Drop versioned directories and archive/ in favor of git tags (draft-00,
draft-01) for frozen submissions. Rename source to
draft-nennemann-wimse-ect.md (version comes from docname in front matter).
Update build.sh to extract docname automatically. Ignore generated outputs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduces three assurance levels (L1 unsigned JSON, L2 JOSE signing,
L3 JOSE signing with audit ledger) so deployments can choose the
appropriate trade-off between simplicity and regulatory compliance.
Decouples ECTs from WIMSE/SPIFFE hard dependencies by introducing an
abstract identity binding model with concrete profiles for WIMSE,
X.509, and JWK sets. The typ header moves from wimse-exec+jwt to
exec+jwt (with backward compatibility).
Includes blog article (blog-ect-assurance-levels.md) explaining the
assurance levels change and identity-framework agnostic design.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move Go reference implementation to refimpl/go-lang/ and add new
Python reference implementation in refimpl/python/. Update build.sh
with renamed draft and simplified tool paths.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add build.sh that auto-discovers kramdown-rfc2629 and xml2rfc
regardless of PATH configuration, generates XML, TXT, and HTML
in one step.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
