Skip to content

Releases: PlawIO/machineauthority-protocol

MAP v1.0.1 — post-v1.0 hardening

04 May 20:08
@yazcaleb yazcaleb
v1.0.1
4e64e26

Choose a tag to compare

View all tags
MAP v1.0.1 — post-v1.0 hardening Latest
Latest

Post-v1.0 hardening release. No wire-format or schema changes — implementations passing v1.0.0 conformance remain conformant. New self-certifications MUST run the DPoP sub-suite and reject the new schema-violation vectors.

Highlights

  • DPoP wire-time verifier (Tier 3, RFC 9449). New reference/cli/dpop-verify and 15 conformance vectors covering the full verdict alphabet (DPOP_MALFORMED, DPOP_BAD_TYP, DPOP_JKT_MISMATCH, …).
  • AJV schema gate in all four verifier CLIs (cac-verify, env-verify, loop-verify, dpop-verify). Malformed payloads now return SCHEMA_VIOLATION deterministically instead of masquerading as BAD_SIGNATURE / BAD_HASH. Closes a verdict-confusion bug that could mask real cryptographic failures during incident response.
  • CAC §5.2 approver-key resolution-order fix. Embedded jwk / DSSE cert is now the last fallback (default policy: deny; MUST chain to a deployment trust anchor). Closes a forge-and-self-sign bypass against pinned-kid / SPIFFE / DID resolution.
  • AARM acronym corrected repo-wide to Autonomous Action Runtime Management (per arxiv:2602.09433 + aarm.dev + Cloud Security Alliance Agentic Control Plane Initiative 2026 donation page). Previous text read Agent Authorization Reference Model, which was wrong.
  • Publication-readiness pack:
    • THREAT-MODEL.md — 12-class adversary catalogue with traceability matrix mapping each class to spec MUSTs and verifier verdicts. Numbering locked at v1.0.
    • SECURITY.md — vulnerability disclosure policy. Private GitHub Security Advisory + security@plaw.io, 90-day default window.
    • CITATION.cff — CFF v1.2.0 academic citation file, ready for Zenodo DOI.

Conformance

$ cd reference && npm install && node cli/run-conformance.js
Conformance: 56 pass, 0 fail

Roadmap (post-v1.0.1, non-blocking)

  • Multi-approver / quorum CACs.
  • Post-quantum hybrid signature path (Ed25519 + ML-DSA-44 dual).
  • Optional transparency-log profile (Rekor-compatible).
  • Cryptographic delegation chain (delegation_proofs[]).
  • Polling profile for the Elicitation Loop.

See CHANGELOG.md for the full annotated diff.

Assets 2
Loading