[{"author": "Noah Stride", "text": "

Sounds good

", "time": "2026-06-03T15:00:07.000Z"}, {"author": "Jeff Lombardo", "text": "

Hi Everyone

", "time": "2026-06-03T15:00:15.000Z"}, {"author": "Yaroslav Rosomakho", "text": "

... or think something!

", "time": "2026-06-03T15:02:38.000Z"}, {"author": "Justin Richer", "text": "

@Yaroslav we don't have thought police bots ... yet ....

", "time": "2026-06-03T15:03:39.000Z"}, {"author": "Pieter Kasselman", "text": "

On the API Keys use with LLM topic, there has been some very good announcements from Anthroopic and OpenAI that uses Workload Identity Federation (RFC7523 +OIDCC Discoovery). It's great to see that anti-pattern not propagating ;)

", "time": "2026-06-03T15:22:42.000Z"}, {"author": "Jeff Lombardo", "text": "", "time": "2026-06-03T15:23:51.000Z"}, {"author": "Pieter Kasselman", "text": "

It was a timing thing.... WIMSE did not exist yet ;)

", "time": "2026-06-03T15:29:51.000Z"}, {"author": "Brian Campbell", "text": "

blueprint is a better term than roadmap for this

", "time": "2026-06-03T15:34:10.000Z"}, {"author": "Brian Campbell", "text": "

thanks jeff

", "time": "2026-06-03T15:34:16.000Z"}, {"author": "Brian Campbell", "text": "

happy to let you finish it out pieter

", "time": "2026-06-03T15:36:22.000Z"}, {"author": "Brian Campbell", "text": "

1) yes

", "time": "2026-06-03T15:37:41.000Z"}, {"author": "Brian Campbell", "text": "

2) yes

", "time": "2026-06-03T15:37:44.000Z"}, {"author": "Brian Campbell", "text": "

(i know we have other stuff to finish)

", "time": "2026-06-03T15:37:55.000Z"}, {"author": "Jeff Lombardo", "text": "

1) yes

\n

2) yes

", "time": "2026-06-03T15:38:08.000Z"}, {"author": "Paul Carleton", "text": "

1) yes plz

", "time": "2026-06-03T15:38:42.000Z"}, {"author": "Paul Carleton", "text": "

+1, section 9 being super specific would be very helpful

", "time": "2026-06-03T15:40:22.000Z"}, {"author": "Pieter Kasselman", "text": "

I think Yaron said its not ready for WGLC... but we should do it!

", "time": "2026-06-03T15:40:38.000Z"}, {"author": "Yaron Sheffer", "text": "

Exactly.

", "time": "2026-06-03T15:40:49.000Z"}, {"author": "Pieter Kasselman", "text": "

and the existing WIMSE deliverables on on their wayy ;)

", "time": "2026-06-03T15:40:54.000Z"}, {"author": "Justin Richer", "text": "

if it were ready for WGLC we'd have done things backwards

", "time": "2026-06-03T15:41:01.000Z"}, {"author": "Pieter Kasselman", "text": "

+1

", "time": "2026-06-03T15:41:10.000Z"}, {"author": "Brian Campbell", "text": "

it tries to be specific :) but sounds like it needs to be more specific

", "time": "2026-06-03T15:41:18.000Z"}, {"author": "Jeff Lombardo", "text": "

there are some interoperability element at work already - For example OAuth SPIFFE Client Authentication - https://datatracker.ietf.org/doc/draft-ietf-oauth-spiffe-client-auth/

", "time": "2026-06-03T15:41:27.000Z"}, {"author": "Pieter Kasselman", "text": "

ACT claim is one of the things that may help fill a gap

", "time": "2026-06-03T15:41:49.000Z"}, {"author": "Yaron Sheffer", "text": "

@Jeff what I'm looking for is a a higher level, e.g. in an enterprise-internal service mesh, can I do everything with just WIMSE tools, or do I need OAuth to call Tools, even within the trust domain?

", "time": "2026-06-03T15:42:55.000Z"}, {"author": "Jeff Lombardo", "text": "

Ack

", "time": "2026-06-03T15:43:16.000Z"}, {"author": "Suresh Krishnan", "text": "

+1 to take on this work in wimse

", "time": "2026-06-03T15:43:27.000Z"}, {"author": "Justin Richer", "text": "

@yaron do you want to raise that on mic?

", "time": "2026-06-03T15:44:46.000Z"}, {"author": "Yaron Sheffer", "text": "

Sure.

", "time": "2026-06-03T15:44:58.000Z"}, {"author": "Brian Campbell", "text": "

yeah, @Yaron, those are questions that could be more clearly addressed in the doc and should be

", "time": "2026-06-03T15:45:30.000Z"}, {"author": "Brian Campbell", "text": "

Justin says smart things

", "time": "2026-06-03T15:49:58.000Z"}, {"author": "Michael Richardson", "text": "

It seems to overlap some parts of proposed AUDIT/AGENTIC charter (\"agent2agent\" ML)

", "time": "2026-06-03T15:51:29.000Z"}, {"author": "Pieter Kasselman", "text": "

Especially in multiple systems ;)

", "time": "2026-06-03T15:52:35.000Z"}, {"author": "Tom Sato", "text": "

On the human-in-the-loop gap identified in the authorization slide \u2014 I've authored a draft, draft-sato-soos-hem, that specifically addresses mid-execution agent-initiated escalation, which is architecturally different from CIBA. It may be worth a pointer in the gaps section. Happy to share details on-list.

\n

https://datatracker.ietf.org/doc/draft-sato-soos-hem/

", "time": "2026-06-03T15:54:33.000Z"}, {"author": "Yaron Sheffer", "text": "

I think it would be a good thing to explicitly recharter, so that the IESG can look at the whole domain (inc. AUDIT/AGENTIC) and partition it to minimize future conflicts.

", "time": "2026-06-03T15:56:41.000Z"}, {"author": "Andreas Falk", "text": "

+1 to take on this work in wimse

", "time": "2026-06-03T15:56:47.000Z"}, {"author": "Brian Campbell", "text": "

my perspective is that this work shouldn't define new things directly but might serve as the vehicle to identify what/where new work might take place

", "time": "2026-06-03T15:58:25.000Z"}, {"author": "Yaron Sheffer", "text": "

@Brian, I see pros and cons, we would need to have a deep discussion.

", "time": "2026-06-03T15:59:31.000Z"}]