Chris Nennemann
998a7f2eb8
Introduces three assurance levels (L1 unsigned JSON, L2 JOSE signing, L3 JOSE signing with audit ledger) so deployments can choose the appropriate trade-off between simplicity and regulatory compliance. Decouples ECTs from WIMSE/SPIFFE hard dependencies by introducing an abstract identity binding model with concrete profiles for WIMSE, X.509, and JWK sets. The typ header moves from wimse-exec+jwt to exec+jwt (with backward compatibility). Includes blog article (blog-ect-assurance-levels.md) explaining the assurance levels change and identity-framework agnostic design. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
34 lines
824 B
Bash
Executable File
34 lines
824 B
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
DRAFT="draft-nennemann-wimse-ect-01"
|
|
DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
|
|
# Tool paths
|
|
KRAMDOWN="/usr/local/lib/ruby/gems/3.4.0/bin/kramdown-rfc2629"
|
|
XML2RFC="/Users/christian/Library/Python/3.9/bin/xml2rfc"
|
|
|
|
export PYTHONWARNINGS="ignore::UserWarning"
|
|
|
|
echo "Using kramdown-rfc2629: $KRAMDOWN"
|
|
echo "Using xml2rfc: $XML2RFC"
|
|
echo ""
|
|
|
|
# Step 1: Markdown -> XML
|
|
echo "Converting markdown to XML..."
|
|
"$KRAMDOWN" "$DIR/$DRAFT.md" > "$DIR/$DRAFT.xml"
|
|
|
|
# Step 2: XML -> TXT
|
|
echo "Generating text output..."
|
|
"$XML2RFC" "$DIR/$DRAFT.xml" --text --quiet 2>/dev/null
|
|
|
|
# Step 3: XML -> HTML
|
|
echo "Generating HTML output..."
|
|
"$XML2RFC" "$DIR/$DRAFT.xml" --html --quiet 2>/dev/null
|
|
|
|
echo ""
|
|
echo "Build complete:"
|
|
echo " $DRAFT.xml (submit this to datatracker)"
|
|
echo " $DRAFT.txt"
|
|
echo " $DRAFT.html"
|