cx/uh2GBIa0TCRYfRJ0JMFJCXOgr/SzzK
-sJjwzyAfpcsp/cxJ+jTXDc51Y+b6L42cNZNLbAOnKdnl0Qi+kPgdxkGaDM/5
-Bhg0MFFSZtMJlljclNhrRCDNp0T+GZXvuQg8GhFO/Gc5hCRdxUW63LqhfKH6
-Gf3aoF05q0Txv2GB7vWlCCMNYlfQjlesuydSUZgJeJxq+jGOsAPHDtFYxdyK
-5LeXtsYYYgQWNneoqMOz1KkTcC4l6BJktJCYa0UlmPWbkimELJxranG1/YpW
-wbrOPffgyNILidbSIKBRDRbkBdXcgdgqaLviWgBh2oM6LNxqO7HeECNsTaj0
-eEtIi41ocXwkRH3d0Axj58FXHnKdCRH2YvE46iWo5VTgd1pWkeVKhhFuohHr
-YoovG61dxQ2KRKMwAnXBmGByC3OlEgx3LxIDju8J1f+1haswYJVT+yaAcBeu
-3GPysVCTsdG0IbvXvHpHyMPyeo0kYk5s14vDGbWdEjNiyIGpqdRixVhgigE2
-RV4J0x41xD/jeK3bmdZlspnmZGZTd1hpLrrD7Y2kLfn79r1gtsnYEmcCS0HU
-7FLxS/jrhshAv5UI9jCvf28vvAJRIhyOHPGBY2fQtjizgwz0bHDwAVxGmmAA
-bL43EtgAVQJgFEVedCmbFmQSn6N3eoEz54E5OEvByAOi7MohokiWGVduUuKq
-ODcFo9qQovAvzmrnSdU1L/SY2xoShNi6WS61nY+/cjd6Fakn8dhR2An/Ldw1
-ILGbv9L0zHlaAf5l0yXYGkmZrBAOH26PR+EJ0T8TAR92WaIqYjTzUDHhVVrh
-IrF0Mco+f0FRttsjHzuFWf4F0feG6Kh/oGsMNHFQR0aQALvGn1X88YYKdMPT
-N2ZagIzMg+n8uFGWffQjuHBJG9acpAWGQhd+qUVxgXH6Brun0E4fBOZ1ipks
-Qew218HujhtA3dAGzQGW7h7btqbbpg3S/ITmsDH5ZoB+wG4Pj9080ral8/hj
-utqAZidAqp+Su6EWPLcrHvk4h9//5S+h3V0NvRDEzTfSTNevjwuV52d1b/F0
-Wr89v+eOATr796yBes3DqSPgDrzbcUby9JfjnwMx/toiFXf/cq1KvhavdqUa
-tb8wxLkjsVCT2m0VDBBabxCDC5BicDk3O0G+5YrT36iCryF2rFV/5JqL4dvu
-j2og+FEMltJllWJpdZYsp646KEGzXUOL/bRO5VgYYNKXiL7bNZUWt40siPaU
-C8qfQs6lidFpGSQzbE3JsXCOcx0udhovsY6llu9DY0XysUIZh9zzQObyApNI
-EhmxrioLlxcpGbsp1O5ZUL9nvn4x3Ic/DAxRs0hPoydh4QQfa22on6DaMxwd
-1YgdgZE6dzrgJzh4Y1DGv5Jc5W3JDSzemCCHAiSCbBpnlaUolI/gVAFBbsoF
-RH50g10+PfJsdWzBcB+4UHmjXq9ItNfSWjAqz2gRekYLP8SGTBb1ajTA/aRE
-1G7bJuwYUSMWW5JTTKQvlGkr5Yhhu7YgAp4R6Fmo1KHF0rXJs/ngx1oZcqop
-onZaWwoCw7hrRShEr24MQHWi2gZASshlN7i5AOfXUrXIsGxW4RCdyoyfSDWv
-xtCOLhWHH7L8LpN69QwYvwyFVOB0IklqpVePKJ4BlpLcugXC/GoXbAOi5Vij
-lp4gy9nmCGpwh3NlTD8aHIhMXwehVuLaNSXK3KTSJolK5LeA4NOdu9qhDqmE
-yzojzPZNSUMZXIUNuM243DHh0Q/SqMZp2mA6LYhLfJJwY15U7JyR0RbVD9+e
-XF0w8sJdl+BsnmK8wUYV4WaNsjxVXnhaw4R2JKNyEcpRalVlRLVqFiN7Vhva
-KeDmjtdSfQLeZxNarcirxVWvVNW39T3YEg1emr5moX/DKeem6RvxdFvYgPMG
-aBCO+iZLXl9SrcuNch2DVyzc2MEbuexxSVlEknr2nfg3TL0uPiq2FEuhAM3t
-MaYgDmTyg5rjdLnBQEB8/b3qvCbVXryKruG575gLGQje3hl5bZF7ggHAd7g/
-8OBLQZASFm+iR5RT6R2i0EhSWYdD/3Uy6/kJy5nJiAZiwpOz/l6y1t/1GbSJ
-TSQ/Z7nIl0CfHQZs2LXA1qZt94RC3jvtbEPeC5rYY+sZ9sngpmOZY0MMY7ww
-tqiLhwxG8ElXGNiXqzGwZgvEuzg8MIBi95I4LSRqqktGqr5j4elLjjElDhBN
-lswxKk+WLJcReyhwbGApIIZwSgMZlXbk1PW9BhqULt02On3bHESS5fzYCjdx
-rL/booWrBMZ0Icy+bqUgal/vSITvHNHOuMshVpegsF0OcfaLkbJJjwuxGdGK
-1mer7Li1TO1lgWnEjNcQOtjtuNtKrmGXgVxX88Ayn881940Wud4U65wDF09J
-qdBaNIEThslZCiZWy1yEupvSNFgjf7yabPuc1MdyshvghK0QlnlJ5ISlskbd
-QXavgtyGFN6rKGlLFrgOV1tKwwSGsguESDkNcLj/OOyC2D9Op0CCeqhY4fso
-R6QSEE1JeSY6AiU8+pjFMRlkGHTfZTZxUccxxTebJax4M5IWwesC6jrOp9t6
-0lYcwhYwNE8UPSF42F+S40MDmzfCZj1zJO2oQpL7tevq5R7Ataw6yakXEJtK
-DWzbrJ9NMJMUsYaobU15u017dN1vAFnRVHPzKzZQUPoFmvcOFZnkCQkLusHI
-WkerVtsfi98suHVFprbytDmZHujsa3wU59Y1qE1K6CG/zSYS/nkA8nT4v/7S
-kJ49Kwlfwm7njLEG1Usr1bCNxw4Igg3aPESSxrMub4z43LUP9VqnAK1mkY7J
-HGYkJGNZey3V1qzYEqgAjcADADTgSfYPmfQDG0DQ/GHf8cyMtcW8y0hcr1WS
-69SAak6Ax0aWKMgAB3Bjvm0c3T1Gk9AT0fvOetuhpgdjXqmvkaL4qZMjSeK8
-UjgY+PxGPnOg1G/CsX3eK0cTMJZ2Ga++BCvwwlLnlHwXUDovHBual+CnG6Ck
-OFvzwBzcAmSFRwdU7rFlSTaBagWCPhVxlBbU1/UVSTS1StFIL0GIlqoiZCSj
-gxrAczorfN9+ADyUkTN5YmfEBjREQhVzpSUU0orLTE413VpmROLFj0r3MVMw
-wJRvq8/pyJP+BuFDdMqyiEUhjN3281bJVEZpADTG0GmQJMlB0eWsnDwkuVK2
-ZQXDXg3I7Bj21hBGbLqeJzdGQt25Lq6jRBOSUyme552WOf5an+M+P8Duabyt
-1OFQEznFZKyifviPXRLoL8Z8zM/6qFCzHeuizlMuc+RPyr4Q+tEsTpxPtQzq
-bi616zlzX2uprWMcTAAo1RPMUtpE39o6zVv+Jlre/KJdwivaE8m8KmtF2dpW
-u+g4Nm4+de8VnkxJ7z8cCduTrttF6192LE7JrzcTqZ6dBvBRHu9qqJONxiGZ
-iAJNnDgmzxXk+Q4N+/8SG3yrY7HVAdSK9TUNgqUvs7FjX2HAJBOJRUtnGmnk
-ROfUHJZND4T1XLAOoVvtWZs/u8g9o78nJDq1gneIcRwG7bVqODMtTT89ajQx
-leg/iQV1A4dAN7KdtjwtSatfSI8sb4WMyWUVLfIJ/BIvt2XKZW2siuUq4k4L
-3HoDdbyzqbZpFgpAxmmvzmWQr8VFbsIL/ahty7iyKYc5GAEcTwNIcEAdS3PQ
-t7ZtBjupYer0IEPVDORZzPLAjOwyaPa8pmyzlHIStOapX2qAwVGiuhtQnCqv
-pd4z1URIqrAvUYq4a8ygcmv636vJ+gYSMZvz4GIMP3Y2aCoSjMK37BhX/UpR
-xBrfOTyLUHyVT9liSl5TqiAn1m4/9ksWKeWopbBFDByucgOSuN8l3x0MgE44
-qjTGHs55lWcSJwqaGJppqGQvBcLCetnzpGXWQbgG2XpMlXlB+W2uQfPIjcMI
-LyQaoiUoRTpv6irQHkwRg0QJxVx+1lpZwJtLVMeWjupsC84900qWmwkp2ZhE
-UO4prfZOpzYnpXhTsBOW0g3Pk+IDxp4XCZtxm6sYJwb0bOLG6hTSQq1RLTKw
-kbNc4oWibLHPISNmWn6gPq35crnhTEGgQu/g1pzg/QDCAzcooqxL7bpSijHe
-Rp64+au3ic3ThEdWHA1GsUKL/K7WKLbeNgqpVztNYc26TAKJzXfHZnOAnMik
-/E4aOcoibU3jO8wbDIz6b7u51dKi/az5eoveoL1FbxBIkmOteJnpj6lg4+o0
-Y2TfWlQLvYZTWx7pLHN20Cfzl4O0ml8vBIXaogZYuE7dVW4hvs9sOThPpuR7
-fZGQ0/TqxesTSs5AvAiCM2oqL49M+ZEyn1V3nJ1LGc9EDq3XootD9PrB8Zlp
-P1ZiWJXG0NtsiAUhArmRXLAGymFCbVRTANWJmVoDesRLP0fW1DgpA9tt59On
-ly+Oo4PhycvL4dBxEw2Hg+F+N2GL8KdPp++i8xeX8L0sIHCr75iUYRN2qCHn
-7s7VcIOHZUCjxTh90CFhRzFAe050sTEVbIUrIZEOg0EXhCjR/v4QSQAGJIX/
-+CXgwkRUbFAC9G5coN0gygXUo2pE6CdCoE2HI9nKK5wWqjQpbVnD52H3BAPH
-vkfjFwK3saQDuyRdpL80w5FugG1sSICiJYEYg/KpVjQtb24fi7h3/5JOwu41
-Whvpt8ZyHjeWc+AvR1p83WC28E25SSuzIPpkgrU5UF8zFekeXNCLsPt8ky6n
-O1Z02FjRY39FY3z5RjD6JkaHXkwaPK2Kv7Xiq57b7lW9opDNS7kh59Tnvaiv
-6qixqkN/VTKerkuXY5YpF0/gtHs5/IWpVxWafEq4CHAHNEtrj/SUPRk+Ws2L
-6PCAFgRr+WSS0W/GW1jxYDD45TMmXJv6AKukilFO63lCteQoRuV0OVGh+j7q
-1lE5WRQAN2dEuAJnidD1NHEbvswVUDli7R5OPUPpLe0t56WJmFdR7c2nCb9G
-WRl08KGiA+V5qwY17Vvfi62exue94vPGYsgUKc3xsHQWIlzSc2J89mO9AZjU
-RSPLAyLFNGn5IV2vWdYrEhLaJAD1UQgEVXQQElNwsEubk4OwCF6wnyAO6y14
-cQs0gJZ9Uxt36baEJ0jsoK2eiK9k1tse025OGyKvQLVViS8pbdk1bC3rVcdR
-KShwiwJTrknPaVvmyuFU2sZuneOiDHMAwEgWo6Hj3V0UG9VE7O93GxgC262T
-0MYzj/Eu1Ola46nDsNtOaxpPHoGG79//XvgPwjNbW2H6i5/EO40jYZV80RxM
-AOxB3MAzMyijYWtF4zGjC/malsEKRHuqukF1XC2imgvGQq4T2ME9HCrb2pTl
-ECxYcFGv46e31daEqzRphWai9N5U6x3gDqxgavQSLspgpO4uyPjk+MHPx1s2
-M1AFiGO+vaCpR7C8aJljO1r3us6ozpEcQp/vmSO3swGarJVOAQxamZMJ4nVR
-0SoktdJLJuEFF6qV+yZx5malgvhoDQK0FjqHhySrEYVcbbC9xpzliGTqFTUM
-QiW1Qnap7hoSQ3KWk6u+VseQzQF5MaD5jdB2nGXJx/DsDPQxVPZZ0hKZLdaw
-yEmi7V5t2Yn7RVgzy/FZdHxyjRPB1UHZdniAHTOrHP2nE/LlUjW6eM1TpNyT
-CCZYpPNFRAoUiMFcfZG8mPny1lpjWyjdPVMfjph+TWLVifxLYup55pSXP18Q
-JiOK5xOyIU/VjeswBjsv6gIvqaIMFpm9LmKO6fE1gZl5oJIHlHiaPncatUeb
-j6mdM26wHzi45GfrEnPDYh4Wbdv4VWDqdOJmndHEnFe7yMKtaeDADlwTwC/p
-iMwqv1wEtwW2caM3wH/Jj24EJ/yQ6xy5EvgXiN+6ra8XvcWL5zW6F9lbP7kh
-WLGY+7DgbZK6/wW5m8Av6zCnYEDy+J51eOyGSx0ps9mNp6b/65fSsvOzl2cv
-orOzz5/leqkBwmdHintaV9XpB2/YAONlnBnDEzEP8eBrUyHL//mqv3h7eVwj
-MHzLvbWfYd+EiZQiErJzP5V6LbQpn5niQVw5CPklvDEt0lsKdxTiZAvZtJb8
-M0UA3FusdXnILpmWpEwhraceGQZEfe5I0WIf06zuYuoWoG4pCcTx4EEtnxwr
-HpjEPq9I4EOldMZx9sGoIlwbxxicy/ZqOt4rfsebWj2d4dH+UaOezvBoOPza
-ejrfSnUcKaczfYx1dOIn0fjp5Fn07f7wIJoms/3I1NKBT5rldFKqGq438UZT
-/7ySOl9S2+dx5xctmEP1XpxDcsq5/ysVdzwIs35okS3K0YirwPYK3XhLcYpd
-YT5Gv/URqVLV0XUrHt+kmVSXkuJSQbN6jYedTgUb85lTAkqFXqdaAuGsLRVR
-L31VQ+aAltHnnjiS5E+EhDOeKQmWNBQr74nJLLCXU2/mlq+bSfjkG4/STJav
-8k2JJAMLik1KIANUlJkVXOb8S/Ol5fjGktdkxqYOhrBhTG4kOcd6UFp1Uo/H
-g8oWWDexw+VNJ5tRnZ3nSDAvlnGGcR5fzs3XS/Sa4suGgeMvnlnoC+1nVD6y
-/B3cW/2lXICyNMybf63Z8R5m3ldUHOcLOPcOKSIu5rk0FDFmRfqtAZQH7WUX
-3KzkC2xlB/2w3Wpm+IN2PtE1ya++RLF7TVdcCB3lLEHDxqoetJUxCt8oSjtS
-lgz5JdZEr8u9uVtCUOxNVLmGVcGLuIA7kSypPAf1ukfHgtieKJMHEQ35Nh40
-RRqw7siZ0tKzgC4CPgSyikjGiaQF0uha/gMPyGmohsP1a24b1KbgAn+DJTlY
-xyIaoyHDOmKtpr423eNK+pReBF+TvYZSsDU9uqx5leLptJA6j/r8xHveSYPG
-lc03cKOkhgGljDw+OjpQv8f1AolqeI6VzOo51BV/F0+o9kxcJGYeIjlReB6j
-tQ2JprTITvlreRP7PWt6Uz2JBNBFksK5FIhXH1/bz1GaoFM7HWU95DJA69NS
-DRpsEcW682gNAKZOjbftxFSFVRrYw6xe0Fs+9l2E9YFwQok0EOdkQUNrikOF
-CdWVNLMjB/HWuofFTBZYDy+LhNWClqBeTzVGqP0CjZnpms2G90ymDyVO8YmA
-/KzxEmeBxUo1nWZpIT76KywyekxFRvHL16imaRabU4AUUw6W5js1FiM2eFVK
-tZCGzKbxz9r9idsKcmDVHfc+5F7jbNN1ejFpbSS2+lSlnh3lu4ThMWnQigEY
-KF5DwgnVPmUUkkK8OBLjkqxAEonKpKKV1kKbsDey7b5h2l8Aa0bsDLT4v3Yk
-JiqHfmiaTIo9t/Sc31ojHqWY4lK849EZrKUiLo0PeSqvNbtDULtA7mG83NrK
-TPI81Vbfk8Lo6EhPylpJHrLr0tRc+F/rmukIDFanuYEt/kTG4yq2IdpMQuiG
-g4CEVx6tdBJiYBogGGJaNR8ORLfUdDWDRVidtErneKpc9yzShdmD7e+Kt3FK
-o1Iajutb6QReyeWwi2XiUrZPkYxN5a/VKe7aId2yv1LWFwkl9s9MK3F4SlwZ
-m1lhH6/yO7SsYt1lDvPnGoitd8lELhYjyaHFaPjAFvoVZJvkkdsNXbMuNFDL
-1xcDYy4Tmhy7deRMuqCdxCC+W7lY6xYfc39Ep3UoXT9cqTME+XemEiaL8IIb
-u8Zyv1TmHPhoks3RUt1m19XwAp8kOeWONUNEyh1XpmD9jsLHYa2nuLMvzs/m
-UAK3ppV0Yg3Zio/ccMJ1mrKAvPlSmLGJWk41b/WAuQik25VefDZxwxS5D98W
-cyD1nK8LCHUBLAh1AUzPL4XksNLunOe4yCmHkfMeTWCA0GJTWMlYI6YSP8Rk
-nYQk7L8M8IELbyvK2Ozj3F8UWWnyJb+OEs0yxlhcoB//AfeJnXOk9sxRAyMb
-1oj6ItJL1BgC2DTbnNhEox2puWw5nP4ChD9TwxwerKT6kOHPtvmJO4kTGpSW
-jZggZs3tUUFhLSrI8Zs4qalmayP9shbYIj0V1tiXIZSr1Lc+TbejHE3B2oLT
-9cbdjbSgYos9B8ARcOy+MFCTYlVA9dPOjySGUgtQvhoGUiIGmCQhN+xSYycl
-X8vlyZXyhG883iwpvZjx0izSajORbEKBRMhVUuXbfBGIg9N6CPyG7LWOon43
-8cCZyXE5Y0y/k3Lt9vfiOOw42wYiZO6eoSWT2suafiBjmitok0/sSVthzx5n
-2t2XtUURx7PWVbgruCcjL6GKguggl5AtNzUvMKl5uJS27G7koE5RJqotsEzH
-RcwCLoxpKo8ZB65pqdS6McbCS+48e0yCN1K5W9YHBA+V+3KPglo/47KWqXoU
-uTmvcPFsd2JpRuL0umVRX+t+uOnTWrgeS1bQoyAFbDKTuWESNsqRCSF1szrE
-FhLcmYZ/cgJoeWbzhE7qJAVTzc/E1MKkmp+B21WCTULo0tEcDQSVpjBtEzf5
-uGlYskVJbWyf7E6IKuvntJ/AZZReAVSxS3EBKlJlYutUpTKBXETVq0ap1j1k
-nQCP2TKmHFDuWJiT/mdWswv9nIBarvSRzwhUKGVH1DCY25lKHGCVSxEQGVYl
-gNauwtpTOHCaL8I80w1V8KwSN8SwrQ4eRhFar/Z5OsVqAxcGqr5+QOuZJLZw
-doTLK4xKP5AGvdpIiZ4DLDadlK5fX5H2g/8C/814klJT+CnyzoCfik0HUhEG
-w8u1OAweej7Jl+GnT2fRi0GaVLOIcwrLgzLSbz9/7gdmodbqkNqGzW6dtpBT
-U885gdfyl1Kqhh8eoL/cOEIyVlgzjoxFn0iWwIVJuZqC8ZIIOk8BJTNYHkCZ
-S1dxEw/Fa9auXl/tEVy6dtEE3d5IKQs2pkel40NEHV1Euxd3EjCLvfcX12GX
-a3QbL7wdI6dQGq79beodZNMgNGnBaqkzoQmIUV1X13M7fpqhL8XwW+uAPKWy
-I0hdqYkQf82iAyMeylnWMiIJ261cOmWrtCjQFJCk1g66mUC65kngkBquiAA3
-SczxlSlshN+2aGeo2ATo+aXD2FGnxzSciZZkpDCCXoFdibgJEmZgFVz+GfhV
-F7RwLoE8jTHjlvIeQIZclBRUcmH36BQqZEmaBIlXcTGlYAdjZTunuCLgHq+u
-zilrB6NBQLaGG04qAz7HQJMEBjLROAy91qkN9Ctp12SrkuAr79bUexbFmko8
-ewz+flNEkDLdyMUlSMM1d+DYXMMBlEKgTVlyZwrPYFwCZtvRQ5gHphYJV3aL
-G8NxG2OvDrQkzovcLLKSU2ilSGipnD0Fhw3AIWVXvRaY3MInEDh03q/Xi53W
-3IXZSt/Lrak8A+vrBC01AsRJK/H4BJGXZAU4YfNOcKwqbcM4BNSFCg8Ckntl
-A2y5H1gz1xupZVCZhrE+J8z9agNSMsHq+a57aClR2RIjwqqyYX2gYYvVKhaj
-hiUXDOWtyH5b1bj8Kg3nfAPpmonAxFfQUW4E/MRHk6aS1JY/EYQPZVC06Urv
-m5r8KHxnW93tUJPFQqumlx2Wl7DV8kLmYVLH/SyVcz2BtAkI5MPwYClSidy3
-WPOxJrYWKo7+dlNhabUxx9YBTo6oBx3bjNU0wD0lJIFHdAdjCqYeB6TEiXYC
-8geTBQPDNYKsyATNX1BBN+pBxTw7CO4p7SDUfVPFxpgOR/gRPaxAZgMOcPyY
-gtaFKsBwxRkROCDGEwMrLbC+oxBKBMDp1cHREyzjBrchcG7DgwXywmaBvGBn
-gbxG/WLueaUF8aQCHvpYpIQypj6aAnhNWVHQGGvibkOyjZAKQHeP+erxxRkz
-XZSvtSiI7UdHIEZ7UqkN7GrUwNakc0rhk3l/x8mY4nJ3MTefA1ICDA0JDjZu
-y4QYUkaptebKp9QeTxDCxDiGx2gmjidbE78tzi0bBNkl1aLPIRg9hmm9BOwg
-OLE1w/2C3HQpqHg0X0Neli0eq/2y72mIR3x+m00WRZ5xY3V0cejOxQ7/5vqi
-5/Y25XqH8cOVzYN7KpsHTApqpiov24kQVrZarmOnRQn7qJTL1wNQvU1QEqUw
-BwxMT+eLRIobBf5qEYuc6aUEmsv9bU1kZaAaxym2G4UIJYy3VHpn5cSCMuDo
-dgr7tnbX+rxIjbBlTi6hTSvCV1212PTreMOhCEip6+0hEFHwWamMFbSutFYM
-CtR1UxJKO1syM661EcL+RlgTEruUnZhC6moKpZNa1cqvk9VkieVQGz0/CcUD
-ybJMvEZHWIR2N15bkwI3PeCGB1Ty2tbfCrFRrjj/UDEzdT0ZXUi/ybFVSKN8
-uynEU1GaG/d2LjhoBVEWjos5vfToEEPCl/bDJJtu4DTZBAZIfTadS+i8iIKm
-2zEznwVHIbfCZJsWSCs55dXVWrByZziWzSdNt7Z2vj6VsFE1mMphZtSshGv2
-c6EhEmeOXb0LrU5dimzrs/GGqVxNvVLJEd92UzPXfKZdGyvWc2pSUZy2ibIh
-55SxAbd0Zw+p3kGnX3Mn9iQWekfgrx+1/iUE2/HAwi6UQTgFshhK7NHj1spY
-pNe2RtYsya4YIUQE971EoToLMS3ZtncjDLGN2nokXooE5EgeaHYx9koXdalU
-KalrOWilCXbrdHpN6+PLZcLLl2TwLb4BEp6KNGJjl8YhtpJX9+LsrGfx6tzp
-UqhN1b3OhTslB9MIkfKVnBm0o5Si6iCQi+d3YX64FaM23RUbtAb0wKG7TRpJ
-ksA6u3E236A1xcVbmZvqdXjT2sbJ66ZTwhk+SEBEm5JKotVFWDwVmt8aMeg3
-qDWSetD99KmtHfbnHq6Z/Q/MgagKOcq4GYvnom8FXGKSU0M43XeZUCY+2hKo
-ek0uifDcj1TzIYixB4Jw2G2T2lQ2aRHdJhMMQ91y8Ta1n4/4RqRwASL9MdVB
-V7eV6tbGvOBmRrkGiJhei0Rhg+9BbmB/KLdtsBG/RoHgvCrJHNNMh5is9avB
-LozV0BzgN3SRSTGuyIhNGxcNREsxSG1QH55Oupo0Y3+5WSoNwVW5RKTrlz2V
-QAIhGnI7ekHDEqON15ZbK/6LLsYWCmuYZtAF6l3EqmlUr0HhtAKOmyVM/UTP
-4koBLKeS+jneVAHn3+h4ulKXEmo9E6oWrw4JA4tjqYDfJLszJW+gQai3ehv+
-EygX+684S1EXHPgHqyZetYQqIjqWFLcxWGAEL6mo47Oh79gwgMtrFJhiz1fg
-1Tl8FJ4dvzluY8mYLBqH19t1gkBIOcqNQztSmwxuMxcL5yE1CNggMiL8qMnB
-BRePup2g7Ojb25pzFhcHfIxWgS2psY+79NLixVxtxpX7pV8JLwguTT0RLXlX
-4mNY3y4I3krxpNYvTzPO0q5F1eEDz8Zp9Z1TMCQOf3gvMRPy25VT2Vhqbgeh
-X3W7L7US6Q2TNgGAa3SsFPSk7Ipm00qvXeVVeyggLhrpIS5nR3ShiSvUqg16
-wqhXI24TlRVBqjk6w+xiow5Br+YDPuBhTRAc20MUCzMH5aB73qAKvtd80DoU
-bZQP6QXpxKmZb2RriVbdiL1CeksCyPQOudl42PHTUh6H4+NSzuM5TMEGjW7Z
-k02H4ct06agU7jfnOEuVAzGa4TOEqXik9pmA5RnOU1yhoClxnZykA1dhwoR7
-timIYdfWdLIoMDgWcPFNkmVY0gYQC/03/zvT3wdY+fJMCcEGvTH0JijMb9/g
-DWH/JgGY2KE8wOs7Js60YyrQrkF+ED5CfI2ePDu9fkk0xO1VS11nPVKCTWvp
-u8ilHZ9/J4XxGtMqjXm1RbkRT5xa5YI8RK448nV1cXU9Wdcb9EzK4radoJUK
-8ZNKaRpNPuH2UVFz/BJmBfgQpl/VajXxrhpXog/CitvCl5sGIF1ha3YdcizO
-/CGQk4C8NKOM8w5pgO+TsTQ24OkfotC/8XMMR/3lhZVS8TNGlRODKvDZpRFR
-fwt+G0VRNKK/nR9H8AVQ9Sk8bMK/z2xq+m+EbPBPrZwLjmei1OFr1vf2KJSb
-uMm9LwKVhW+kcRB3f3RE5/tfBcz6TdVDbFW5Y7XMuRvv2hJ0v9XbqAGwqN7b
-FwyiKUV2kFP9RJsAPzSMqnr4HAl+pEq9kk/0TdKlTCSRP4Jqh/DgWxYYv3oI
-vLi/kW2dNY23bNPwDqAh3/9GqQSUFSQfaibBjttEuQNiUKrD/EeWDJUywMUD
-YEV6SHr9to2rZz3hUuF/9+CdwFwtduu23cIurL3XCedFvllzwR8rkal2B0qA
-R2us7KNdIp4ND55QyD+HBKcUamF8EUIYzGpiaof2Gy8ToP2HXWeT5f9bix2F
-Ok2hAP4QhppImrZRuNDhg3elpVAkEou7mL0ELLirffv+0SzSuRji1jPccfyA
-OwCYkBNLUeNgkQapHQzK4kYy/UuHnIGCqn7bcHOp25+/1tAPONHJIsVAFLSy
-NWI98FvYCjV5sTEiwdcGiRhNBo2+Ji6Cmrzx2WzWVMQ75W7XrEthcQ6MINCg
-C2DWd6CndjAgNBVvDwl5/y62Jyp6mFaeC1Rj6T8kW3gMZlgmXk2bDgVMYACy
-HQ+urA7phFOgeyYw6fPwAFzDeSIWk2QrraQzE/YRYSPWyDc3BibiVgLN6sKq
-l2z8FgWt8GCwLxf+9OOEL5gG6HXIrkTkq/2Y+YY/+fYxHME0mVEDdHxx58jm
-QDFmhW89RZqZybrHmPPTs8Vv8SuHiCqlEAuUY/jS1J2MC7cTMVNTu9cWMw4w
-S2Yu3kTM4RyFeugYKIZJ2+iRXcTLGRIo+Go16GB0Ex4uORjFJl1u0AWXTsiF
-jgaPZEUhdDEPa3qXkLC73AZYrxXYfJcKf/DaxWRue5NiaElZUUcH2Qk92MME
-A9Pp3IvxCZ3tuBY8ii6wWeABZ5wVFC6Z5Y1ieH3FQ5OuTlU0vSwOG+pMVhqN
-XKRDoGRYiXIwSw3G6HNZILC6sziLYJxeyN7t26SYE92mL9KsZ5MHMOwjsAET
-1EH9+PuBich0M7Y0sQKrgKbZpNJSyCgUOsZRLT3CkYB73AoahTLjHcUgCSaS
-tumNRS+pcFTdkYqE9WQlZB1UpHyOaxnJ42pBIZRyjGyIRv1OC3HALJopnHcf
-0Z0+IXtLX5uWGgoRqL1/0GF/rFPegO5Z2X5L+TY2n3apao4rjZyCCRF7fkEp
-QEt4TPFVPtqpYitlBbWvD1bmWErNTL6l1x+ziOlAB9SDmztjNAbitVltuD8x
-u//iyNobMJMDc3J04DI0BcL4YogTgZ2UtFrHwCHuvzIppRWpF9NHqi6sM2K0
-5fPg/DQTPmMXW8dENRxzjAvdcb7ao5Zt4O3HOi14mHDt7IUg38wKbgH75G2Z
-Tiq/IuUeDFThkpQo31IKnjiLKZXxDj2RSbxSBootIZC+mLZuJgrWbMj4agNu
-lWXXxK0+4BqMuQoPbw79quyKGnGORvuRUCiuORJKCcRDN8bWBgZqYInb/EjW
-+F0Q1mcB+N/FUq+IR95kzFamxvjopjSeVXVyJyGXc1gHugKAjmEwXzMGBKsW
-4Oc7HW6cPIilZH0zD5mujO4gZdOE9ZrKq+ivwHu368ph9yDOMCMfRjwV9h24
-AZ9OK2/03ckkN5PqY6dHYXDu4qwBF9bjhWUrTaWmgk0CEZtcfzL7F1tEcHOd
-LWWocyQlDd2OdBhg/EhLhyBSeB1VbQ3/7jNcgFQR/gQsj+Up29uaCGuwM5QV
-ZiNdmyiqCY7pS9of83X2WocXnIB9cSBUVo76P91CZGin01zMHiWcBdowkbcj
-+Z6AY1vp2OSQOnbmOkAJpDUSboWqf9UK7CL1YYaKwminqhZCJgOWrKacRX2/
-HIweG1SAI4xiBkkHh6LQgEkeaVK4WeN3lIC3StEr1oh6puNhfuuHyXMLA2t8
-lGAxpwj3tVg6u28B7tfUfg0ktt4O5uQ+A/t7e3H65vr09en56fXlT6oayCLd
-St9iTg20tpdqAByT51YcmybjDdfioYylPEOXCEObXP4c9IHQLZHwoxEW/d4V
-duG8i7flyKoMnqOa4ibFHQPYFhHy3Zen9J0ZKOCo74gTIistGkJWfBPFVcrz
-2g7VD3YJKHHrO9pTu3uoXgLS8786DkwfJP55kKsKuSnHwy231uw6DSRXFCh+
-RbxRi8RpbQMK5mzWLjctnEyXVPVH4Xv1M05aqRB/E7QfOlMN38PFYGkUtR4E
-kia3dVzXPghoqmbVaIl54dQtidgstJU834nnGFPEAgbuzL0inDq4Q157jrTE
-AGRsR6njuu0koNvhYv2BX6zfF5hVTyNGrslaldKsVUz+1oB01SzHIhjqtmzU
-0tdjk6M2HungnqL+LQEfTuEO4LzOdiVRgvSQ0K3mz/u3lfTY5hTY+v2hRzIb
-7RmkAsXVydn1ddi92lCw5gnNaerN95kfkmww2faFQ27KagcdQ8LNA+6yeJST
-tKoi91tHa45rqrupOFSZVVTWdURnXvK6CVZObT6mJO7iVcwCQF7xPUCvARdB
-o40FlHa4rkr3IupmEg0Focvv30LJfKQKWWG3xViuijxVZcNQDE66cq6KW/TV
-XEE6OF5Ay4qxhBMr8qbkK+WeO6FTxPNcADlwxKRXgtYgeEl8mGpF9Tl91ZpM
-ViAkYrVWLtloiy6RcM0CGSVUcjl40z4ZY5uEnYc19W68ZSWQba6Bo9kZUQch
-SiWxl7YZd71nLgGb2lmz+UQz2drhxaGVbegwYPux5v2Z4AYb00BCDcchTVO4
-cRgXZYVK7v3cxSgt3LfPnow2HyIlqPIIi+B4GGttCTQEr14Rsec4s3nDsSgy
-C4yQDxwEkio2bhyiMR4RMndrPpNeQLUJSWyjWW1zAa1rjRbhBU7ZBrfA5QWA
-QLJmN4iSrA1YAdSkhzts4f3jE0l4pmt8Avth0WoHO9j9vFPpR7wO8RhVROkh
-ZkK9VHHoa4CIOLd7et/tOM22D/ks0CKAXULZBZF36lXi2ysaGWK9gVrNCJM2
-1Jbweg+lnJhDENyW4Mx9+hJvbHqlEIGybStIzBFbDweT+C1Yvpcwq512bArN
-A0T232t//JjD8dhjgesjHdmfEEN38NJIv5cTTqSBfQqva+8p68SN9jkNV0rl
-YfhlP7yn56wNwTGDUfAnv14LAKUKCu2FW4yCNKBWMkg3nKI196faU+qkJs1T
-ixpMptcLi3lhXUrfICRarSgMoDdw+6t7mSQ2J8XPlgfxDHvA7GhN2xWuSNYd
-vHf9ZsQqQ4VLJhhxE1aCXdElU3Fnfx+WYrTXnkjZmI5Q+SF6l7pHiWRqxaTI
-awQEQtEIIE7NUirWMoGrfKcCHYux463I82jMeCECFJ+O05ZmhOChrJ/dUpXU
-JA7H0rkQg7skNhyHbvRPwrgTjiT3FmTLd2hgcVueAwEUx321HRfpdBS+yisj
-uRGPVWGwjzbXKctLt/SdEWgx8EgzHxHWggIUP1kLHNsBbsa/9pQYKQO3Ixsp
-COv5SAQlD/lGDyQe2Uwjk4KEJiVMQupaXapcIXEgOwjnGdlgIsosJR+GRyRH
-SNsj0IaXKeeb6LopQZQaPa0puIUtFHjqGNxR3/BRNNxfoexHndEE4L7HyIY1
-8Sbd0EZqW53i9SfLNs4C7+N7maYF1+O32o+pHlEak2FB0tKw6EGj5gNzD1P3
-Iej+8PbqVMLVSYdhwVnCm7xqD0CbuRqEH26etqwBLkSezVFZwtqdG8TDaUtG
-Bmry7nLHCXWgSGzTCZPWgy4sW60CczcpPYakIBdOA/bHGs3d1qOGO7leo8Vj
-p/rh1M8TBWG1itHWVlIRG6OreaWN3bLgRFtu4RVMWy3aGvwYBQEze7jDG+XJ
-UaMDnJnUt+8AsRZpcsuhjGZ4zWMNnEjbGvFYJTH3xDCdnVqaOf2mAOKogEtb
-0xkjN+AOn+gG6YHABgTwXzAA9kU4GIYnLy8x5KYKh0P0wbuth6wU79bGVxNH
-3xRG7mrZ/R4GKHgU2OVvbEy0DID5jV9k2lVgvDYouOLTd+H5i0uY44sq7Xe1
-Mn+PQdKwhDhxvsdnETeIwgL1Giig0aFm8uMzDGjCEteDcHhA0HqoDL9fhP+3
-Rl1tn1/Vy2u3TnwIw3DDHVtk30y7NXPcW6H/nvr8OOV5+vLsBUAOQe1YxBVg
-RK3R73ublmxa41YnuOcaqGsNNZp9K3RMnBbrkDvQbSs4zoKcmaiJRGWjVLmL
-Um68iHO5Tf+Qe2gO97+Uqso7WO4j80A4VOEmvL7LI86aMo0M2gVtKSAs1VBL
-kRJC0zCQ3dUcJ5JNS8dwpaV/R5yejPxA4j/rVchBZMWq0yQZcB1rYMX4Sa2X
-OX31gYt+kwwcxRFIo9HB/sGTaP+gIxWpaboL7UJ7f8FzMTIMgBpKvXOKQTPb
-a6953nxLJJC8UfR8/8nhsFH0HD58+rVFz/eHXtHz8XBygIXPI6p8jkXOo/Fk
-mkSzfVv2vFn0fJaAoHmD+Z6w6Bvcqlfv3K9kvkyJnNFjN5wp8XUVzU2KGMJu
-EUdwvKPscPy3+U+L89n79/Hr6J/zjz8Wf3sZv725/lgWJ4dn5f6Pw/Ll+MXd
-yXzOg5jEMmeQ1yfxfnzw683H/OZotf/u2avr58/fPH9z8vrvzz/Mn0bz6Kd1
-kn7/w+royaFBCi1E7blfAVP6qkhgCFHfRXTHpo9IzqZGjWbBMqRYURBG+Hoc
-q2HLfeh1b0V9RK4nbcj15GuR6+APQC5TqJvLYX91Jf2hX0lfimo7Ld9Mpe8H
-kE+P/JqM0Bgoi0S61n1qMBhE+9SCqnkpao2g5NGDsFvbIrdZcynswai1byQJ
-cNqK7lh6xu00beCCI7Jh7mowaesN3rl1sIPYFq3XFpPZtNYZTVvWYS4N0u6h
-123RdO+7H6drXesYrVEejLSPWTtqt76HaRDYEul30s54OD6YPAaEwuPEv/bt
-X/LHp52M3LOjKH4yfhphf4gIsHsWOdg9bKL3rk5luyloa7fJ/98RTkKSA78B
-JkpL/wKi+Af+RTiC+ltUbLCGZQuaHOy3oMmz/a9Fk4M/AE3qTep8MvhFuFpr
-KNLoD/ql5A8P7jGoHJYoeB1Df8fBNU7hi86OlNC2U2vjXc+efO2pPf4DTq3Z
-NvCrz+3AP7cdbVS/5uwO6x1Vf8eJObB/4KzaOo+2HNrjYcuhfTv82kM7/AMO
-rb2L41cfXK2DT0un2S+h2W3k9nI7/Gn2Nn9/8Pf1ydH5P5+9+vD9f7/5+Hj6
-+tvb5/Fh+e7X06fpf1T7dxf/OfFP/ijstravNbLD1yLD7sN9ACsekj+PWtDh
-aPjV6HD0B6BDrVXnV+PBoY8HO1r8/kutnL74VLxGTl5hNNhMwK1cdt98NC7s
-/TOOtA5aNOzQO9iu5fNO6djpMeR09Eb5lRtnS4tarB49waScmoW2X3fA6XNk
-e0Wfj/5gR6C7xorVjga+97QBNYU2bLh+KtH1RybCVOupGw/ybRoH91Zlx6YS
-rXrCF7aqtdrCA/1q5cEvaVorj35p51p5fHf72l9EJ+bWwxJhUO/cm5YcU43l
-C5Jiq15E1zHHpRi1gTDHxafTL7zA5EDmiAYcm7uuqmnWaYL1QCPcwFThJlWL
-je2CL+g9514ZpmMy++l8e2MgAyjuzbkRgaPXPR7ZHkMm25fH+iFPd3qprXZG
-vhrMUuA415buQnILqI4h10qu9Rhq1165kyg12yQsCJ0/PyNKuB80cDT0MDHo
-cgUv/dPl03FcET38eJnCDQAk2DYm3KtN2EBfr/1lz+F4+C3a7dZfZrdraVRo
-7Lj/ap9ClEzb1M5nvto5GyaA5RPiKIdfIuT8vj6FHsQ8nsbMwV3GwX1qTe3Z
-x7uEIXjUF2SpP2JLi9KvsMI4LTMkjOEuNz2QvNZ2FJDidGolhNQYYYN4fiFF
-v/Xd7ga3j8LjyYcsv8NjZ//7Tpcdew8oJFe6EnLWJF5oXA0l32ryUlo4KY3x
-MqBgQVyX5oiYBIE0U+sOt1tzO9JIJpPJYspnzaROE/+fTe2XF0UOz0qikZNw
-GT6QcNkohRFoKYy0lCTM4P8FIlPfHfsYAQA=
+H4sIAAAAAAAAA82963rTWLYo+l9PMbf50XYvy4lDApTp7rVDCEV6EUiTUHTt
+rvqyZFuxVdiWW5IT3BTrOw9xHmA/y36U8yRnXOdFkgPUqh+brwoSW5qXMccc
+90scx1GVVYt0ZDqnH9PJpsrylTnJV1X6sTJX+Yd0VZqbvDDPs7IqsvGmSqfm
+eJauqmxi3ufFh5tFfld2omQ8LtJbGOT92fnlqWkM1YkmSZXO8mI7MmU1jab5
+ZJUsYdZpkdxU8SpdrdJlslrFd9myTONU348n/H68vx+Vm/EyK0v4tNqu4dWz
+06sX0WqzHKfFKJrC8KMIVvAwSoo0gZVcwhBFVm070R2sc1bkm7WurxN9SLfw
+6XQUGRMbO5uR2ehTfGuRJ1OTTXG71ZY+TWTvd7p3/nQzzSpTFUm2oN8n+XK9
+yJLVJKVfi3S2WSQIunJbVumyjKJkU83zguaH/4252SwWDJGTeQGwhpfNa4UK
+PZEXs2SV/SvBhcLmV9N0na5waeZtWqZJMZmnBT0Ir2SLkcnS6uZ/WsAOpmkU
+rfJiCe/fpjjv2xcnj4+GR+7Hx+7H79yPT+TH744eHeiPw+E+/ngWPx/gLHJo
+uISWj8uDMl4XeZVP8sUoirLVTW0VD4+OdOQnj757qJMcHgx1tFWmU2QxHUCs
+Z2KfqCPQpIrX+SKbbGM8C8BihhsBSBH+gh4wp7fJYkNfm2Q1BYx1zwMiV/Az
+/MS3YNcV6fC4STFLq5GZV9W6HO3tAU4mgBOTD2lBABnAEe4B5u/tQPr2Ne/R
+2ITf5iZZlCn97vAH/8RfxJ/Li7MXL07D/dMNSc1FkU83E9rVmYDVvChgLMRx
+3vZtWmzzVWq6PEyvfb/lOru5SQdZjpss9xDjy0o+jZNxvqn2chjpNkvv2jZ1
++i4+PouPT67CVb7ly4PL656+65mD/YPDveGjJ9+Z/MZU89Scbop8ncJ+L5IC
+Lt0SrwQepHx9km9Wk2xhFsk2W83MNL9bmXlSLPNVVsKNLDaLtDR49kWV3WST
+LFmYDM52scgA0yaw52P3xZn/xfGk2gGIdFPEi/TjIMWVJfDPXrrI9oAK7NnF
+e/vHz+L9R/HwYevJAtKMdu5RN1cHxbsVwAuGePH8OD4Ynrx4OxyGUL3Cf83B
+sA9DTFN8/0U6TQvYo4N32cfpKgPvmtMFoGcBMJvAAxMgneVT/7PLbLZKKsCm
+HVfh7u5ukE5uisEsv90DrCtgA3u0Flje3mSerKu0iM/2gMbrL8d7a5g8Hg6/
+Cv8JSu8GlwPzIs+nBJvnxWZmjqfLbIW8i3YEj5+fvTh7Hp+dheB4nhWwF6BJ
+cBrDw71HR3un774RvwCFlknxIa1KwB9zk62A/DMywewbfKs03fMMZjdnZ9+E
+ONOs2JNlBWgzBLQ5iodHvz/aPH/z9viLt/Bg7+Do6BD3Pc1mWQVbhUEYzvAz
+oEK2yOiiIAnBaRxMSgA2fNjFeX7LHeKpwzt0EA/hv8PfHxhAl86fv/0SOIaP
+9x4fHhEWpNNsApucprfZJMVDf/72N2ySBwwP/HG8j2f+++/xzcXp66vTV6fn
+p1dvfwy3+gY40VW6SJdpVWzN5TqdIDWkvbdvCkZGMskvWG5QwovlXg5ffB1D
+o+2cLPLN1LwmaYEYMzBfoOEvYDdTvdBW3CgnWVWRFJJVgF9AjAJpJMcZYiAE
+wFeJ28UV8W59aNf3MaAvSx3waBTHIO2NkZ5Mqii6mmclcJQJXW84cMBwOPCd
+gnT39OSq7PXhREDmFMEiqnI6kvcqbloeDFTkfLOoMnNJQqM5Xd1mQG2FkpAg
+24v87dJFm3qCekNYxTGtMBql3oADwHNYnAFJ7RaEK1MCQU+nfYO0iwYHTsl0
+n3AoKT9ETmyGj9OC8MwJvvAmTGKSSZGXJa8EAMqAjOCx5WYlWARTP9syQKZ4
+uqxCNOARCRDvsmreFNnNZJGAFIUb/Ovlm9fmfTpmqJvuX99f9SIWOvsAajix
+0kdik66SMcoADSndwNGALL2q4P/IA4Qn7cMz86Qy5Wa9zoFTetsHQcdOMYgI
+tpsS4AEHhKwGh5lsJyDtmVmRrOdAC4+/7zlw49xFugYqiphF8FaBf5LBYhHY
+KKbAywBlgskOuFnke38GcNiUCGJEuBKoAx0zfrAEIWDBJ1hs11VOa4K1rYts
+meHtKweRiMtpKC77oqrDalgg7IEvBC40+vTpG8T0z58BJ47NKr2LXl5dXZh5
+miCC3WTpYtqP7PWK5Xr1Dd5CmYuYDV5iPBDcGoE+WeSrWQmIDViL0rFFMx7a
+oj+uOjFwn+YrouHjTbYgpBwv8skHOuxIDhukI7hlcPvhNFZ5ZcZwY6syXdwg
+SsIUFVzBvo8ReEiRIBkowuZGZWyALdGVZTadLkBNe4ByphXK4fcH5jyHQ2CK
+B0TnN1MLO6Xh86hpb58/6/2H25CPN2VltWBSWIma8ElXc1CoZ/MvoBthiD4S
+gaIBtMN+f3HVA7DTbugoSlQNJilSCfnRqN4YNZbra5WwbCW98/zOLrk03prh
+4JPJ3OTwQaFECQ54YUDcBAnNuHuhy43tjmATkf2UNhEzafGQE8/wZX6XwrXv
+N00HhH+pw5VkOoWbXToyFiWTCTC1KhmD0FRtAS7/scrvcEl389yAWIX0C2kG
+XDpW1exYTJajO6RDdwmyI5gJLgEgBH1GxBlW99aSN5/uw2OTIk1w94stgHG9
+yLcIt3yVL/ONEG6mckC1YSyQ4RxZ920SeFuILxdAn2ADhI1rUDIcyjv8K83/
+9//8vzj3YkPX69Mnq/19/tyHXz3FhT9QuR1+ixCrPn1C4RGOHgcq0n9ugKx6
+3KrPVBopu8+4cGdLYn5TYAFIqeJl8gFXgGM6rtIt0xSmoPdjtwGYDulLAm8D
+U1gALJfJeg2v9wa7hAGf1xvl9YTvAesmAAtapCU9NUvWZpxWdylgWgtG+ett
+oo9M4V0APcunzAPdogQ8jEHwPKBBNhUGE6LQcSnzAyWmb4Wq7zTP4NHxLRPD
+GrzTFEpWaTolZjsGtgmHgmeG0xP3K27TqVDnSIWTBGRsuLeg1y3xNb1NtC9B
+BToDYosBQ4uSstwUSI7xwgJhhesM0y3NJUor+BKeYwGHDzChI0BIAcfA3Yre
+auDIixyoSVoyl9Z7JTuLRHwAaXF470mE/IOPwdhTYKkYsAPgR0dCPBGoKtFo
+eKlDdlj4LCtFes7+lU47NCoMSO/bZxhVYJFXIEqYv/dxEGAwiPlvNhXI1eZ/
+DTpRdACTvM5RdsOLPPXgTFCgDQcApcVZ+Y/mXGSrDySxePdJxUCzRKrAWGIx
+AE7iIc/bNh3CZcUXm64FcdQUaJDDfpwVzp64Kl7yQAjWWfjmkui23hTrvCQU
+OFVxIB8jrskFgnlzkO3KDbAMJKnecCj5w/PAkQKdybFORmEehgTydLyZzZTE
+oNkJ1okj8OnT2eurofDl4SrwSZ4X9aYETxxPuHkSKrbjoFUCElURp7d0G/s0
+PX4O3J2ewtX58gjDppyAPFxkudyPywmoc/Tq8RoEmYkAaAe1QwWJOPoOFYg0
+oJ5hYdx0P31CAZB/+/y5B++CEOzJwCTLISJZ0VdwDQEBb0+TWQzSaDYVqRFH
+OBOhGOem++8IrqWdlg0B5sAwTLwy9yKPdBwweDaEnlw54RJfRZ035gfkJQIi
+cIZZWpCAXtwkk9SnSiW+xw/E9gF++TdL2LCPMl0nqAssth5h/lpxm4XKm3yx
+YKEDh84BPeEylRYB8EO4nVNkeyDsEkzpwK0MWJMRiYUozAnFceGI+rH5D2Iz
+cq30YVgqUAaiwoBGBcqf0xw1MJOWyIqzcm4tGsGzJ8DxcR6QQRbZTYqKVeo/
+gZj8NhWr5jxbI1156zD/xLlrolY1wGM3SJ4nwNRbVD7YIiDQsozGsl0SbXyZ
+ZNeF9WiZcGNVSIRAwIgAWjjDBVJ+p2DU9QsAzbZVxwAMvEkLNMcR46782ws3
+/aQ2DAnL3iuFs3cJKteFvwhZfAFUE1gLohgIgcRk4G00C/eNu6hMimboC1jR
+lEsQQPGhaJxuc/iK1FPCO7JX1TV20Rq8bdqVllF9c3SWeM+AfkxJo2dVKqVZ
+mBYG17MfEfHM2aLAB54hy8FvrUKJN6e8yVhUK1MPQMRVfFMKE+AJbYbG9M/b
+0jPe1FYOHLZh/XuAJWRM2PJaiAc2hrGCQj4hMQUUNtSJywlcMHiQLLDyMjPf
+mwTOGb1GW0+9IMBXJB+zmiGgrvAuAhoBZFcoacFOkBSKzYVXSk4UGCBqeZjG
+FVMDT5/IMTPVRQLBj0VjEK2Q3LIqQifo6SvIlJCl3OJZEBFEQz8SwYx+Z0L2
+AeB4RyJ/5/zd5VWnz/+a12/o57enf3t39vb0Of58+fL41Sv7QyRPXL588+7V
+c/eTe/Pkzfn56evn/DJ8aoKPos758Y8dxu/Om4urszevj191GheOcJLlXeIA
+IOiS/FhG7sTgnWcnF//nfw8PgZj/j7cvTg6Gw+9AyuBfngwfH8Ivd0BuebZ8
+BQfJv5LwCDJqmpASSOJ3skYDPdxCwIpyTi4wuDAAzT/+AyHz88j8aTxZDw//
+Ih/ghoMPFWbBhwSz5ieNlxmILR+1TGOhGXxeg3S43uMfg98V7t6Hf/p3EEpT
+Ew+f/PtfojqzgwNYMsnflC3UEVgcCdGjaIQigacbq1JGUFX7k3JGYMk7bCx9
+vooikZck4bBZE0/Ll4pRVqdpkVVOEEnMBhCdZFwrQQtLAuSH5aI+D8J8KfoT
+ivgphijkJOMjaXqu5sdjMT9+78yPPBfbI50UZs2QBKxd4tgdIhTMhIKNyCbW
+0EmCpyGuLOoUSd73iIi8kpol99MniU6wBp8pM8aGSZe0aWMV/5oywso7AoOl
+tVckjOn5rnFvMd6nPtD95YZtCIt8RmCHy0TEvXFcAAmSwuh0rG7bZ5xC2bEh
+aYf2cng5NBlHO0xrbFljALFcO3HSD/EcJLIWOf9QOhnMLppINMzI0pU/l2ej
+YxOdP9GabF/wH2hPoD6JSQMf9Xb5zw0Ia/EivU0xFiYUCRGnSax7ThMHm8gB
+COsqxLZktcPEtBVpB0E+T9AobzeZgdaERjg4ehhonbNTAc0EEgQBeMQ/gNxr
+GBQeILIKmRavDKBVTGN0Q4NQzqPTZWNdUazwSYVhDqXadnytlHRRRL6+Jw8m
+02kmm6lZbZC3MTCOfdOQr9F8etBUVki65fc8x1h01W5o2mX49TW4Lxh1CQZk
+hGjHM9h5iGkqxXc7ZyZZcvyY+TtRWv/rHzs9f/Kmudif2UNBETDWBcl1MDvy
+f1Ce80lGdhlGFTKd4ApEUKV38ElEW1kSLYAMl/E8X9f1mdssYUnmHkN1C9UP
+TdV17uOLcD42iFUMCSlbPJAXIeJXeeRU2lA780zLTBp3GKLpkDmMg0k3QFVM
+Us7glFv1OSsC8xVqm/aoAVziIQt1HW9fal+MzatsxbbWCQtvfGVg+DVSMOBU
+ZV6ULVY7ZwkhXLdBWeYc3VYibrMDUeACe8d7xiRkJ4gXyTYtIrWxkjiqcKKv
+rJSasO2DxqBvAIL/9V//BeuaZBncoCr6t/ib//xb9KtaB1/RbF29bj2z88+v
++BK+djUy4W3qcqDVaG+vmu7Rae597HX8dy74Hb4/998DfOk3bWnnsnd8cfub
+IYcKiMDNiRLHwQH3zD/ITIVBCz8LFOA1DH9yEgHq5YFrdZlW/Rq4+Q+LVnsi
+S5l5Us7R3tq22//LYfdmzRxoZHwJCBDQyjtMHXp2CQSGDl00kLdRc2FBiXVq
+dEt5hq/OfwcKcK+iTyPz4CabxXTXSg5F+bONLdbbH3BJQoWy81ksk757Y6Me
+FaGZvs+7L3SjNH99rwqtOMmtERy/kfGEcHiSaF+sUUwESxH+RZopPReXz+pY
+cqhR55uM3YgPHgQs/yLPkDB/euDxfBDA8EPYLEiseBFsKED5ZaOn9d2iuu0Y
+kbVxeVZcGPmvb6yX3HQ+ZIDvaGeEOwK/k6ZobS/MhDdjoJTCg92+YPZ86awP
+f0A4XaHbG7YqC3UKf9nnICWYvQPSXEcsMaIyYhSF3R6KGk0oWgOzFfnOnntS
+X2/gb5A2MdaIFwc+io8QmaImUYiA07ofHdaaOxazvICHl6YbgBI+90DZo2XA
+uLDsiQxsX3RqaVqTannS98Ca6QoS8V4mH9jtSMZrkcf5kor3e0buADz9RiiF
+Li9D73hRoJvPhk7UECoSx3eDFdK8b2VeOnd1QsEi+MdnGHTVcLSPkGr8CcU0
+x4qO/4IRePVl8pMI5iKUYlBTnv4loCGeid5SElriS97qZZVMUCpB0sGQbBVB
+RQJFX9staI9EJNcgPXxB3OurYCXYy/QABI0qcoBldL4iogCbYttvoA46NyGz
+qohtbewiFdtighz+qb06GRKfhhExw4VHKsmSN5FuLGL4gGVTAGma3TpTXVfO
+rCcjkJGBFX/r4rySEBOWjnoj84M+KsfYooYiAuI5BhoYiSnB1kELv5F9Atau
+JcnhC2AfsCsT4dAN3d2wNglgFowR3FSf9x2bDgxOOSG9Wgw0ardAV6XyS1gZ
+k610CuMer9kOipAVUE3ZZcSqIbFIdpHS+6Tw7TKDvGAS9umB5yJjcr/jBcTM
+1tg3n1tFQuWS4GEbvY0vXLoXjkAvdIEx6CPAqMdL2FqyEJUcgAGv8FDBF0bN
+iEhbrXkABQhmcUQM5Qp+evBLDkcofjTGwjrvoeFQZE2EEjrOZamo0KJfStB/
+PwGgichiZtPlwdGjTh8/qbZr/MSlGf3bL3cVf4XMDb7iCIYkhgsRZ9N4ePCw
+E30OKQqvSGiJXahs5vRjguoakhOYHg0JajsVY7pGS5cW6jVSD+hCXgm5yQOM
+Wsfdt/GG3WzBmDOrNrK6RYOo34pgYk/6CYXc4eoIZmiMShabNDjEzgpUxw48
+drldYmwv6mW6DlDQ08Fs0DcvcVgE58vLh08O8fej4UGvgQxkMiVpUkN3klJH
+RZuOTScgrIGJ4yJdw/VRKxIcYw2ylo2nxOzqJ4yfTdnVv8nKOceTGGZPzBZR
+ysPEsrJPxlR41oaQOGlqYl0P5D039IYnERHUEMMBmVqOviYUqeikN8yRYloY
+Dh9KGPa8HtN5vRM1X4hNQRr1Is8/mM1ayCshxqQKhgaIOtyrGR3xZgIgTtiz
+AxfzropZKvbu5TrZEnuU61iaca7xp+RYhsGQPQYCtIjWYZhVLXj3XqMuLe4B
+sms3KC+zblJpmTewHSuqaHRttoowbm9LumEUZWz+847uskIT95vi3dszCsKB
+f/UYt3p2bHZUL5YRPr5Lus2sQDBm9u/MaDZZC4VWS+uIGfynVfH/REwzZqb5
+l70/Acjnf/nPvgqQuqhOuRmr+CxWMl9exZibVayCtLdE0vFQ0OargfstJ/MU
+/Qt6z0GCuoQvXpVs+H739vXo3TtcsdNlUM4GnrcbmOiWBCkzIedfCOSrufPa
+siU/W2cwcrfs2SQGgvCzdJLgStkri2ZZJC2EkORbk4hzAExalslMjbakrYpl
+itWNDnxWUzU8dmNtXnzPxBVAAg07gTH6MoOPrKs2tSgQoTCBNi/SkTK0MCSY
+dwCf/xH++yNpeGhNJK0OzmGRITr+8Y8j8uihLC8CHaEr06wVC08io5F5m4I4
+U7PCGyVCvmxK72llLX2EZ6ahPVHsYJsQaEU/FS812gtx8y5BcSqrVNCR8Be4
+4ON0nixu9MT4jgzsxtkXhTuXN1yKb9vm8cuK1S/4w+6lxTaQrnRqwdLkBoly
+Yn7JSWI1Ito5p40Ek6Fc2AIs3YknvLrFs5kYZ0UBvL7eJcq0Y08OBJpGSKlS
+r3dM1sxow4Y8sV2XpUQrWcm5072RxVKEOqG8h6MMA376p390LO1IWUAZwN7F
+TohL6ciT7c9xSOOemHd++hkjt08xRkRZjwHyMPkgSMUxE0BG0NHsTM/kki6V
+ptEGCJxAJDksEPgoKRx4XD0Xica+RXGl+NEGPhNfarixDMJqF19tHM+hMsY7
+UxAmJhjgGL46L2/TTGfPabEd+KxjpSM8C41Kce/T3azIvlyovwmH4+zSZIwW
+13GC7BrD0mg7epGQasAI41QvPjxEwdFVTYXTW8RrYEnDWOokCxcBGwSlGtl9
+vVnCUU2ew9Y1qCNbAlCBbM0zEStpOUA96Z5OUYRUjq+e1MSGX07Fit83JW+1
+A3PKslCwwdxQPBy6FNU8tfGtMD6fgIQp8gOhh3aczhJk+OnHupjX3AY8k4mp
+jHbkcYcWGVgoO0mJeIRwTkf41/DILLMV+eOZaNB2UAIDiQpzYGQPa1Bw4chW
+U0w0mGcYqaxiB7s/E1A+yDgwwYwRlGU/AJaIOx5dHIQdsFDRtgNhpbMa33RM
+9zWA5VkK46U9YUgc8GktQYT4Y5/zCXTrp1Na3xCFX6FDO0UpOl1sow2oC3TU
+6FiB1fxSZa2smkSe2SIfk19os8r+uUlrxjaftAlzIHjRsfqMFtZOUoIINCSV
+YWUBEmcvM/aDU/AZY52IaKh9J0TsMbmBPaodWG/HqCO29JfAPmlviV0+Gzq8
+aYomY6T4tWXaxzEqlGpeHH+v18oFmFmKgCTwLXFJJLZiCv0Fho4kdO9uDkqt
+LHOOCvcCsGMKbACdTSVF9VtDiIfFRI0Qv9AWgncDVBm471npjCB8BhRchYQH
+fYBToTiRY25P+WrZ15Nx421lKikWZZgQZ7UHLSHbShcwujoVGbxpgvj0AC9v
+qCk4gVxkcD8lrFXEB5HojvUmjeEJkdCybe9oiddQdQ+8BAsxz9IBgDDliUU2
+rkbAaqFpOSuhJnlwHVZGlOZ4Dci3627gViUnR8OVSSn01ihRXRj5amyAv3Aj
+F3wnMktH6MQ1aFlIuNg4IdGT6XWZ3KTVFqPPJsliQpkH19McJVvCSCAd6YhB
+q5QD2RNK0uzygZPFOhFT09GNdQwg3pxBCehCnyDgbvNsShrkYkGBu45J8jPd
+Y0ziVgpVpDNUmQs6WwUi1vMgIMKFqcHvWOX+kgCJAa8XHu/1BBkS/72gELyW
+vsNORZGUCb09T1op3j5rzSAjKYx0m+Wb0lpEUzW6Hq9MulyjpEJrg0vI6RoY
+xmKKPJelERhWeX0NHnqi9iSSGSoeNhFKhyjlHj3HWP4zGwH56QEG98c2JPIL
+10njS10IZWAx1uD5yIsIU9clbgHjuwEUKSCWaIucWkA5jFSoZX2NLs7d1zH0
+0eOzVtDHKWk8RF4m9hzhaDr4XGwNRyOUih4dbopFDJDMQduL8YGOk1475TyJ
+D44ejVaH47/Nfpyf37x/n7yK/zn7+EPxtxfJm5+urz6WxcnhWbn/w7B8MX5+
+dzKbdSS1EN6ndXkGM3ct3cUHwKbFBFYiiKLeKhQgjl8fm9d0Y860dA1A9yWO
+emxHfUvYX2ztJZZFd+wOHj457MjnR8MDWt+99jk7AmIfHJ3n/bJfASlfpJRW
+U2IdDtQdvI3yxSHr2nTXbGiSA6EVA69COJHoliYflCxcvjzGKXV/58+P+vTZ
+UHM46XWBKFENTNZHefc25eoPRXJn8kmF9TEaWAL3AdDxN6Mbo7XFt1qOs8ga
+JAhZ6AQJGYiWiu4duZtBGSB89y3cv3Ey+QDX1E+ecJe08Uahb/yeadGsnGtg
+fuSJ/WYJRGueYGxUQgFAHFuDOhjQ+nWHpM6nxMw9aYNCW1IbvhaQEJFznUQt
+1EHyi3L8NSLORPodImJdXlJtrylCWJCg7CC/OGCiky/EhDdjFK6ETFvvfk6f
+cqIVGcNilSgQCZlQstvsPtNi43ZEosRK+sVmhd7Dio2XOrWMTjifzVY563RL
+lOuFe5K51fLP0mZzTlHDJjhJOEDfqweB7yCHLv0rj4S6KFONlIM1SfERppId
+QJOB1dc3AOjlNWXLd3qWlbcspJZlMMWYTZIlHcIixuXEM0mpHlMNg9UUzod0
+mdtUhO0y+1fa1+g48gLBMOQVsrybV5zfUPhaB00OenouGNzguPDm4f53j+Cs
+KrTGq5SOo0UgtpIQAOsGLuwJ0F8Y8CiiiNSyhRDKwyy8B6I7DUnHHPEwmu1B
+GmE5aMbyKW7AIX6FvItVKZBSLnOKoDXIgUrPpsmTubEkIh2GQwtCHwG5pRfL
+ObIMxhqft3soA4dwk32UAE+S/X66RoLw0/Wy7IxYCkmLgedsN9ON6NXw+jJD
+5MFUzCnsG0awaa8/XfMMMIgl1l5ulYZ+WnYOnBQTq5AZckGgFH9cYmBNUmyB
+MeLoFJvz0zXuABbgD318tnf+SupVyNf0xh0H7uJ6xlt44bjdrnwWGHHpmtdi
+fK0517Pqy1WXuN+pqpkgXYUiN5mBFjcx0t8CYPOUCJNzvBtZJfJ0ChsWD7cu
+npIzNoup2DoD6494btnAExPD+ukaFga30Nbj8eBEsmWJ6Fhlt0iew0dRx1V9
+g1xDpFHkq5tMQsnxd7i36JCDjeCxRMcucrmG6bjL9ReTF6OQ+X1rkiJ7p040
+/Rc5ivha6/cw8w1VgcdKaGTdT4xRRqMdpk82kU5ASsaUPRbo0AJ3//OqptHo
+SQVPDx8/Pth/dDg82qcPkSPbDx/Lh6itwLhHR/vpk8P9/Tg9+G4cHw6nh3Hy
+ePgoPjx89Ojo6BC+2R/C0PjGnTit98fDycH0YZwe3hzFjx4/+S5OxpNpnN7s
+Dw8eHh7hJx2ZV7S+EZ4vEh/Ar+sKLXJO20T7xsj842eew4pGoy8K462yOA2p
+8p0/yKuTZD85+OX6Y359tNx/9+Tl1bNnr5+9Pnn192cfZo/jWfzjOs2+/+vy
+6NGhbBcp8sh8IjMzbwVpGJOwg8MjtmE72uRIkyM7/AgREI++dPSAYzbhARrF
+t4eDAxS/P9f8/5g1h2iqEQABSl4IpnlhAA+MH290ZfOHPz3w04cltLkekCVv
+vUBuLrGNYa6LFpqo/LRr93q9fk7E1o3hcF+KWTSL5aiYwiZ04XL+GKIlZc46
+hGWX3l9qiEgYCRL5xj6OKhE5locRb7uoBVh74VldJ0QxtyptjjOx0zXMkU9N
+tzMAIWcyT9DDxgGUxxoKV0pFqWRnGJzGY5X3h8PVQ7X8Qks2fE0C4pi2RN+f
+Xpm9ZJ0JJYjJP0LHsTccDKOXeVmNjHxHSxl4RCRqiY1Lt3+dj7+fZIPBAH23
+g0FzucFDaNOAhxqhcDJNEAqn0Xpk2sDzZKyzIXF15wpHRFEAOZVFsI583+Am
+MO9H9u2d8GWsWhAeS3ixHMy0T+bgCKMRt3yWigVfRDzR/GyEpDg100JN8Rjs
+/aW1odG6iljIB2y6zaacHyF+XmurXouaa1OeWb3z9SnC+7MbzNFWGOGbN1RH
+LAx5Q2y0q/Vsy2wrBowoLHzlLknmmZq0orojSytwLBYKhql6DqyRvfLKa0Qy
+oIwTFh+zEZBa2rHmLv5DidWaS1wgK6cU6oaGux9sFjiZu4L6DUQB30iFWMnq
+wCOEk7sva1H8aXQSZPDyjfWwqwBnNfKRWBzLdQRAJKuavKJ1ZkiK2JWxLw4X
+gFAzl7sfUU05Agd6pfPi/kom1nCIEhMjVkQiqJpv/AQZzRdNC/WpIT0kb5E9
+pSpSMyPC3IGYvAiumNQMdc8q1M/J95hmTCJXUeBVl8MOMUPdT4xS2QpvMYtq
+3lm/RT+o3EMPV+x2JVMHxuq7ZHvfUCWrjsLIv9ruyipda9mdK0Z8rHAp3o4R
+e3DJH8M2azUAik+rFpcqST8UyURpVl0N1Al9EMSNSBDrC4TodbmlDrDZTd0X
+01N6II5gL/KcpRRaq/qNuCSOi43X1TNlQH8txbyKFZ0K2+AlGHH55rpZHaht
+Wbm4croPkQsskHBLjSpkws7ODXLu+0TAmXhoAN5tV3DIM7dbbJUXHFYp+tD7
+jEJsTrIWeodsPUdEfRonJXE4ImWzmt4LJ4zhvUqXIPWALvNGbq3gh+fGxstN
+sPMnkkB9o+GMM3Jmi5m07ggX05lWjqIB1gusq0ZDkMI1AzXbOozZXVzli5Ty
+3UzXy3ofmYf7RnTw3oAGuOLD6BMhJgrISx2Z/+QfBrAY8yeQj7LFlH7mNCOa
+6xrnurZz/afGBdjJJV2O9Tu3PBohFBKfopfXxqjPNsCggYlSQTbQHw2aM7A+
+sECaT4ls7CC9l1ioiEs0ok//JHyWHZ/ZMimyxdZ3VBopilKrGdSVs0oV/xsW
+yF5fSqpw9LldQTteAfJSIXPxqREBx2Sfvr3oO3DsEI0VzK1IfnvhCg4gRmDZ
+QY+KejxLDfMSKQ66BBmRxUCrqASz/qFkCiEL5wR7roVZ0SpY17nnHhxRYSmX
+kI3+XI58ncCKL3zGacMVURR2zmbDNvYgjxeJYF7P/SXqxqEmibmhWuO2dlfh
+l+ZBVzm5yG3NH1rqg4b8YL0vdfV/XaabaY6Kg62AUlpM8diFFdUkhcW9F91s
+VuzStX5XkFW6ADYQRyfVNeFRv/UW9TC1ZW/PXAIvMsORx384RAq9sTdukIGG
+m+HgAzhNmmAAfKI3EtgAWgMwiiIvuhRsDkwtZAmdXuTNeWAPzl0BMqEqvfNu
+Idlt6OHrjMgyzk2+WsqA4GH+7K12llZd+0KPybXFYSTBoBprDedw5b5zF68f
+EWnQu82/mV0DEr36C03PpKsV4F83XYr1sJVKyx0K4fZwZE7oAtkAEdNlllwk
+aCeg2lLLrMJFYiUrZJ5/Rlmo2yNHWwmaBHwA6HtNFzE8UNhRgDoyggTdNf4s
+k4/XVPkNnr620wJkZB7MaMGNMvPUj+DCpW1Yc5IVGClQhIU7xIbO0U1s30ZD
+XxTZ18vNBGXOyF0Htzuu+n1NG7QHWPp7bNuabps2SPMTmsPG5JsBOhK6PTx2
++0jbls6Tj9lyA6qBAKl+Sv6GWvDcrXgU4hx+/+c/G7e7GnohiJtvZCtdvz6O
+1zpbybO6t2Q6rd+e33LHAJ3De9ZAvebh1BFwB97tOCN5+uvxz4MYf+2Qiku+
++2aJUA1Uw0SN2l9Y4tyRgIhJ7bYKBgitt4jB5Www9gJVHtJ2Il8e+4NqiKXI
+P6yWfeRaIuZN9wfVMH8Qi5c0HaJwEp1llVPRZBTBWDHWfNfWqTwVFSZ9gei7
+XVOlOVcVlWhPOafwQuRcmjeQlVF6g/1I8FQD7xxc7CxZYH0WLUuB2m76sUI/
+N/n3gMzlBcZYpTJiXdcSLi9iFtbrrN2zqH7PQgF1uA9/GBgip5OgT0/Cwgk+
+Tl2tn6AqxJ6SY8WOyIotOz14Exy8MSjjX0m+trbYHxZvrJcUFG2sobKqHEWh
+cB0vSQ65KefX/eB7yz89CIw9rAL7D1yovFFP2RX1p3QqcBVovWG+WxT46Enn
+rSdkAveTLOndxjHYMaJGIsYIL9euL5RpK8WtYLsuXwjPCAR11ArQ5OUbdVn/
+/KFWq45S7tTQ5zKlAJPrOVqimDUGoFTptgGQEnJWGtea5PBzqoJiymaSmgjl
+dvxUEtobQ3vCeGI+rPK7lZQvZMCEWVpSWcZzRddKCh2RQxSWkt76OfJhMhgb
+EWg5ziqiJ8hytj2CGtzhXBnTjwYHMN2jFhBqMvquKVHmJp0IgwKYdt8Cgk93
+7mpHOJFKuKx0wGx/KGkoi6uwAb/Wuj8mPPpBqh57NTxt4U3xVk5S7saE9l9v
+ZDRm9M2bk8sLRl6465JExVOMN1i31GzWKMtTYtLjGia0IxllUylHqSVdigbf
+zMd/Uhvaq2Hgj9eSnAXvsw2mVrzI4WqQrf1dfQ8ugynIYtEkjT9wRoat6U88
+3eX9cLQxDZIRLSJTUF8yEcqNch2LVyzcuMEbqR5JSQHbEpn5VAzkNmWdj4pN
+jZJHo3kN1pbAkRBhZGOSLTYYSYSvv9f8ApuJIm4p33LZ9+xNDIRg74y8rmQi
+wQDgO9wfBPClKCoJq9XgUMup9A5RbBWprMNh+DrZhcJ4/pVNGABiwpMTjJKS
+TVndkEHb4CZylJXzfAH02WPAll0LbF1WQ08o5L3T3mzI/E0TB2x9hWVTuUr9
+yjNCmQQvjMt5DJDBCj7ZEiODcrUm1YxJeBeHBxZQ7J8Qq7eEXXTJytH3fNd9
+CcHHsBimyZLKSRn86WIRs4kbxwaWciFstK7/Ex2tF5HGd4BNnHGGH6c1UUQd
+RxCGlW7Y2sIVAKzQQity6Z1+oRyHhjCNWJsa7Jw9QrsNmBoRFclFsA8s8tlM
+Eu1rhc6NOSVxXZMgIy9CioOAUcalm2hRrO5BsnXwyVWq1jQ6WpVAMy9CFktW
+LvKSLirLO42iFuz5AokIaWdQrsTlyvi+MJfDZWO22DpNRJIGONx/aLogUI+z
+KVzuHqos+D5yaDgqToLBwuvWcY2yE33Mgo4MMoy671auqL6OYyu7NHOneTMS
+dczrAro1zqfbeumPxMAWMIlJVCghJfCThG5FLiybDWb2SNpRhWTiK98LFzGU
+bIivgFNcdQRimyLEWSL1s4lupERmQ4h1RrLdRjO6y9eArGgEuf4F62AqZQCd
+dofySZxaIjauMazI01fVqsaCLYtEXZFWnaRqT6YH2vAaH8W5dQ1q7RFKw2+z
+8YF/HoCkav7HnxtyaWB/4EvY7Zwx1qDi5uQFtp64AUFkQGuCyKh41uW1FUy7
+7qFe6xSgL8yzMRmarOxhbVavJM3fCQSRiqYIPABAA55kWZBJP7BpAQ0L7p3A
+gFdbzLsVCcK1EgadGlDtCfDYyGwEGeAAru23jaO7xxxhAuG37623HWp6MPaV
++hopwJYabpCMyyuFg4HPr+UzD0r9Jhzb5730ZGxrw5bx6ktwoiQsdUaVrSNK
+QoVjQ8MN/HQNlBRnax6Yh1uArPDogOqMtCzJ5ScsQYSm6iHSKeyqviIJdFT5
+FOkliKeSzkbmJzqoATyns8L37QfAQ1kJjif2RmxAQ2Q/MQQ6QkGvk7WOJ6di
+Ai0zIvHiR6XMO4clUDcYqRtQn9OT1MINwofoL2PhhaLLuu3nrTKfjNIAaIKZ
++iCjkem/ywHzuSGJTbblRK5eDcjsswvWYGI2Cs/Sayv77VwXJ/DShOSuSWZ5
+p2WOv9TnuM/CvnuaYCt1ONSEOTHGqhBt/rFLtvvZGmb52RAValZZXdR5xvm1
+4aTsZaAf7eLErUMiYVcDIZyvntgyuaG9KIfAzh84hiwH+hoDa6vXqNW63wr4
+mhDLAoCF+nEos2IIskSqZDcah+D57mveqKZ52ZmlWYzVrfacQZfzhwKLbiCn
+eHWSdkgSHCQZlKI8s61TPj1oNEuR2CCJFPPDCkA8dzW7A0FdQu212nawQsrO
+zssqnucT+CVZbMuMU/qclO9rWV7jnHo7NZQtM23oJEjI0dF+jY/Idsq1wUdh
+TKejnStC08TJgHgaQAUi6k6Sg8i/bbPGSP0Wr5o5agcgUmGSFObclVFLnV0M
+B84oDljrvfSD5kcMjhLjXCKKYuO11Puj2PgplTclhgl3jfH1fs3Ce5WpUPsV
+mygPLpbOY2+DJYaRV9mkHJk37PVUEV9RxFlWOXiDUHyZT9kcRi4xyp4XU2YY
+GSKLlFJcXO8Tvdx55YcrcGsMjQDCXnhkhU+w81Ne5SuJInNt9wyHycF62a2g
+JeZAvgPxbkxViUD/aq5BMwWtNwAvJFoZkwUbVrhJh64CjX0UT0QWFrGFnrXm
+jgZzifbS0nuNDX150J1kldsJKRWNpCDuRKXGLK8uCSXxSQdGgP55WnzAyNQi
+ZRtdcxXj1IKe7ZdY3lkbYNYrZUQurk66GOZk3pdSpUUGii32ZMkXi00pFaaw
+ppY5wfsBhAduUEw5OVpVthRLqwsr8LObblOXxQOPLDlWhOKq5/ldrSlMvTx2
+0JrX1FrzXmEiUCSRu/7YrJHKiUzKp9LzQRbp6jndYVZJZDVQl8hRS5oL8yLr
+7Xii9nY8USQpMLXEbdtKQ8FGbZXGY3TC0C6ZjiZT17bwbOXtoE8WGA9pOQ3K
+EhTqoBJh0r76IvwiBJIvci7duJ9TN25z+fzVCYVuI15E0dmKENpv2G3K/Ka6
+41QVyocjcuhM0l0cotePjs9szfQSY2Y0wtbFSs8JEchH4IM1Ug5jtBBvAVQn
+YWoN6JEswgwq1zQz8htmBh0yrQ9gOBwM97spm/uoq+b587fwvSwgCnoXa0KZ
+DUrSgFR/52o7wMOyoNFCJLVe5wOOfdeaml0svA1bwXherAoKdx496oQo8f7+
+kCx3SYGZJvCVLbSAWhO8ce0D7RpRTjqxmGeme4LRPd+jHQWB1Bj6wA2tk4VT
+WM5yDeR/gylEPPSJ6V6hAYp+awz7sDHsQTislBS/xtyu63IDursO/Nx0n2Ez
+4R0jHzZGfhiOTJ2IrwVTrhP0glAL8pcbYHrY3Iww6Jx6nhX10Y8aox+GozPm
+pTo+fQcff7JZddfjLbw8GAx+/oyZYzb9a5lWCYoUvUD+k2SbuJwuJir/3XcR
+OyrSiazqBz8LAeNwZ8Ik6z8OxYOIqgZJdx3uyUFv2daXfryzfRWVBMAlfo3C
+iwnSRiFMBYtU2J9qNirmk5s5gV4vL7ebK7BmEYX8LbYK1anIQfScmOrCoEUA
+JhW7XOURUQ2atPyQrdcslhQpyRcSCPfAwN0XcZk4Kg721gWXIyyi52xVTUy9
+7wy1n8cBBJq2Z0vpdyojSOwgA4E0qhQh2B6TGY5/JxtqtVXhJC1dEx1s3RKk
+6ivDjvzaPRQ03fMqiPsiI+XZu61zfIalYwAYScexJKe7i7igRoOl9m8jS0O6
+dSrReOYh3oX6lW88dWi67de38eQRKKPhVeyZfxCeuSTR6c9hNto0iYWq80Xz
+MAGwB3EDz8yijIbPFI3HrNgeKgUWKxDtKX2Yyq04RLUXjOUxz8HMpRYr1zqE
+WeZA6qQ7IcjKwDieJ+F1VznbufHz8ZZVWkoRPubrB1phDOPHixz7tfj3DZOL
+F4qWfb4onozI9jYyznipuLQyLyY5qFaq+dAqhojaaUOvcaHaBxpbRHr5UdhO
+MGyxSID8EhcfUezGBstYzpjXpVq7kll4ZJRWCt2kKi5IzcjrFnTg1GIZa+aZ
+A5rfCgjHq1X60Zydgexv216qfJBofNUkTbzOtuz0u19csrNoc29zDLiPctTw
+ALtPUDtuQDJ0XVFtm2TNU2Rc+zfCzr6zeUzCOohc0lsZnTb54tYZn1pI1T1T
+H46YAE0Slb9DLGfcgrlzyhCdzStDDq7StldUr5VH2d28KHe+oNx27Ml1VSQc
+HBBKnTf2gUoeUOpna8Zr+A9tPqF+R7jBfuThUpg3RtwJhvPuVhvD0S6jRnrH
+2dHEdMR8kzO5HbulgSM3cE3Ye0tHZFf59eKeK2SFG70GBkpuw0Da0xV+u6Qn
+/gfP9uNEPZv099+Q9AgoAUHmqgZKjncjgm1W8rXE4vzsxdnz+Ozs82fB3/a+
+0V6/+2oediSzdLbRx5bSgMUjqNVxHYfku/T8zdvj2g3maxSs/QwLAE6k6oDc
+6/vJwCu5/DmW059IjZIlYjFwFHhjWoBuTcvn2+8qAbRW6LmvFI9T0JlkuXab
+v7EWD/aJjzwlvFwqSMuwc7PXdcXPPuxH7OPFrukliWtcoTHj+qYaNAAy1IwY
+GhWdoP0fu06UAECsbT4pAShUgFR6wBGhWdgvHYGxSmrz7tsEULn1mJRBZNUZ
+B1tl2ICkgIgXOSO8R1RsgcpRnXrkiD4XC4A8oMLXE481vHFd4Ms+vaASOOVv
+IBZq1eciOqVHKy4pV/srCMUO+pMUs1yq93k64QUX+fsKffCgb9o1QxumoBUD
+o+iS7gnRTTmyxgRfVAn5uK/1+MO+TBalhMg5BFTixgLXRVIAKqQLSsek7kxo
+KhIVjQJv8VDwhiIkqYQnS2jc0DZfufOnaiLAlIXwShQ/ja7pngg2rzwwDtev
+GeJQZgG8/QOmYLIkQ0ZBjR/SET2pT7oHUglpMt5zNDB8TWoNZUxpNlNZsxNq
+Mz76hJ+fBM/7bWhhZbMNYJ/krFGE58OjowO1ZF3NMdNQe96FKU8Vf5dMKNeY
+mwbyPHTTsEsfKqVIK6SpS8Zfy5s97n3KTWVrMZ+R9gmV1M+glqQWU6aofq8p
+NBJ8pMKgtGWlyv1sOCio9WWFbXeoVYybmKouhW0crSc9H4dG3/pAOKH4jsTc
+XNDQGpFYYf5TJaWZyeS/dQZ/0SYjZ7PnIsDVPN16dmwV+VVLQJ0/W7N2fc9k
++lDqJRtGZDlPFjgLLFayp1vagtPRX2JRoWMqKoRfvsJ4eg069woOYYTgwn73
+2WtmH1Ql0sRJmU2DqrSWKRfJZm/tHVfyxu44avrwKosGPbMo1d61y0LfDMmp
+igEYfVZDwgnVOmIUcm11BZdkBRr3i79JlrjGLSV+MjtFMWVsrlnlVU+7sEsF
+t5391G2zs6/oqW78nuryGhUxlJ6A3BKwrOVNk82ChuIKm1p8Qkf4qn7ssmm+
+99/Sjr3+cNTWjp3zSABxshkeBReniHVh7jT6u9yetd5sHd9u2ImCalGmq53F
+shUX9KEadbYxlqei+7W5pPYWUjcs4Z5VYndmcZEpM7pKXuZ3mLONxdE44I8L
+1bReABvDUIwkTwXj4iJXjUuQZ5LHfkMejb9Uf3kofkdWk7RNcL1iHzYk302i
+aBb55cW0uNgxl+j2qtfTncGVekOQ7XIqATMIL7hmayyRTrUIgfmlqxlaYdpM
+HurlCemIV5NMY0WlJlllq0ruqE5mam1tvH1xDhR7dPzCA9IMwLCFClnYhJPp
+VxE5VaR6ThO1vEJkat31EUi3K+WgXQinrURp3oT9pS+Ab6DciilwpZAQtph4
+5zkucu4ARbkF1j8jBNRmv5daSGQqblymxSTZYAsQgA9ceFch32X41JpeS6dW
+fh3FkEUy4Sa+/wH3iQ3PJKLP0F5B2ueISnPTS1SBFXgra4tShlSaonBtQTj9
+OUhsttAg9lGTFHHLVF2VYX8Sz0OblQ3XLPPTduesqTlnyaY34zQ29VsGUx2L
+s43LnFCQQNB6kwO5yJ8HOoRWBifBjkrEM97abQhjtbG8fmiKxpfs6AypLXT8
+5pCc04KBqc0yV22NvnY19IrEsu4sW2HDnlrF+bDbTOTN5Pk6wi5/as3x2hEk
+q20kYtvuGVpSiYK0oS+kDJluSfUg0rV51FYaqccB8fcFV1NU1k3rKvwV3BM4
+n1JNFvTMiFvbj6CPbAQ9LqUtvQnZm1eVgJLrFtm4SFhkhDFt7QbrOTCsSd7b
+cestdyY4JlEWSZD0GBM8VNbIVT5r/S7KWqrGUewnfVR55LpXSDlfrxcCC8+a
++OrnD2npR8zZpEeBRW9WNsDSxlWWIxtm4wdfiiYeUUsk/wTQoMMatU7qZcVQ
+1aTUVhOiqkmRX5eVbQtoitRQSgSVRhpvUz/7pmmhcGWdXPyD7E4oHsW+8H4i
+n4sFJaTEwMEVGEg5SJwzgAqtcBmqsJOsCK3I1wAeN4uEUjW4ZnJOGpVdzS70
+84KOONU1vyFQoUgbU0MJLncvsRLY8Y6yYGVYZc+tXSe054Q2FBatd7rhxuep
+H4bRVkkEIy2cN+Y8m2K63YWFaiiM03omqSs9yI2erZI8kAYOWk6cnuPeT8zN
+rl5dkj6B/wJzXPEkpeawUXRC2LkvkpRoDMHT7GhtF/qlZqL9yC7U6fGZa+jh
+FyoxnEFyznk2jr+UUnfx8AD9PDaYasUq4Iqjh9CAuErhwmScTmhNioLOU0DJ
+FSwPoMy1G7gMruI1qzKvLvcILl23aG3KKpQFGxehRvAhpprIoi+LlRaYxR62
+YO3W2ke7MXLy4XL1RJvwt+IubZy9oxYp61KjPqy+YuV3abdDB31ZLetD3ZMR
+DIUdZ1OQ/KlWbpyxGVNUT/J4q52AbiCQqFkaeSSFU//gxoidtbIZ/NowraYi
+oXYRobuCgL4jId2WZo4XpN5baavA+t1cLhwDogsulAd8qTvPN1wsbppgAgzF
+gIIgNy/J6Xnh9ug3ECRxlgSGl0kxJWectU+dk+MauMTLy3OKYEZvJQi4cJNJ
+bsfnGGgSzEnGjaBXeRBtCEqOFDZ36bf4yjvsJlRuUHzhmAoFf78pCkhBQ+TW
+4kT0DQXUa5uSFUEzky5dmmGNfjMMfqeH1klWqJrvy2hJYzhuzxdUzJM8NhFe
+RSbyMoqLlJbKuSRw2AAc0jjVzI2BvnwCkUfPw8pm2FfAX5iribjY2hRrWF8n
+aknZEx+HxCYSRF6QKq5NL49Vr2yYVYCKUIUdQPIgi8/ltdvmUbVocrHZ14om
+UqkAL/lPMhidsu37ExYSoSY+TNZXLYsDNVfsPYlYFhxZYChvRcbbqtoTJk2e
+8w2kayaCEV9BT8MQ8BO/TJuaSlssaWS+FE3aprC8b6rTI/POprfv0lXFtqn2
+jx3mD9Nq/iDDKunEYcTuuZ5A1gQE8lt4sBTpQ+5borHpE1f0C0d/s6mwhsjY
+9skcUbcGtraqfs7VdyWYWXQEa0SlarCkrIkWAnIGkwULwzWCrFgJmj+nyiVU
+rZ15cxTdk2kp1H1TJdYMDUf4EV1tQGYjjqD5mC2pzZkZLjk6FAfEgDVgmQUW
+MhJCSV2psWkx1iuB2xB5t+GLlWBMsxJMtLMSTKPSG1eH18ovUuoFvRNSbA7T
+QGyll6ZMKGiMZSq3hgwUJOrT3WP+eXxxxswV5WjN0XWdGwjEtuNmyfv3qYEr
+vuIVDSXD+I6TsVVU7hJu0wCkBBgaEhxscbASYkjZNdKZ2FVUpUYSghA2Bscc
+o+01mWxtgKC4hVyQTpdUiD6n5/cYpvVaZ4PoxFVXDEsX0qWgMnt8DaVhsq2S
+9stmOtM47Pv4/HY1mRf5ihpfUCNC3blYsF9fXfT8Tj5c2Cf5cg3I6J4akBGT
+gpq9KIj85t6ZvNVynXjFnNm7o1y+HiAVbIISSmyrbgrJSSWLPwpXi1jkTS+1
+Pnzu74r/KQPVOCOx0ShEKH+rpSYmKyEOlBGHT1JcoTN+1udFaoTFxfMVCwhL
+wlddtRjW63jDvmuk1PVCuogo+KyUgIhaV1qregBqua19oD1gmBnXCq5jJXgs
+fgTIRA5GLjmp9kg6qWWtUCVZRxZY96vRHYdQPJKMkzQoCY/V1nbjtTMdcHlY
+Lg1LtR1doQmDbaHEbYYKmC1gxehCegzGSDQLXdq8+IpC/rmTWSENKgEYcFzM
+6aWasRgMvrZzDBlWI68dDTBA6kjjXULvRRQ0/d4y+U10ZLhpDNuuQFrJKceg
+1qyITFcPWDafNB3C2uftVMKabP9OPswVlXXm6qac90/izLGvX6F1qUtlZKQb
+MFO5mhqlkiO+7aeprPlMuy7FsueViKA4QhuWQR6iIATya6ir52iEKZWae8Ul
+eEvsA+OuX1g6znXt0vSOrlgGRF4O/SpG3WuYT+WaUtBxuvYSPZIFRVzxxAS0
+hVgjoo9nVECLdKscVMgUm9B4bdD08QX2s8XlSxbbFt8AcUzlD4l5lXrIrgpG
+9+LsrOeQ4DxbwZ36lyuAXiXx0vvs8042L0+xf82fQQvlK14NIrkl2t0xaGlO
+rEotYtO2ftGN/pO9oD8ksX2s/pasZhs0cfhIhj0JgsYwVsTttl4cfJlatjPZ
+xhqVEQqGK5ZpOcKXM4QWtjQQRUNSkCBnz3GLGw1sJQ4YyWFjAzm4uW1zEybb
+eAtqwISY3A4bcRZItiMi3DFVxlQniyqhVg/3Y9R9TT2h12LRbOB77p6cVBF5
+hVzFESdpc4S7xPBryGpC5uvlYBe2aPQHEGa6RKRBVmTVpY2LqK75m14bcQdP
+L3FAevS92Cz0/rpuknyBu2EhLHF7y4UVzOxFDZOF9nJYbJ2cLEoLq/LOUsug
+i9QXhtU+KMlT4YTd71YpUx5RSDi9kAU60tNAaY84kFrH05X6VEiToKl+qFro
+LSyOpSZqk+TdKGkBUVt9q1vzT6Aa7NDhfBFdcBQerNo81TSoiOiZHPxeA5HS
+3qesK+NCGiUQxOkTVOJ5wB0tW7gUJugk5gp710o7y0RDDjKXK+ayRQrvIdWR
+XUQSkVfqhBupp9dNUHb07W3NaYiLA25Bq8B+ZtgEUArx82IuN+PK/zKs1RJF
+b226sRZlKfExrMASRW/WgkxtX55irxmS+QLY4ANPxln11MsnTqhbt62ET44g
+V9VO6i1GJqy42JdqPvSGDcQFwDXa3QgiUrxus+NN0Ovmsj2uDBeNlA+XsyNU
+zQapaVKnnjCqmojFRE9FtmiOzjC72KgvrNbIeWQCrImiY3eIYnTlYBF0G1tU
+wfeaDzpfmos+IVEZcPuuKW5KFONGVHhpTAMg05YTfgJF2NbM46u4lPNkBlOw
+jt8te7JpY15g33fLUvxvznGWKgeyc4PPEKbikbpnIpYaOLVkibKXBAly2Ddc
+BWlnebMpiOvW1nQyLzDSEnDxtUYq9w26Lv6njVweYG2mMyUEG3RE0JugQ755
+jTeEXXsEYGJ88gCv75h40I6pQOEEIUA4BnEwevLs9OoF0RC/0RW1rApICXa8
+ou9in3Z8/o0UJuhqpTTm5RalMzxx6rMFugZ5ocjN08XV9WRd2NLXtu3tRK1U
+iJ9UStPoEAS3jwpa4pcwK8CHg29rpRx4V40r0QexxO//xQVjka6wgbcOORZc
+fhfISaBYtuJWnKQUvU/HUtSWp/8Shf6Vn2M46i/PnSyInzGqnFhUgc/e2saw
+v0a/juI4HtHf3o8j+AKo+hQetrHErmsjfIrIBv/Usr1xPBu9DF+zCrRHccHE
+Te59EagsfCNF47l1jCcZ3/uqKiL4FIlGJOi/lE/0vfbO3jyC6i7w4BsWqb55
+CET4X11TXWmWGy68IQH/SvHcVCtFPtRw7h1YSAHcF40+j/KuxlRQFzx+6LmG
+5/3ADM2i1H+zDTKok3FsONcDhTPmCYgusCWm1+n0zx1yMHT4YoVN24xt2tb6
+/JW6jWGhk3mGTmzU3Bt+YvwWAEkVkp1/OfpWB7MV+tCQZH2q1CGBIbxZU52+
+jHuNsdiJGaXolVSHLVC7OxDpOxjplYkFmbjkv4uKTEVlsipwq2jQKyhr8BjM
+sEiDROwO+WIxstCNB+QGngViMUtFLUy30qdrZVcfY5ebuGahsJFyEoNSY+ZR
+kN7zBhmRORjsC1k6/ThheqJ41iHtltC0/RTJ4/7k0XcPAcJ+l8SdI9vzQnc2
+4yoFodjJuscYYN9z5avwK++yKH6LDu6p3xonv+LSi0Ry1Tpn0w9IQIkwJH0m
+NwtLo4yMninGkGCaFDpx5sniBik7fLUcdDDwAc+OfBJixio3aLXPJuR1Q9Uv
+XVJ0TcLD2rq+JAwsthGWuwIy2KVcVl67WNlsMeEEvdGgQmJRX9kJPdjDwGDb
+Ri5w/xtvO74dgRySVk7rR5zeUVAk1Spv1hIh3coLtXbxiKScagQTQZx664gX
+1K4rGqNNdo6Q6d4kqxjG6Rn2foG6OCOeRF9kq56L8EW3cOQcqtSL7vj7gY3M
+8nMhNPoZKyaBblpp5TLkkJ49RlNnOSJoj5tqIYdqdur2qj87XJIU++qO5EWs
+vSVxpSAv5jNcy0geV8WR8MezLSDO9DstFx2D56dwuH3EbfqE1MxBh50yXoog
+3Zyy/d7x/Wo+7ZPBHJcTe0mHMbt/QAxCC1tCQRYhIqkoL3VWtIo1po8upIgQ
+37urj6uYb3YHBKLru4VeQiBHm+WG2zmxDyCJnYaFMdUYHa8Dl8aWoWBUF+Mk
+eypotZ5KJz6AMi2l8U4QwEPCPawzZtxkoHN6h/Whu8XW0c2It54d3XRr+bKO
+WrZRUgdoxhy4SA7rKZl6CajOjjm/K7sGTiUOqnATSpRMKINFPEaUCXSH7og0
+WSrHK7lDpwbtlS7kzW7IOmwiLgzv1sTldwHXx5wqzptD5wrbo0ccLd1+JBR3
+Z4+EMmrw0K0hqYGB6l32S33LGp9iPYBwFoD/XSJJ9TzyZsWMYmrNLX5G0FlV
+J2ASXzWDdaBpE4gVRvQ0HcFYDAspDhbPCjVX0satWCfVN0T1tamsUZcv1q47
+hcWwOZmDbK6gb0r8tx++5bU2Q6O/THI9qT52ehTs4i8ucuXOijDIUikj9cho
+UoDEpoCSzbLYIgbb++qufp2J6N3vdqSsJyNAVnpkjYJouFPj30MeCZAqzI/A
+pVjCUUOOkMdoZ2AazEbqQ5hq1JcMG2bF7JsyF5ygeHHQ6VHWRqSdPXihkumE
+TWw5y9HbtThjvO1GUmmcusNivFatWBh3eCchFQS/TlXNhcJFje7qu2VONCSj
+1hFjtCGIHTgUufYmeazpkHaNTymLZZlhE6lGdCIBnvlhGM7KFUGdpUSCPbyC
+gldilum+AYheUZ8AEJ96O/iK/wzs783F6eur01en56dXb39UMVwW6VctFNuP
+ipdW2uaYGr+ixTQdbzgVnTIL8hVaahna5LJjpy1Ct0SajRYjdIVV2C7mLtmW
+IyeeNxrHRmIlBjyKCa3uyyd4ageKODoz5qyiyqaRo8nRRmGU8rz27Qmd1VGB
+EYBPaU/tVut6jSBfUos8v0oIkvA8yIKOjJDjWRZbZyOaRpJwBcS6IramRUg0
+q5eCsZp1GG1FdNvOR83k+F79jNNW+sLfRO2HzvQgNLwzWBoF+gZM2NDNYCl3
+DQQ0VbMCnvisOcVCIq4K7XnId+IZxgSwbIA7868I59/sELWe5dXcAWTsRqnj
+uquKqtvhwqNRWHg0FGhVaSIerKp9pTQLe7ojTye9cJVj+rd6Uxp1QfXY5Kit
+oyy6p0Bpiw/Yq0EATNPbrgQ0U2VS41cm5f27Si3sHIhcLVITkMxGqVnJvb48
+Obu6Mt3LDQVbndCctnZmnzkdsfXJti+8b1NWO+gYEm4ecJd1oZxkVRX733oq
+bBKFejSplhztoquonJ2b+xfzuglWXu0XpiT+4lVCAkBe8j1AEyfXAKGNRZQe
+tK5K/yLqZlL1DtPlD2+hZChxB+Rui2VPtWoqSkJO4YSldHtV/Kpg9grSwfEC
+WlaMVTVYq7Y1wSiB0wt94Jb1HoA8OE60afEgekF8mApw9jnNzNkvliDfYTkv
+LgnkqmyQXMyiFiU+cWlL2+cLwx2EnZua+jXespIGIic2KaC/+RlPTLPyDBUI
+IX60uLc/NbdgY7OGJp+0g46jpNowY8AmZ03V8fubi9eV5BuOUphmcPkwasJJ
+jtyvrIsxHAiCkFNZxdsgUajyGCtBBMjr1H4aglevONnznHC84UTUkTkGu0Ye
+LkkpBz+kyBp1CK+7NVtvL6IqPSTB0ayuZqrWQMR+mXOcsg1uUc2YIWv246HI
+MIDFpmy6pcch3j88kRxFutEn2BCepKwdnGH38165C7XcjlHRk+r8NhBEtYO+
+urDFKdfTq+/GaVazzW/EvgHDEd7OidJTCWbftNAbqOmK0GZD3T2u9lC6SdhP
+6vesY67TlzhBW++ZCFOtso/YYNjjHZaR/l6iPnbaiilKB7A2fK/98WOOzOEs
+XVwfqbXhhBhJgDdEalafcAA87FN4XHvTIy/eq89pclw0mSKx+mZnU6QB1a7G
+G+3VVLg/b5XykDQDlWpiY2aqXiVMvuhSjDQd73JJjkWYx+vWF4Rru8DvMPUU
+ZCgsOr2jHVOjc3e/GWnGEKi1eISVHGnz7nsKirOo4Ro/cvpPbrIqDO95q3uU
+2IjWY4+DyuMguYwA4lSdueIyhED6n6rUxbLmeCtCNxoLnouUw6fj1cEeIXgo
+tH636COF6cxYunVgYIgEYOLQjYLt6MnmcM1gQS5RXSrtTdqCiQmgOO7L7bjI
+piPzMq+seEWMUCW2PhoupyzU3NJ3VurEUAZNL0JYCwpQ7FUtFGUHuBn/2uPO
+pX7tjpD/yNSD/glKAfKNvhDd78L5bZy/kZ6vXafwlEu8yWSGkL6tNjyB0rfI
+6h9QtBFS3RhU1kXGQd26bsrCosrya3KXsxkBTx3dxfUNH8XD/SUKaNSKQQAe
++li8xrJzLsTlwqIyogl4/ck8jLPA+/gepYTggdUjQtqPqR6NlpD2L7kfmEHc
+SKBmUm+TqKMu9iGVMFNSNFi6lYCJIHUaCCmnVodhovWWtlT+BvTQ1Qw1mqyc
+5BvEw7Y+sqhu+8sdp1RHOHWlg23sPDp9XOo3JkhRDDrJJz6cBuygtOq1q2QI
+d3K9RrPETh3BK+8kUvxymaCpq6RyDVahCsrv+bUhibbcwiuYG1a0VRS3UjyG
+z3NLCUpGoXK1ODPpWE8BseZZesvBUXZ4TRaLvCi9GvFYpglXNral5Fuqx/+q
+AOKwgbeu7iD6tOEOn+gG6YHIRQzwXzAAVrc9GJqTF2/RiV+Z4RBDAPxa507U
+9gukqh2ib6y0orVXexjBEFBgn7+heuUzAOY3YSFEX8sIilnjik/fmfPnb2GO
+ryq32tXyrD0GScNc4cUIHp/FXJEeq5SqA17jzezkx2cYIoFlGAdmeEDQ+lIt
+1rAS66+N2o8hv6qXgGyd+BCG4QrmrtKqnXZr57i3TOs9RVpxyvPsxdlzgByC
+2jNIK8CIWqOn9DYr2f7FBatxzzVQ18oiN4sX65g4LdbK9KDbVhTTUHCDnaiJ
+RGWjnKaPUn74hne5bRXoe2gON9w5lX4SO+VgecAMVbgxV3d5zKkJtpptu1Qs
+ZR2lWF8pUoKxHUrYwcuBE6tp6VmXtIrjiHMAqS81R5RxychfShTFgT9Ry96R
+6ZBkQLIxtZoeNfr30VfYPRf9ojh4nMQgjcYH+weP4v2DTvSZihvSdBfaXyqc
+CmVxeLtcowF4tLcnloABUMM9GnKPonPs9nhOFN3vf0skkLzgF1DIH5nh48cH
++48Oh0f79CGK+/bDx/IhCv8w9NHRfvrkcH8/Tg++G8eHw+lhnDwePooPDx89
+Ojo6hG/2hzz0He9/PJwcTB+mh/HNUfIofvzku/14PJmm8c3+8ODh4dEj/KQj
+04peAW/dpCBoXmNSFSz6GrfKz6C+gRU5efGakYFbnicxnMpodTj+2+zH+fnN
++/fJq/ifs48/FH97kby5vvpYFieHZ+X+D8Pyxfj53clsxiPaPA5vkFcnyX5y
+8Mv1x/z6aLn/7snLq2fPXj97ffLq788+zB7Hs/jHdZp9/9fl0aNDe5ZaCjTw
+SlJvdZH/MRSm7+OnZy9H3GQznoZtYHE7LHkFI3w7atQO+T6sYLPtHlOCNpx4
+1IYTj74VJw5+B5ywpVK5pmmAEF+Hlz/rYV2RaRZbnyFVrBXtHwwG8T5V7m9i
+Ya1+vjx6YLq1xXF3Cp+kHYxaO8OQxKTNNI6lHctOxR8XHJNlb1cLGdc25s6v
+ixolrnavNpFZTWsNJbQbDIbDI7EcBv1UbB+R+7ERFgZrGgiOCUKiABZr+4d2
+pGx9DyOZsRD9byRWyXB8MHkIqIDHiX/tu7/kT0isGC1vjuLk0fhxDFg4jAEv
+b2IPL4dNxNzV4OH/dpJFh3wQtrZB8eK/cdDhgX3VGaPCExcbrKDWcswH+y3H
+/GT/W4/54Hc45npvjpAAfRWu/RyA/iFI2e5aBl2AfgPoG3D8KuiT3tUG9za6
+/+TRt8L94e8A92a/k2+G/EEN8of13ki/Ad4e5L4AaaKye0Jl4+WsiA8PWkD+
+cNgC8u+G3wryw98B5O3NY74Z7A87P+8kWG+3wx9v3uTvD/6+Pjk6/+eTlx++
+/9frjw+nr767fZYclu9+OX2c/Ue1f3fxvyYhwToy3dYWVJZ7futx7j6eL5zr
+l2Sno5YDPRp+84Ee/Q4HWuvx880neSgniX6rkfnEboGg2AwMFHG72d33BnXJ
+vX8msdaWiYcdegfrwH/eKZt5hf69jnEoPY3IsiN9pbDy5gQTKGsGuX7dOaLP
+kakNTfz6gxuB8J8F8h1dt+5p/WPzoV08cybhx0c2YE8LxVpX3m2WRPeWm8US
+161S6lf2l3Ky6heaTMmDX9NpSh792nZT8vjunlM/iy7F/cLE1Vtvt5WVHKKK
+ma5psVWnke+H4fJW2vWLZGxM8Pm6y0POPXYt49jcaUktcV4nii90r4psBVMS
+9Nm2KviCbkzpA6JtztgtE5qXIhlAcW/GFZY9reLhyHU8sOliPNZf82ynB9Hp
+BmSax8hujips6XUgt4BqQ3GdyVrHg3bdibsHUYMdwgK/IfVPiBJBi+o6jpoA
+E6MuV0XRP10+Hc/y3MOPFxncAECCbWPCvdqEDfQNmuv0PG6D36KZZv11Zppx
+svpQkxOs2a6dpwRvfImjHLQpPU9CpedmmAKWT4iaH36NiMBXAhTx8ePJkxhu
+wEEMd2I/9u7EwT1SGUIs4CfMHPxlHNwnlNeefbhLlIiQT3g8wqvjLR7nO9cK
+OOgNQ45+rx0TIZPGXFqkCQtLhb1jdjekemCOJx9W+R0eGbtKd3pX2NBLIY4f
+SlcolC4jrmZW5Ju1JmtkhZeOlSyoszBeOBsub0Ops5XaBbgHS7OTb2SzNvKb
+ZkKajZReTd2XF0UOz0rOhZcsZr6QLNbIg440DzorJYEs+v8BQhYEOgP8AAA=
 
 -->