Skip to content

Spec v0.3 (additive): intent-bound repositioning + hardening clauses#5

Merged
koishore merged 1 commit into
mainfrom
spec/v0.3-additive
Jun 7, 2026
Merged

Spec v0.3 (additive): intent-bound repositioning + hardening clauses#5
koishore merged 1 commit into
mainfrom
spec/v0.3-additive

Conversation

@koishore

@koishore koishore commented Jun 7, 2026

Copy link
Copy Markdown
Member

Additive v0.3 draft changes — no breaking preimage change (the query-fold is intentionally deferred). validate.py + conformance.py green; the new P1/P3 resolve vectors pass against the current reference.

  • Reposition to intent-bound action authorization (abstract, PDP/PEP, OWASP ASI03; 'firewall' demoted to analogy)
  • §4.2 testable broker query obligation (the spec-level root of the C1 fix)
  • §5.1 policy validation / fail-closed; §7.1 authorization properties (substitution/single-use/replay-proof); §8.3 head-anchoring truncation defense; rate-limit consistency class
  • §9 authorization token recast as an optional interop profile (cns, revocation, Open Agent Passport / PEP-PDP)
  • New CTK vectors; CHANGELOG [0.3-draft].

🤖 Generated with Claude Code

Repositions to intent-bound action authorization (abstract, PDP/PEP framing, firewall=analogy). Adds: testable broker query obligation (§4.2, additive — breaking fingerprint query-fold deferred); policy-validation fail-closed (§5.1); authorization properties P1-P4 (§7.1); head-anchoring truncation defense (§8.3); rate-limit consistency class; authorization-token optional profile with cns/revocation/interop (§9). New CTK vectors (resolve P1/P3 wired + passing; broker_query/policy_invalid staged). validate + conformance green.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@koishore koishore merged commit 82e6e89 into main Jun 7, 2026
2 checks passed
@koishore koishore deleted the spec/v0.3-additive branch June 7, 2026 21:59
koishore added a commit that referenced this pull request Jun 7, 2026
…ng (§9, §11)

Combines this PR's breaking work with the additive #5 base now on main: adopts the §4.2 query-fold + exact canonicalization (was tracked as deferred), adds JWS algorithm-confusion defense, kid/key-separation, exp<=300s, cross-instance jti sharing, and the token-replay/key-separation §11 considerations — on top of #5's cns single-use, revocation, and interop. Marks the spec FROZEN at 0.3 (badge, header, CHANGELOG). validate.py + conformance.py green against delego 0.2.3; query-fold hashing vectors ship when the reference implements the fold.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant