<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-wimse-http-signature-04" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="WIMSE Workload-to-Workload HTTP-Sig">WIMSE Workload-to-Workload Authentication with HTTP Signatures</title>
    <seriesInfo name="Internet-Draft" value="draft-ietf-wimse-http-signature-04"/>
    <author fullname="Joe Salowey">
      <organization>Palo Alto Networks</organization>
      <address>
        <email>joe@salowey.net</email>
      </address>
    </author>
    <author fullname="Yaron Sheffer">
      <organization>Intuit</organization>
      <address>
        <email>yaronf.ietf@gmail.com</email>
      </address>
    </author>
    <date year="2026" month="July" day="06"/>
    <area>Applications and Real-Time</area>
    <workgroup>Workload Identity in Multi System Environments</workgroup>
    <keyword>workload</keyword>
    <keyword>identity</keyword>
    <abstract>
      <?line 40?>

<t>The WIMSE architecture defines authentication and authorization for software workloads
in a variety of runtime environments, from the most basic ones to complex
multi-service, multi-cloud, multi-tenant deployments.
This document defines one of the mechanisms to provide workload authentication,
using HTTP Signatures. While only applicable to HTTP traffic, the protocol provides end-to-end
protection of requests (and optionally, responses), even when service traffic is not end-to-end
encrypted, that is, when TLS proxies and load balancers are used.
Authentication is based on the Workload Identity Token (WIT).</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://ietf-wg-wimse.github.io/draft-ietf-wimse-s2s-protocol/draft-ietf-wimse-s2s-protocol.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-ietf-wimse-http-signature/"/>.
      </t>
      <t>
        Discussion of this document takes place on the
        Workload Identity in Multi System Environments Working Group mailing list (<eref target="mailto:wimse@ietf.org"/>),
        which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/wimse/"/>.
        Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/wimse/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/ietf-wg-wimse/draft-ietf-wimse-s2s-protocol"/>.</t>
    </note>
  </front>
  <middle>
    <?line 51?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>This document defines authentication and authorization in the context of interaction between two workloads.
This is the core component of the WIMSE architecture <xref target="I-D.ietf-wimse-arch"/>.
This document focuses on HTTP-based services,
and the workload-to-workload call consists of a single HTTP request and its response.</t>
      <t>One option to protect such traffic is through Mutual TLS, and this usage is defined in <xref target="I-D.ietf-wimse-mutual-tls"/>.
Many deployments prefer application-layer approaches, whether for lack of CA infrastructure or because
inter-service communication consists of multiple separate TLS hops. This document defines one of the two WIMSE
approaches for application-layer protection.</t>
      <t>We define a profile of the HTTP Signatures protocol <xref target="RFC9421"/> to protect the service traffic.
Service authentication uses the Workload Identity Token (WIT) defined in <xref target="I-D.ietf-wimse-workload-creds"/>,
and the signature uses the private key associated with the WIT and thus proves possession of that key.</t>
      <t>As noted, the WIMSE working group is specifying two alternatives for application-layer protection, both using the newly introduced
Workload Identity Token <xref target="I-D.ietf-wimse-workload-creds"/>. The first alternative <xref target="I-D.ietf-wimse-wpt"/> is inspired by the OAuth DPoP specification.
The second is based on the HTTP Message Signatures RFC, and this is the one defined in this document.
<xref target="app-layer-comparison"/> includes a comparison of the two alternatives.</t>
      <section anchor="deployment-architecture-and-message-flow">
        <name>Deployment Architecture and Message Flow</name>
        <t>Refer to Sec. 1.2 of <xref target="I-D.ietf-wimse-workload-creds"/> for the deployment architecture which is common to all three
protection options, including the one described here.</t>
      </section>
    </section>
    <section anchor="conventions-and-definitions">
      <name>Conventions and Definitions</name>
      <t>All terminology in this document follows <xref target="I-D.ietf-wimse-arch"/>.</t>
      <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <?line -18?>

</section>
    <section anchor="http-sig-auth">
      <name>The Protocol: Authentication Based on HTTP Message Signatures</name>
      <t>This protocol uses the Workload Identity Token <xref target="I-D.ietf-wimse-workload-creds"/> and the private key associated with its public key,
to sign the request and optionally, the response.
Formally, this is a profile of the Message Signatures specification <xref target="RFC9421"/>.</t>
      <t>The request is signed as per <xref target="RFC9421"/>. The following derived components <bcp14>MUST</bcp14> be signed:</t>
      <ul spacing="normal">
        <li>
          <t><tt>@method</tt></t>
        </li>
        <li>
          <t><tt>@request-target</tt></t>
        </li>
      </ul>
      <t>In addition, the following request headers <bcp14>MUST</bcp14> be signed when they exist:</t>
      <ul spacing="normal">
        <li>
          <t><tt>Content-Type</tt></t>
        </li>
        <li>
          <t><tt>Content-Digest</tt></t>
        </li>
        <li>
          <t><tt>Authorization</tt></t>
        </li>
        <li>
          <t><tt>Txn-Token</tt> <xref target="I-D.ietf-oauth-transaction-tokens"/></t>
        </li>
        <li>
          <t><tt>Workload-Identity-Token</tt></t>
        </li>
      </ul>
      <t>If the response is signed, the following components <bcp14>MUST</bcp14> be signed:</t>
      <ul spacing="normal">
        <li>
          <t><tt>@status</tt></t>
        </li>
        <li>
          <t><tt>@method;req</tt></t>
        </li>
        <li>
          <t><tt>@request-target;req</tt></t>
        </li>
        <li>
          <t><tt>Content-Type</tt> if it exists</t>
        </li>
        <li>
          <t><tt>Content-Digest</tt> if it exists</t>
        </li>
        <li>
          <t><tt>Workload-Identity-Token</tt></t>
        </li>
      </ul>
      <t>To ensure the message is fully integrity-protected, if the request or response includes a message body, the sender <bcp14>MUST</bcp14> include
(and the receiver <bcp14>MUST</bcp14> verify) a Content-Digest header.</t>
      <t>For both requests and responses, the following signature parameters <bcp14>MUST</bcp14> be included:</t>
      <ul spacing="normal">
        <li>
          <t><tt>created</tt></t>
        </li>
        <li>
          <t><tt>expires</tt> - expiration <bcp14>MUST</bcp14> be short, e.g. on the order of minutes. The WIMSE architecture will provide separate
mechanisms in support of long-lived compute processes.</t>
        </li>
        <li>
          <t><tt>nonce</tt></t>
        </li>
        <li>
          <t><tt>tag</tt> - the value for implementations of this specification is <tt>wimse-workload-to-workload</tt></t>
        </li>
      </ul>
      <t>For requests only, the following signature parameter <bcp14>MUST</bcp14> also be included:</t>
      <ul spacing="normal">
        <li>
          <t><tt>wimse-aud</tt> (<xref target="wimse-aud-param"/>)</t>
        </li>
      </ul>
      <t>For responses only, when response signing is enabled, the following signature parameter <bcp14>MUST</bcp14> also be included:</t>
      <ul spacing="normal">
        <li>
          <t><tt>wimse-req-nonce</tt> (<xref target="wimse-req-nonce-param"/>)</t>
        </li>
      </ul>
      <t>The following signature parameters in the <tt>Signature-Input</tt> header <bcp14>MUST NOT</bcp14> be used:</t>
      <ul spacing="normal">
        <li>
          <t><tt>keyid</tt> - The signing key is sent along with the message in the WIT. Additionally specifying the key identity would add confusion.</t>
        </li>
        <li>
          <t><tt>alg</tt> - The signature algorithm is specified in the <tt>jwk</tt> section of the <tt>cnf</tt> claim in the WIT. See <xref target="I-D.ietf-wimse-workload-creds"/> and Sec. 3.3.7 of <xref target="RFC9421"/> for details.</t>
        </li>
      </ul>
      <t>It is <bcp14>RECOMMENDED</bcp14> to include only one signature with the HTTP message.
If multiple ones are included, then the signature label included in both the <tt>Signature-Input</tt> and <tt>Signature</tt> headers <bcp14>SHOULD</bcp14>
be <tt>wimse</tt>.</t>
      <t>A sender <bcp14>MUST</bcp14> ensure that each nonce it generates is unique, at least among messages sent to the same recipient.
To detect message replays,
a recipient <bcp14>SHOULD</bcp14> reject a message (request or response) if a nonce generated by a certain peer is seen more than once.</t>
      <t>For clarity: the signature's lifetime (the <tt>expires</tt> signature parameter) is different and typically much shorter than the WIT's lifetime, denoted by its <tt>exp</tt> claim.</t>
      <t>Implementors need to be aware that the WIT is extracted from the message before the message signature is validated. Recipients of signed HTTP messages <bcp14>MUST</bcp14> validate the signature and content of the WIT before validating the HTTP message signature. They <bcp14>MUST</bcp14> ensure that the message is not processed further before it has been fully validated.</t>
      <section anchor="wimse-aud-param">
        <name>The <tt>wimse-aud</tt> Signature Parameter</name>
        <t><xref target="RFC9421"/> defines signature parameters for HTTP message signatures: metadata carried in the <tt>Signature-Input</tt> field
alongside the covered components. That metadata is covered by the signature as the <tt>@signature-params</tt> component value
(Section 2.3 of <xref target="RFC9421"/>), which is always the last line of the signature base.</t>
        <t>This document defines the <tt>wimse-aud</tt> signature metadata parameter for requests. Using a signature parameter carries the audience explicitly in <tt>Signature-Input</tt>.</t>
        <t>The default value for <tt>wimse-aud</tt> is the request's HTTP target URI (<xref section="7.1" sectionFormat="of" target="RFC9110"/>), without query or fragment components.
Senders, recipients, and intermediaries do not always derive the same string for that URI: normalization and rewriting differ by implementation and hop, so the audience that verification should use is a deployment-specific choice.
When the default string is not suitable for verification at the recipient, senders <bcp14>SHOULD</bcp14> set <tt>wimse-aud</tt> to an explicit audience value as appropriate for that deployment.</t>
        <t>The recipient <bcp14>MUST</bcp14> be able to verify that the audience refers to it. See "Workload Identifiers and Authentication Granularity" in <xref target="I-D.ietf-wimse-workload-creds"/> for more detail.</t>
      </section>
      <section anchor="wimse-req-nonce-param">
        <name>The <tt>wimse-req-nonce</tt> Signature Parameter</name>
        <t>When response signing is enabled, this document defines the <tt>wimse-req-nonce</tt> signature metadata parameter for responses.
This parameter binds requests to responses and prevents a malicious
proxy from replaying responses to the wrong client.</t>
        <t>The server <bcp14>MUST</bcp14> set <tt>wimse-req-nonce</tt> to the value of the <tt>nonce</tt> signature parameter from the <tt>Signature-Input</tt> of the request that triggered the response.</t>
      </section>
      <section anchor="signing-the-response">
        <name>Signing the Response</name>
        <t>Protecting the response by signing it with the server's WIT is <bcp14>RECOMMENDED</bcp14> but optional. In particular, if the response
may be exceptionally large or is expected to be streamed, signing it may not be practical.</t>
        <t>In practice, we expect response signing to be enabled by local policy. If response signing is enabled for a deployment,
the client (recipient of the response) <bcp14>MUST</bcp14> check that the signature exists and validate it.
The response <bcp14>MUST</bcp14> be rejected if a signature is absent or fails to validate.
The client <bcp14>MUST</bcp14> verify that <tt>wimse-req-nonce</tt> matches the <tt>nonce</tt> it included in its request's <tt>Signature-Input</tt>.
This binds the signed response to the specific request that triggered it.</t>
        <t>As described in <xref section="5" sectionFormat="of" target="RFC9421"/>, either client or server <bcp14>MAY</bcp14> send an
<tt>Accept-Signature</tt> header,
but is not required to do so. The <tt>Accept-Signature</tt> header indicates a
preference for signed messages but does not mandate that responses be signed.
When a client sends <tt>Accept-Signature</tt> in a request, it <bcp14>SHOULD</bcp14> list the
response components it wishes to have signed (including at least those specified above for signed
responses). When a server sends <tt>Accept-Signature</tt> in a response, it <bcp14>SHOULD</bcp14>
list the request components it wishes to have signed in subsequent requests (minimally those
specified above for signed requests).</t>
      </section>
      <section anchor="error-conditions">
        <name>Error Conditions</name>
        <t>Errors may occur during the processing of the message signature. If the signature verification fails for any reason,
such as an invalid signature, an expired validity time window, or a malformed data structure, an error is returned. Typically,
this will be in response to an API call. An HTTP status code such as 400 (Bad Request) is appropriate. The response could
include more details as per <xref target="RFC9457"/>, such as an indicator that the wrong key material or algorithm was used.  The use of HTTP
status code 401 is <bcp14>NOT RECOMMENDED</bcp14> for this purpose because it requires a WWW-Authenticate with acceptable HTTP auth mechanisms in
the error response and an associated Authorization header in the subsequent request. The use of these headers for the WIT is not compatible
with this specification.</t>
      </section>
      <section anchor="example-requests-and-responses">
        <name>Example Requests and Responses</name>
        <t>Following is a non-normative example of a signed request and a signed response.</t>
        <t>The caller uses this keypair:</t>
        <figure>
          <name>Caller Private Key</name>
          <sourcecode type="jwk"><![CDATA[
{
  "alg": "EdDSA",
  "crv": "Ed25519",
  "d": "y1t3DufG7BOgsOO7hl7M3uNvVNjVlZfat-8KPF5nHi8",
  "kid": "svc-a-key",
  "kty": "OKP",
  "x": "CSsepXyWea5m-nNTfjnHaRfLodpY1gPSPtai1xJ-qJ0"
}
]]></sourcecode>
        </figure>
        <t>The caller uses its keypair and generates the following HTTP request:</t>
        <figure>
          <name>Signed Request</name>
          <sourcecode type="http"><![CDATA[
=============== NOTE: '\' line wrapping per RFC 8792 ================

GET /gimme-ice-cream?flavor=vanilla HTTP/1.1
Host: svcb.example.com
Signature: wimse=:6QjBIpZW1lUZ64dQTOs4oiMBp4wH1Xzjo/iGa1XtrT9BGG2a0p\
MQXddNQ3M2wHE9q+FnxnL86HPtYVQ2fYTTDg==:
Signature-Input: wimse=("@method" "@request-target" "workload-identi\
ty-token");created=1774809014;expires=1774809314;nonce="abcd1111";ta\
g="wimse-workload-to-workload";wimse-aud="https://svcb.example.com/g\
imme-ice-cream"
Workload-Identity-Token: eyJhbGciOiJFZERTQSIsImtpZCI6Imlzc3Vlci1rZXk\
iLCJ0eXAiOiJ3aXQrand0In0.eyJjbmYiOnsiandrIjp7ImFsZyI6IkVkRFNBIiwiY3J\
2IjoiRWQyNTUxOSIsImtpZCI6InN2Yy1hLWtleSIsImt0eSI6Ik9LUCIsIngiOiJDU3N\
lcFh5V2VhNW0tbk5UZmpuSGFSZkxvZHBZMWdQU1B0YWkxeEotcUowIn19LCJleHAiOjE\
3NzQ4MDkzMTQsImlhdCI6MTc3NDgwOTAxNCwiaXNzIjoiaHR0cHM6Ly9leGFtcGxlLmN\
vbS9pc3N1ZXIiLCJqdGkiOiJ3aXQtMTc3NDgwOTAxNDA4OTM3MjAwMCIsInN1YiI6Ind\
pbXNlOi8vZXhhbXBsZS5jb20vc3ZjQSJ9.UwMa_iVUp-0lbNLjWZMItulNEzFlfx_jCC\
sWdd-7Cx8fN87ldxamCiESXSMR2u1H17OInKBULCNLZjkfZdSiBw

]]></sourcecode>
        </figure>
        <t>Assuming that the workload being called has the following keypair:</t>
        <figure>
          <name>Callee Private Key</name>
          <sourcecode type="jwk"><![CDATA[
{
  "alg": "EdDSA",
  "crv": "Ed25519",
  "d": "FYS8IsAD74dDpTYu88MX5XFQP4JYNYiRDIkEplk4DW0",
  "kid": "svc-b-key",
  "kty": "OKP",
  "x": "oKbIElQedC-yvw01avHZsh2Vg6CnSV5Pw6wnYZEJazM"
}
]]></sourcecode>
        </figure>
        <t>A signed response would be:</t>
        <figure>
          <name>Signed Response</name>
          <sourcecode type="http"><![CDATA[
=============== NOTE: '\' line wrapping per RFC 8792 ================

HTTP/1.1 404 Not Found
Connection: close
Content-Digest: sha-256=:47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU\
=:
Content-Type: text/plain
Signature: wimse=:Zpr07vUQEC8jNyLXUTiIXu2popQiodPBSeejjg6hl+C/0l/iNA\
DbJUMKTbDHs3sFiL/Su2cmPMUg1hWHT262Aw==:
Signature-Input: wimse=("@status" "workload-identity-token" "content\
-type" "content-digest" "@method";req "@request-target";req);created\
=1774809014;expires=1774809316;nonce="abcd2222";tag="wimse-workload-\
to-workload"
Workload-Identity-Token: eyJhbGciOiJFZERTQSIsImtpZCI6Imlzc3Vlci1rZXk\
iLCJ0eXAiOiJ3aXQrand0In0.eyJjbmYiOnsiandrIjp7ImFsZyI6IkVkRFNBIiwiY3J\
2IjoiRWQyNTUxOSIsImtpZCI6InN2Yy1iLWtleSIsImt0eSI6Ik9LUCIsIngiOiJvS2J\
JRWxRZWRDLXl2dzAxYXZIWnNoMlZnNkNuU1Y1UHc2d25ZWkVKYXpNIn19LCJleHAiOjE\
3NzQ4MDkzMTYsImlhdCI6MTc3NDgwOTAxNiwiaXNzIjoiaHR0cHM6Ly9leGFtcGxlLmN\
vbS9pc3N1ZXIiLCJqdGkiOiJ3aXQtMTc3NDgwOTAxNDA4OTQ4MDAwMCIsInN1YiI6Ind\
pbXNlOi8vZXhhbXBsZS5jb20vc3ZjQiJ9.fVgW-ieLNhaY59p9OaTEetDtLzbuwnwRe0\
Uw-yz1xTZAgrj1SzAinGN3QbdfpE72gCTc2aH3D_LavdQuMUMHDg

No ice cream today.

]]></sourcecode>
        </figure>
      </section>
    </section>
    <section anchor="implementation-status">
      <name>Implementation Status</name>
      <t><cref>Note to RFC Editor: please remove this section, as well as the reference to RFC 7942, before publication.</cref></t>
      <t>This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in <xref target="RFC7942"/>. The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs.  Please note that the listing of any individual implementation here does not imply endorsement by the IETF.  Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features.  Readers are advised to note that other implementations may exist.</t>
      <t>According to RFC 7942, "this will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature.  It is up to the individual working groups to use this information as they see fit".</t>
      <section anchor="cofide">
        <name>Cofide</name>
        <ul spacing="normal">
          <li>
            <t>Organization: Cofide</t>
          </li>
          <li>
            <t>Implementation: <eref target="https://github.com/cofide/wimse-s2s-httpsig-poc">https://github.com/cofide/wimse-s2s-httpsig-poc</eref></t>
          </li>
          <li>
            <t>Maturity:
            </t>
            <ul spacing="normal">
              <li>
                <t>WIT + HTTP Message Signatures: proof-of-concept</t>
              </li>
            </ul>
          </li>
          <li>
            <t>Coverage: WIT, HTTP Message Signatures</t>
          </li>
          <li>
            <t>License: Apache 2.0</t>
          </li>
          <li>
            <t>Contact: jason@cofide.io</t>
          </li>
          <li>
            <t>Last updated: 13-Nov-2025</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>This section includes security considerations that are specific to the HTTP Signature protocol defined here. Refer to
<xref target="I-D.ietf-wimse-workload-creds"/> for more generic security considerations associated with the workload identity
and its WIT representation.</t>
      <section anchor="workload-identity-token-and-proof-of-possession">
        <name>Workload Identity Token and Proof of Possession</name>
        <t>The Workload Identity Token (WIT) is bound to a secret cryptographic key and is
always presented with a proof of possession as described in
<xref target="I-D.ietf-wimse-workload-creds"/>. The WIT is a general purpose token that can be presented
in multiple contexts. The WIT and its PoP are only used in the
application-layer options, and neither is used in MTLS. The WIT <bcp14>MUST NOT</bcp14> be
used as a bearer token. While this helps reduce the sensitivity of the token it
is still possible that a token and its proof of possession may be captured and
replayed within the PoP's lifetime.</t>
        <t>The HTTP Signature profile presented here binds the proof of possession to the critical parts of the HTTP request (and potentially
response), including the Request URI and the message body. This
eliminates most of the risk associated with active attackers on a middlebox.</t>
        <t>In addition, the following mitigations should be used:</t>
        <ul spacing="normal">
          <li>
            <t>Preventing Eavesdropping and Interception with TLS</t>
          </li>
        </ul>
        <t>An attacker observing or intercepting the communication channel can view the token and its proof of possession and attempt to replay it to gain an advantage. In order to prevent this, the
token and proof of possession <bcp14>MUST</bcp14> be sent over a secure, server authenticated TLS connection unless a secure channel is provided by some other mechanisms. Hostname validation according
to Section 6.3 of <xref target="RFC9525"/> <bcp14>MUST</bcp14> be performed by the client.</t>
        <ul spacing="normal">
          <li>
            <t>Limiting Signature Lifespan</t>
          </li>
        </ul>
        <t>The signature lifespan <bcp14>MUST</bcp14> be limited by using a tight <tt>expires</tt> value, taking into account potential clock skew and
processing latency, but usually within minutes of the message sending time. Signatures received outside their validity time <bcp14>MUST</bcp14> be rejected.</t>
        <ul spacing="normal">
          <li>
            <t>Replay Protection</t>
          </li>
        </ul>
        <t>A signed message includes the <tt>nonce</tt> signature parameter that <bcp14>MUST</bcp14> uniquely identify it, within the scope of a particular sender.
This parameter <bcp14>SHOULD</bcp14> be used by the receiver to perform basic replay protection against messages it has already seen.
Depending upon the design of the system it may be difficult to synchronize the replay cache across all message validators.
If an attacker can somehow influence the identity of the validator (e.g. which cluster member receives the message) then
replay protection would not be effective.</t>
      </section>
      <section anchor="middleboxes">
        <name>Middle Boxes</name>
        <t>In some deployments the Workload Identity Token and proof of possession
(signature) may pass through multiple systems. The communication between the
systems is over TLS, but the WIT and signature are available in the clear at each
intermediary.  While the intermediary cannot modify the token or the
information within the signature they can attempt to capture and replay the message or modify
unsigned information, such as proprietary HTTP headers that may remain unsigned.</t>
        <t>Mitigations listed in the protocol provide a reasonable level of security in these situations, in particular
if responses are signed in addition to requests.</t>
      </section>
      <section anchor="privacy-considerations">
        <name>Privacy Considerations</name>
        <t>WITs and the signatures may contain private information such as user names or other identities. Care must be taken to prevent disclosure of this information. The use of TLS helps protect the privacy of WITs and proofs of possession.</t>
        <t>WITs are typically associated with a workload and not a specific user, however
in some deployments the workload may be associated directly to a user. While
these are exceptional cases a deployment should evaluate if the disclosure of
WITs or signatures can be used to track a user.</t>
      </section>
    </section>
    <section anchor="security-goals">
      <name>Security Goals</name>
      <t>This section defines semiformal security goals for this protocol, when used in conjunction with the WIT credential. Our aim
is to inform developers and for these goals to eventually evolve into formal verification of the protocol.</t>
      <section anchor="prerequisites">
        <name>Prerequisites</name>
        <t>The following are out of scope of the protocol and their security is assumed.</t>
        <ul spacing="normal">
          <li>
            <t>There exists a WIT Issuer which is trusted to issue credentials honestly.</t>
          </li>
          <li>
            <t>Workloads have a way to authenticate themselves to the Issuer and be provisioned with a valid WIT, associated
with their WIMSE identity.</t>
          </li>
          <li>
            <t>All workloads are provisioned with trust anchors that allow them to validate incoming WITs.</t>
          </li>
          <li>
            <t>The entire authorization subsystem is out of scope and trusted. This can potentially include
provisioning and enforcement of an authorization policy, issuance of transaction tokens
and workload attestation.</t>
          </li>
          <li>
            <t>All workload-to-workload traffic is TLS-protected. However TLS may be terminated on one or more middleboxes
and the TLS endpoint identity (or identities) is not associated with a WIMSE identity.</t>
          </li>
          <li>
            <t>As a result, all workload-to-workload traffic is confidential and (assuming honest participants) is only available to sender,
receiver, and any TLS-terminating middleboxes that process the traffic.</t>
          </li>
        </ul>
      </section>
      <section anchor="authentication">
        <name>Authentication</name>
        <ul spacing="normal">
          <li>
            <t>A workload receiving a request can validate that it is signed correctly, and can identify the sender.</t>
          </li>
          <li>
            <t>A workload receiving a response can similarly authenticate its sender, provided that optional response signing has
been activated and likewise, the recipient validates this signature.</t>
          </li>
          <li>
            <t>The above implies that a stolen WIT cannot be used by an entity other than its owner.</t>
          </li>
        </ul>
      </section>
      <section anchor="integrity">
        <name>Integrity</name>
        <ul spacing="normal">
          <li>
            <t>No requests can be modified without detection by the recipient. Integrity of
all present HTTP headers specified in this document is protected, as well as
the derived components listed in <xref target="http-sig-auth"/>, the signature parameters
(including <tt>wimse-aud</tt> on requests and <tt>wimse-req-nonce</tt> on responses) as covered by <tt>@signature-params</tt> in <xref target="RFC9421"/>, and
the message body (when present).</t>
          </li>
          <li>
            <t>No responses can be modified without detection, provided that optional response signing has been activated and
that the recipient validates incoming responses.</t>
          </li>
          <li>
            <t>Note: Headers not specified in this document may remain unsigned and could
potentially be modified or deleted by intermediaries without detection.</t>
          </li>
        </ul>
      </section>
      <section anchor="replay-and-deletion">
        <name>Replay and Deletion</name>
        <ul spacing="normal">
          <li>
            <t>Replay protection is not strictly mandated because of implementation
considerations (e.g., distributed system challenges with synchronizing replay
caches across validators). Therefore it is not claimed as
a goal, though implementations <bcp14>SHOULD</bcp14> attempt to detect replays where feasible.
We note that since most of the message is signed, replay attacks are only possible in a
context where the request would be accepted as valid, and this mitigates the risk to some extent.</t>
          </li>
          <li>
            <t>When response signing is enabled, validating <tt>wimse-req-nonce</tt> mitigates replay of a signed response to a client other than the one that sent the triggering request.</t>
          </li>
          <li>
            <t>Unless response signing is mandated by local policy, complete deletion of a request/response pair is possible without detection.</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="http-signature-metadata-parameters-registration">
        <name>HTTP Signature Metadata Parameters Registration</name>
        <t>IANA is requested to register the following entries in the "HTTP Signature Metadata Parameters" registry <xref target="IANA.HTTP.MESSAGE.SIGNATURE"/>, per the registration template in Section 6.3.1 of <xref target="RFC9421"/>:</t>
        <ul spacing="normal">
          <li>
            <t><tt>wimse-aud</tt>, per <xref target="iana-wimse-aud-param"/>.</t>
          </li>
          <li>
            <t><tt>wimse-req-nonce</tt>, per <xref target="iana-wimse-req-nonce-param"/>.</t>
          </li>
        </ul>
        <section anchor="iana-wimse-aud-param">
          <name><tt>wimse-aud</tt></name>
          <ul spacing="normal">
            <li>
              <t>Name: <tt>wimse-aud</tt></t>
            </li>
            <li>
              <t>Description: the WIMSE message audience. Request signatures only; binds the HTTP message signature to the intended recipient.</t>
            </li>
            <li>
              <t>Reference: RFC XXX, <xref target="wimse-aud-param"/>.</t>
            </li>
          </ul>
        </section>
        <section anchor="iana-wimse-req-nonce-param">
          <name><tt>wimse-req-nonce</tt></name>
          <ul spacing="normal">
            <li>
              <t>Name: <tt>wimse-req-nonce</tt></t>
            </li>
            <li>
              <t>Description: on response signatures, the <tt>nonce</tt> value from the triggering request's <tt>Signature-Input</tt>; binds the response to that request.</t>
            </li>
            <li>
              <t>Reference: RFC XXX, <xref target="wimse-req-nonce-param"/>.</t>
            </li>
          </ul>
        </section>
      </section>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="RFC9421">
          <front>
            <title>HTTP Message Signatures</title>
            <author fullname="A. Backman" initials="A." role="editor" surname="Backman"/>
            <author fullname="J. Richer" initials="J." role="editor" surname="Richer"/>
            <author fullname="M. Sporny" initials="M." surname="Sporny"/>
            <date month="February" year="2024"/>
            <abstract>
              <t>This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over components of an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer and where the message may be transformed (e.g., by intermediaries) before reaching the verifier. This document also describes a means for requesting that a signature be applied to a subsequent HTTP message in an ongoing HTTP exchange.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9421"/>
          <seriesInfo name="DOI" value="10.17487/RFC9421"/>
        </reference>
        <reference anchor="I-D.ietf-wimse-workload-creds">
          <front>
            <title>WIMSE Workload Credentials</title>
            <author fullname="Brian Campbell" initials="B." surname="Campbell">
              <organization>Ping Identity</organization>
            </author>
            <author fullname="Joseph A. Salowey" initials="J. A." surname="Salowey">
              <organization>CyberArk</organization>
            </author>
            <author fullname="Arndt Schwenkschuster" initials="A." surname="Schwenkschuster">
              <organization>Defakto Security</organization>
            </author>
            <author fullname="Yaron Sheffer" initials="Y." surname="Sheffer">
              <organization>Intuit</organization>
            </author>
            <author fullname="Yaroslav Rosomakho" initials="Y." surname="Rosomakho">
              <organization>Zscaler</organization>
            </author>
            <date day="2" month="July" year="2026"/>
            <abstract>
              <t>   The WIMSE architecture defines authentication and authorization for
   software workloads in a variety of runtime environments, from the
   most basic ones up to complex multi-service, multi-cloud, multi-
   tenant deployments.

   This document defines the credentials that workloads use to represent
   their identity.  They can be used in various protocols to
   authenticate workloads to each other.  To use these credentials,
   workloads must provide proof of possession of the associated private
   key material, which is covered in other documents.  This document
   focuses on the credentials alone, independent of the proof-of-
   possession mechanism.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-wimse-workload-creds-02"/>
        </reference>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
        <reference anchor="RFC9110">
          <front>
            <title>HTTP Semantics</title>
            <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
            <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/>
            <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
            <date month="June" year="2022"/>
            <abstract>
              <t>The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes.</t>
              <t>This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="97"/>
          <seriesInfo name="RFC" value="9110"/>
          <seriesInfo name="DOI" value="10.17487/RFC9110"/>
        </reference>
        <reference anchor="RFC7942">
          <front>
            <title>Improving Awareness of Running Code: The Implementation Status Section</title>
            <author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
            <author fullname="A. Farrel" initials="A." surname="Farrel"/>
            <date month="July" year="2016"/>
            <abstract>
              <t>This document describes a simple process that allows authors of Internet-Drafts to record the status of known implementations by including an Implementation Status section. This will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature.</t>
              <t>This process is not mandatory. Authors of Internet-Drafts are encouraged to consider using the process for their documents, and working groups are invited to think about applying the process to all of their protocol specifications. This document obsoletes RFC 6982, advancing it to a Best Current Practice.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="205"/>
          <seriesInfo name="RFC" value="7942"/>
          <seriesInfo name="DOI" value="10.17487/RFC7942"/>
        </reference>
        <reference anchor="RFC9525">
          <front>
            <title>Service Identity in TLS</title>
            <author fullname="P. Saint-Andre" initials="P." surname="Saint-Andre"/>
            <author fullname="R. Salz" initials="R." surname="Salz"/>
            <date month="November" year="2023"/>
            <abstract>
              <t>Many application technologies enable secure communication between two entities by means of Transport Layer Security (TLS) with Internet Public Key Infrastructure using X.509 (PKIX) certificates. This document specifies procedures for representing and verifying the identity of application services in such interactions.</t>
              <t>This document obsoletes RFC 6125.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9525"/>
          <seriesInfo name="DOI" value="10.17487/RFC9525"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="IANA.HTTP.MESSAGE.SIGNATURE" target="https://www.iana.org/assignments/http-message-signature/http-message-signature.xhtml#signature-metadata-parameters">
          <front>
            <title>HTTP Message Signature</title>
            <author>
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="I-D.ietf-wimse-arch">
          <front>
            <title>Workload Identity in a Multi System Environment (WIMSE) Architecture</title>
            <author fullname="Joseph A. Salowey" initials="J. A." surname="Salowey">
              <organization>CyberArk</organization>
            </author>
            <author fullname="Yaroslav Rosomakho" initials="Y." surname="Rosomakho">
              <organization>Zscaler</organization>
            </author>
            <author fullname="Hannes Tschofenig" initials="H." surname="Tschofenig">
              <organization>University of Applied Sciences Bonn-Rhein-Sieg</organization>
            </author>
            <date day="2" month="March" year="2026"/>
            <abstract>
              <t>   The increasing prevalence of cloud computing and micro service
   architectures has led to the rise of complex software functions being
   built and deployed as workloads, where a workload is defined as
   software executing for a specific purpose, potentially comprising one
   or more running instances.  This document discusses an architecture
   for designing and standardizing protocols and payloads for conveying
   workload identity and security context information.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-wimse-arch-07"/>
        </reference>
        <reference anchor="I-D.ietf-wimse-mutual-tls">
          <front>
            <title>Workload Authentication Using Mutual TLS</title>
            <author fullname="Joseph A. Salowey" initials="J. A." surname="Salowey">
              <organization>CyberArk</organization>
            </author>
            <author fullname="Yaroslav Rosomakho" initials="Y." surname="Rosomakho">
              <organization>Zscaler</organization>
            </author>
            <date day="5" month="May" year="2026"/>
            <abstract>
              <t>   The WIMSE architecture defines authentication and authorization for
   software workloads in a variety of runtime environments, from the
   most basic ones to complex multi-service, multi-cloud, multi-tenant
   deployments.  This document profiles a workload authentication based
   on X.509 workload identity certificates using mutual TLS (mTLS).

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-wimse-mutual-tls-01"/>
        </reference>
        <reference anchor="I-D.ietf-wimse-wpt">
          <front>
            <title>WIMSE Workload Proof Token</title>
            <author fullname="Brian Campbell" initials="B." surname="Campbell">
              <organization>Ping Identity</organization>
            </author>
            <author fullname="Arndt Schwenkschuster" initials="A." surname="Schwenkschuster">
              <organization>Defakto Security</organization>
            </author>
            <date day="2" month="March" year="2026"/>
            <abstract>
              <t>   The WIMSE architecture defines authentication and authorization for
   software workloads in a variety of runtime environments, from basic
   deployments to complex multi-service, multi-cloud, multi-tenant
   systems.  This document specifies the Workload Proof Token (WPT), a
   mechanism for workloads to prove possession of the private key
   associated with a Workload Identity Token (WIT).  The WPT is a signed
   JWT that binds the workload's authentication to a specific HTTP
   request, providing application-level proof of possession for
   workload-to-workload communication.  This specification is designed
   to work alongside the WIT credential format defined in draft-ietf-
   wimse-workload-creds and can be combined with other WIMSE protocols
   in multi-hop call chains.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-wimse-wpt-01"/>
        </reference>
        <reference anchor="I-D.ietf-oauth-transaction-tokens">
          <front>
            <title>Transaction Tokens</title>
            <author fullname="Atul Tulshibagwale" initials="A." surname="Tulshibagwale">
              <organization>CrowdStrike</organization>
            </author>
            <author fullname="George Fletcher" initials="G." surname="Fletcher">
              <organization>Practical Identity LLC</organization>
            </author>
            <author fullname="Pieter Kasselman" initials="P." surname="Kasselman">
              <organization>Defakto Security</organization>
            </author>
            <date day="2" month="March" year="2026"/>
            <abstract>
              <t>   Transaction Tokens (Txn-Tokens) are designed to maintain and
   propagate user identity, workload identity and authorization context
   throughout the Call Chain within a trusted domain during the
   processing of external requests (e.g. such as API calls) or requests
   initiated internally within the trust domain.  Txn-Tokens ensure that
   this context is preserved throughout the Call Chain thereby enhancing
   security and consistency in complex, multi-service architectures.

              </t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-oauth-transaction-tokens-08"/>
        </reference>
        <reference anchor="RFC9457">
          <front>
            <title>Problem Details for HTTP APIs</title>
            <author fullname="M. Nottingham" initials="M." surname="Nottingham"/>
            <author fullname="E. Wilde" initials="E." surname="Wilde"/>
            <author fullname="S. Dalal" initials="S." surname="Dalal"/>
            <date month="July" year="2023"/>
            <abstract>
              <t>This document defines a "problem detail" to carry machine-readable details of errors in HTTP response content to avoid the need to define new error response formats for HTTP APIs.</t>
              <t>This document obsoletes RFC 7807.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9457"/>
          <seriesInfo name="DOI" value="10.17487/RFC9457"/>
        </reference>
      </references>
    </references>
    <?line 463?>

<section anchor="document-history">
      <name>Document History</name>
      <t><cref>RFC Editor: please remove before publication.</cref></t>
      <section anchor="draft-ietf-wimse-http-signature-04">
        <name>draft-ietf-wimse-http-signature-04</name>
        <ul spacing="normal">
          <li>
            <t>On signed responses, require <tt>wimse-req-nonce</tt> (request binding); register with IANA. Non-normative response example not updated accordingly; the <tt>Signature</tt> value was not regenerated (see issue tracker).</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-http-signature-03">
        <name>draft-ietf-wimse-http-signature-03</name>
        <ul spacing="normal">
          <li>
            <t>Replace <tt>Wimse-Audience</tt> HTTP header with the <tt>wimse-aud</tt> signature metadata parameter (<xref target="RFC9421"/>); register with IANA (HTTP Signature Metadata Parameters). Non-normative request example updated accordingly; the <tt>Signature</tt> value was not regenerated (see issue tracker).</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-http-signature-02">
        <name>draft-ietf-wimse-http-signature-02</name>
        <ul spacing="normal">
          <li>
            <t>Add new <tt>Wimse-Audience</tt> HTTP header (superseded by <tt>wimse-aud</tt> in -03).</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-http-signature-01">
        <name>draft-ietf-wimse-http-signature-01</name>
        <ul spacing="normal">
          <li>
            <t>Clarified response signing.</t>
          </li>
          <li>
            <t>Clarified signature vs. token lifetime.</t>
          </li>
          <li>
            <t>Added security goals.</t>
          </li>
          <li>
            <t>Added an Implementation Status section.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-http-signature-00">
        <name>draft-ietf-wimse-http-signature-00</name>
        <ul spacing="normal">
          <li>
            <t>Initial version, extracted from the -07 draft with minimal edits.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-07">
        <name>draft-ietf-wimse-s2s-protocol-07</name>
        <ul spacing="normal">
          <li>
            <t>Rework the WPT's <tt>oth</tt> claim.</t>
          </li>
          <li>
            <t>Update the media types.</t>
          </li>
          <li>
            <t>Discuss extensibility of WIT and WPT.</t>
          </li>
          <li>
            <t>Clarify error handling, specifically why not HTTP 401.</t>
          </li>
          <li>
            <t>Correct the code examples.</t>
          </li>
          <li>
            <t>Add registration request content for a <tt>wimse</tt> URI scheme.</t>
          </li>
          <li>
            <t>New section on key management.</t>
          </li>
          <li>
            <t>Use of the <tt>Accept-Signature</tt> header.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-06">
        <name>draft-ietf-wimse-s2s-protocol-06</name>
        <ul spacing="normal">
          <li>
            <t>Explicit definition of the Workload Identity Certificate.</t>
          </li>
          <li>
            <t>Definition of the validation of workload identifiers as part of workload authentication. Still work in progress.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-05">
        <name>draft-ietf-wimse-s2s-protocol-05</name>
        <ul spacing="normal">
          <li>
            <t>Removed the entire Workload Identity section which is now covered in the Architecture document.</t>
          </li>
          <li>
            <t>Content-Digest is mandatory with HTTP-Sig.</t>
          </li>
          <li>
            <t>Some wording on extending the protocol beyond HTTP.</t>
          </li>
          <li>
            <t>IANA considerations.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-04">
        <name>draft-ietf-wimse-s2s-protocol-04</name>
        <ul spacing="normal">
          <li>
            <t>Require <tt>cnf.jwk.alg</tt> in WIT which restricts signature algorithm of WPT or HTTP-Sig.</t>
          </li>
          <li>
            <t>Replay protection as a <bcp14>SHOULD</bcp14> for both WPT and HTTP-Sig.</t>
          </li>
          <li>
            <t>Consolidate terminology with the Architecture draft.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-03">
        <name>draft-ietf-wimse-s2s-protocol-03</name>
        <ul spacing="normal">
          <li>
            <t>Consistently use "workload".</t>
          </li>
          <li>
            <t>Implement comments from the SPIFFE community.</t>
          </li>
          <li>
            <t>Make <tt>iss</tt> claim in WIT optional and add wording about its relation to key distribution.</t>
          </li>
          <li>
            <t>Remove <tt>iss</tt> claim from WPT.</t>
          </li>
          <li>
            <t>Make <tt>jti</tt> claim in WIT optional.</t>
          </li>
          <li>
            <t>Error handling for the application-level methods.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-02">
        <name>draft-ietf-wimse-s2s-protocol-02</name>
        <ul spacing="normal">
          <li>
            <t>Coexistence with bearer tokens.</t>
          </li>
          <li>
            <t>Improve the architecture diagram.</t>
          </li>
          <li>
            <t>Some more ABNF.</t>
          </li>
          <li>
            <t>Clarified identifiers and URIs.</t>
          </li>
          <li>
            <t>Moved an author to acknowledgments.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-01">
        <name>draft-ietf-wimse-s2s-protocol-01</name>
        <ul spacing="normal">
          <li>
            <t>Addressed multiple comments from Pieter.</t>
          </li>
          <li>
            <t>Clarified WIMSE identity concepts, specifically "trust domain"
and "workload identifier".</t>
          </li>
          <li>
            <t>Much more detail around mTLS, including some normative language.</t>
          </li>
          <li>
            <t>WIT (the identity token) is now included in the WPT proof of possession.</t>
          </li>
          <li>
            <t>Added a section comparing the DPoP-inspired app-level security option to
the Message Signature-based alternative.</t>
          </li>
        </ul>
      </section>
      <section anchor="draft-ietf-wimse-s2s-protocol-00">
        <name>draft-ietf-wimse-s2s-protocol-00</name>
        <ul spacing="normal">
          <li>
            <t>Initial WG draft, an exact copy of draft-sheffer-wimse-s2s-protocol-00</t>
          </li>
          <li>
            <t>Added this document history section</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="app-layer-comparison">
      <name>Comparing the DPoP Inspired Option with Message Signatures</name>
      <t>The two workload protection options have different strengths and weaknesses regarding implementation
complexity, extensibility, and security.
Here is a summary of the main differences between
<xref target="I-D.ietf-wimse-wpt"/> and <xref target="http-sig-auth"/>.</t>
      <ul spacing="normal">
        <li>
          <t>The DPoP-inspired solution is less HTTP-specific, making it easier to adapt for
other protocols beyond HTTP. This flexibility is particularly valuable for
asynchronous communication scenarios, such as event-driven systems.</t>
        </li>
        <li>
          <t>Message Signatures, on the other hand, benefit from an existing HTTP-specific RFC with
some established implementations. This existing groundwork means that this option could
be simpler to deploy, to the extent such implementations are available and easily integrated.</t>
        </li>
        <li>
          <t>Given that the WIT (Workload Identity Token) is a type of JWT, the
DPoP-inspired approach that also uses JWT is less complex and technology-intensive than Message
Signatures. In contrast, Message Signatures introduce an additional layer of
technology, potentially increasing the complexity of the overall system.</t>
        </li>
        <li>
          <t>Message Signatures offer superior integrity protection, particularly by mitigating
message modification by middleboxes. See also <xref target="middleboxes"/>.</t>
        </li>
        <li>
          <t>A key advantage of Message Signatures is that they support response signing.
This opens up the possibility for future decisions about whether to make
response signing mandatory, allowing for flexibility in the specification
and/or in specific deployment scenarios.</t>
        </li>
        <li>
          <t>In general, Message Signatures provide greater flexibility compared to
the DPoP-inspired approach. Future versions of this draft (and subsequent implementations) can decide
whether specific aspects of message signing, such as coverage of particular fields,
should be mandatory or optional. Covering more fields will constrain the proof
so it cannot be easily reused in another context, which is often a security improvement. The DPoP inspired approach could
be designed to include extensibility to sign other fields, but this would make it closer to
trying to reinvent Message Signatures.</t>
        </li>
      </ul>
    </section>
    <section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>The authors would like to thank Pieter Kasselman for his detailed comments,
as well as Jason Costello, Maartje Eyskens and Radosław Piliszek for implementing this draft and sharing their learnings.</t>
      <t>We thank Daniel Feldman for his contributions to earlier versions of this document. We also thank Arndt Schwenkschuster and Brian Campbell who coauthored
the grand unified WIMSE Workload to Workload protocol draft.</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA9V92XLjSLbYOyL6H/KqHkbqISlRUm3qrulhaSmxWqIWUqXF
5RiBQJKEBAIcJCCKpah58Jf4Wxzh//JZMhMJkirVXNvhcEfPtAgil3Py7Euy
Xq97eZTHckesXLaPu/viMs3u49QP63laN3+LVpGPZJJHgZ9HaSKmUT4Sh73e
qehGw8TPi0yqFc/v9zP58OOJcFAdBq14MJUcptlsR6g89LwwDRJ/DNsIM3+Q
1yOZD+rTaKxkfZTnk7oy69Q3tj1V9MeRUrCTfDaBIe393oEQr4QfqxSWj5JQ
TiT8X5Kv1MSKDKM8zSI/xg/t1kf4T5rBX+e9gxUvKcZ9me14IexmxwvSRMlE
FWpH5FkhPQBmy/Mz6cOsrckk1vAr4SehOJd+XO9FY7niTQG8YZYWEwTegNrG
DUT5TESJOC7iPBLdmcrlWOwnD1GWJmP4GrB2L2cwPNzxRF1M9Vj8O9LDvQeZ
FLA3If6zKwjBaKKBUTIUn3AifD72oxieE57/jihvpNkQv/CzYARfIOrVzvo6
voePogfZMK+t44P1fpZOlVynGdZx5BBIo+jjKdAJDvkQ1xdOVW2q+iRL8zRI
YxwXwwGo3FmzMr7B0zai9Mcz/fjbxigfw2KeD9ScZohxWFiIQRHHTHsrn1Mp
un6cTuVshb4DQP0k+kbHviNO4SvRivNUdGSOh6XoJcl4vEvl3xUPbiQyXzL9
tQ+nIrojORjIbNkC7SQvotyddGWGYwaE9r8P8VkjSMcARJQM0mwM4x6IONqt
TquB3NU43u92W5/2G932p06rd3G+v0PzGS4ntj2WSvlDWbIvbyb3s6GEQzBn
MJ1OG5Gf+HzeCpmQaGqdeHLMk5S8+czjxiPi/VXJwmOZ+8Bwfn3iZ4CYXGbK
8+r1uvD7Ks/8IPe83kgKFiNEd7kMcKQI5SBKJPBfVR4hO/KhakwKwI1Q6SCf
AvdatlKANOGLBz8DbM5EOhBZAZOMpZAOw9TEIEvHAhYQ41Tlou+rKBApLgsH
D8ifxPLRGyO/1ZXMHqJA1gR/DOK0CM2HXCZ+ksOWJ3E6o5kbAFakBIi6Aj9b
aGBu3AytKIMR0IMa02JAuA8gBywAc3DXvEIhP89J4oa4HEUxTJnEM+Gz2OrD
Z5iQ3gQUDwZRUKMFDW+YtRTggkQ2/MfDLwHziFBElvxnATyqxCriO53gcz+O
ZzX4Rk1QdKq1mpAgr8QUdik0csx6AkBP0tydXyZBNpvkMsS9+Dm8UeOhvaMu
bugxkixrCfi+H/tJAMQi8FALJcOGN6eYYAk4Lgm7Swi6RVHZS+9h/tXLdm+t
wUQ3jsIwlp73CrkvS8OCAPaeOasXKS/ilUGV5PIxR7xF8BdSNX7bB7khYQMg
PUqy1HQB//LITBKZAVkkuSGMJczw9PRHu77XcIQdfv39+zyZDeAPRWTG6pcx
pE9H1TyEAZeYOgrbUlwAJ4zAqAhPHjbjC6Q5ICeiJU0ThIcIXjCUALg9Qaom
ItGkjPsWqghGLkXkI1BGwxHor7zwYzz4muANwZcFCSmEhbAfInIXoR7T0Hoe
K4T92E9mLtPByhKkrWEE3E899mf8JEv9YCSZ6gAFGcmN2A/uEdLdFqw3yHyQ
SQVjHL7sy8AHbHp0qIb/8bjGRWKIwkUXyQKQGIBvlHa5JNoepRNg0xelAVIJ
HbxX7pW2uAhMyaqA+ksjKeG04IsBSQOeck5WlPz/9PQf5we777c3m9+/uweG
g+Y4ueF19YM5biAye5Hvqqf5H3OnaakwyGQIJ1rSp1Ug5TqTLHpAnIIRJUA/
pUEEn0K2T5lrepqaCgL1ASFOFQxXWqiR3IHhgLUWyScWRobhptpkItsLKVFN
ZBANZvgMT8ePgQwS0sIvn0xN9FPYGAttXCOR0xitNxY7MvSew9vT0wtYQmKS
YhBlyIvlnpZwy3SSwwGjuEnUJILRoj+jzZygLBV7p+mpBlKD0SBlrCRQdbgg
YJdbE0oAKTl8rCUbUrZz9rlL/g3v6Qlwxziro/gDLa3SBPeaBHGBmskX5XOX
RdxDgHN89UrsWf4XLVdk4o7Mbg/AUvO8cxIOQO9dGTREs7GJE7+IbjpqXL4U
NFXZPB1FIOcAPpQMLAFRkIK0k7KiVklAggBiIA1hMKZUkEV9wBUIJhSor8Ru
mjwgXRgXZA+RGdFnIF+cX2bjKEnjdDhbwDDsOQaQ1Q/0Bp008hJ6JEqsHF90
e+g14X9F54T+Pt8/u2if7+/h393D1tGR/cPTb3QPTy6O9sq/ypG7J8fH+509
HgxPReWRt3Lcul5hslk5Oe21Tzqto5VFOFD7Az77kjUryHfkeV95JcZgzMfd
0//x35vbWq5tNpvv4dj4w7vm2234gJYGr0aWEn8E7M9Q2ko/w1lI+/mTKAff
Et4F/h+l08ScyK//BTHzX3fE7/1g0tz+m36AAFceGpxVHhLOFp8sDGYkLnm0
ZBmLzcrzOUxX99u6rnw2eHce/v5HjKqk3nz3x988JEOkklOtN3bmYwMfjXh4
TjQ8vTIefR3Vx3dtaVlF9KISeZk7jcb4kXpAa2VS9EFY49c1DygKFQyNc60a
187l74yFc4D+l37OQm5B2y4BvyJbK1pX859ZHJUNDCPSFhMQUk9P5ass7omh
UWaEEiCFN63ZqAQRYl/qOXaAWMXt38HZGqXhLf2t16mz03freW0g9zCMWFPl
lfnNnkbSD9EAr07ONjtyjpCPYPjwYrtoASd5vTebyFv3wV40hLnoUcs1nelJ
7zGp0zHfVuRUiqRSB/sjUWxJg5EKL8Fh4yAbajKUoqcAmAaVQyuROg/hS5hT
OZyfunWw+BsgZRkm7fMKAkQEjkDO+FFLsLHw/fMw9VKBQSqUguQxKmMlY6SB
zAk5zHCA1jMIbDSoEDZorxIlpXo1c/XTUFO7wjhaxijRL3qrhr0yGUggO/01
/AGG0RpMUwVNEw1Q9wHaz2gBWU8SZ7LO4/yRlPZeGSewh6M3o48HGB85m9Au
H9GsUbeiLuhPZjR7qEBvOXipjWHD2DCg6wAGtNWjpMilYuZa4nBNo9j6ydae
9xyXHRSGKiYTWAGni9NkWI8tX8LUOBhcLoVmCuw0ScGdpT3n/hD3i7t58ONC
kn0RYaQBNZ4OOpJMieYlCDy4nRODjv92y1i3CEdN9xN4ZnRhPHUR19pkKMJb
sfr0ZD9xMOf79zWzoj5VvSSJCEtzuCQuHWG4AYMTC/z4n9oUgFlnpJZbs8+c
DfZepjPtxt9ayV1vJ3CEt5qahdHzuBUMRfA2QJNEIZ5kb1QCidoHj41sFySK
0j+xzJsYd6UhWloGo2qpuBvaNjOBYTDSijhEkY0O56BQZKvDJvx46G6BQYOH
IGjz0bh0YiJjhgOYd9P7W7Tx86g0rW+DZHArgtiPxpUNdqX8SR1MNvVWY6vx
lq3q0sFE+g5l7kcxWuxt0naOiYL2nT5gNs7QIC6BsfgjG0MjsYHC3rrbFK9D
S9HQCRFYMudIxn5fxvYVhJLk0/KTR4jKp7dWGbI15gEhMBneoi9ZkZxWXIOv
KcGLF0SQKO+HMpEoRch8KJII2BTMzFzE0kf7Y4zUouHTFASYIRiAUFEAR5OI
vCdQCoBPdNgNTWXgmvgzjO+U7+m9woM7fLWU+KtLNMMaag1f79VslNxFcMRk
BoeXgF0CMBJxA27HKQMJFARDtMAH+kFltFPF/F+UiKOBpODrKqHbiu0l7LhG
MaAIo+bERKh/ZpMoIBYZY0SJxDo6cri6plRnjRogh3x73D1africpm2kPyNp
UzjORMJr7F/4FD6mYzPRBJRYjxSkhrfKQLFRnHKQzunlEhwYCsI9wlRT2BDn
5kxIsGtDyqVnrevMkDnKRRwErGfLEGHPbEAPMmLDnbacg/TcbJFC56wKjNka
vQUgFxkFyvRCQMIjME/7ePxsfpQgkieOUshVGZZ/xKmV60+v5rWI57nCwkTG
lgpqlCTL4VM7wmQawIfLMlfeLTA3SMM49Eg8K1TvHIkFm6ZiVSPK/Lyclhx8
fklHUZwTYi8GTEe7Fm0bSLyM7pK291a7WvJuNrbmJOVarYwl+PEUGJpmjVE8
kFumD79cF+MzjefC1/nccZTDLEylvh04lkNDXFDYyl+qmRm9PD3MC2QNIgNY
DLyrKCebdBHl2t2BnfkgtB27x92fjhzpXQBHcwaDDG1xcd5GPW+Q97bRRGyQ
Q9VsbjDuQFOkRS5geDZD4TbI/CFhxDlUr0uyWtVKQak4MEABhrEMI5/AC1Pi
Bn0O7HSV0ljlGWKIQ0M+bW8H3kcn0SQH2N6dgkAkr40kGomkiqlHr43SSU2o
tIpSmpcMbWP+geBDK6Bg38Z3AlJ1YyeKYJRGKI8vjQI0ONc71kyuiiinRBFC
UFlECwWLnZrWbkb3wce8cmwY7kosAZT750MGzqB4NrjnKNgswsq9W1fY6C1j
vptEFjsbpbyyK1Cwn5JnUc6myny+HDg9Y89jLnLxCbzLgrXVCsemfyYKSEqP
TZkFiefYoz+Se/Mmqscn9YK1/AJ7O2v/BJNrY12njspv+1ESqtJ9ALSWhj2i
cJJhvi8n59HHw04LhfHNxxkrRzZCOIRgxmkLZpqhcRPEUXnemGcwNpNDUg4o
eizTkbFTF8B0oDMaelHip1WXmEkpi4ZDEufVUA+ea1efAn5zrr/xvFMdy9Vf
2DMDprbHlpcGK0MIckzbEq7N2wc5ZaJNDdFOEAwgTiRJx4HXC4/9GfKDfAyk
DVCBVgC5iFKOrJQJ+f7alAFWl4AToBxnWzgJcn4fPVOMq4BF1aBAkP4IhtNU
6qkW6ZFn1iSJEMcpTCAmKRDCDCAY/IiEOVvi8HzNI51L9ID2qGH9tAr5GpNH
MJLBfcn/5dlzBIWI05pOUd7Q8kRvx4gTtoPRLhhUNBuK0j6Z26gy0EshoaPn
48n0Tp3YB29nkWjHfk6ZO5dYAfuu28G5U6PkluhK4kvmRgOvLGMn1iswIv8Z
qkZEYJ6rEikvNehrRLY1PWpCRmTraUixpEIzaOuaNABg2bttBUiC9QXHqOYh
QWvdgvuhZBNsFLSoSjnI8uxg2FeIchnFjMcZXBLvVNfBsFszGZcJU8kLjeHg
2Vr2c0fm2HCe1oK+AQrBUMv2QaUiGo01PC6t6uKI0Co9i3sndEisrkYs5Eb+
gz2o1TK/Y707sEyUdHxxvw+mpAOhV5ZVYEkH7VofwEu75nHOtj2zbUsZP7Nr
imcBH8CIJHfqP8ZRElHom2HwnofBDlpjIbqfZfDdbpqEJm1FTxSJojQIikyE
RWakqXY78KOtj1lwYtrzBnDFdGHmJVmTzGA3vsK6GapCQDME6zWIrcvxNW26
ELnSdxhsIU91ClSZTql+kPQdVmDBS6RRbZUAjyc4I2RqeIZ0J3rGY0VBB99Q
NJECWRU2hsGt0zbVXTRES6dROPoMZ4aBR7337Y0NsfrRx0JEQjE5yY5dxRzm
UCnYiZ4JqjhWiyrzC38Q779+i7xfQRHxojHTSuWN4SgQbhKrKwkpNsg09RVX
6AjaBZqncIIIi+fCsr3RxF3PJai0RYiGSJFNkEl01QVSqpYkaHFcXl7WHRtO
x4V8YgoyFAl3mDkQlSAtKRo+IYseKuRJ3CxRJTdRiiUmtgWuaLhwwivwh4kP
mVyxVvkopSiPnUewR0+bBvNx3YbH/PLoo2tgzthUnmq5gBEWE8Uk6x+USz0x
ZYFAxDw4Ncqt5EeGd16NaDMMaQ9g1Yk4mBjOeeJH2Y7n/etf/xJ303vvyRNi
BY57ZUes7Id73dZKDZ8E2QM/2Xz9uvmen4X4ZNbMt/aKwae3H0+G6uTk7Sh+
e7xVdB6+dO6+xDcDP6+/+/P04HVyGL3jUfcRjVMPQd2vw/r6KZjm8PTkz1P+
/IifdrtKTq5ml9J/Pa4nnd7gLjn0zwdHaTi5bg5Pu6dA5c3Hz/V/ft5Y8b4j
CN7TDtdDfljZZVhPdabwT1jp+yIWUD1rJBDmyrBdNWrt1kRpbGGy0/tQ/QcJ
fn9H/OXrX9iHn2bAtzge2RB4ULx7+35TzA364Hmf9ntifRiNx7IOthm6If74
j0HsP6TZhwcg7zj2aQvrzUbzF+8wxYJawGC/oSkBS0d/8ay62BFkqnzYeXN2
97E9ublsxhc3b7bDs96J2k6j44+T7elh8+rbXboeffKbV3nWe//x06dNf2Py
1Ts+uwrDztnW8eb0cP/9P/96kDwmR+/eHJ7m11/ONgfXvd7e8MOHHWc5tmXM
oqsrOo+2IlbmMmjwxLpaHO3+6uUzzvitrP2mkz0fmm/fbr/beL/R3P5NBw/N
oy14RHbWhxW/H4RN+Gflt9z/6g0/rDyfK1n5zXqwH2wZ8jz61odfveoBrPzi
PZOr2xFy9nnU/xREJ9Hng5v9895Zt63a43xys9t+0x7H34KtL3EQNbObq3uY
9mj384a8auHbW/7VGbij4UY72WjALHf98XV0kqgInmXtu8nb9vhA3cxglvsv
9+cHnY/taBpdb33+6m2279Lo/PJs1uldPJ646yWdzetZc3R0CYTPzzfgvzDD
+6OLXficDHHlvYutzlcvDg5Gr79sfhl1Ljfy/v3ri5vxpOh+Ouje3D8+3Bx+
vDm+DM8umh83ri/vH+V+mgcX6bSdNN8DDLE8BBju9r96W51vZ9vHe/ffjntn
sF48CmEfx71gq7M3nJ70Wo+d3WnkX3W+4Z79w/ON4PD4zdHsfSw/HeTBp8f4
aAx7eeh3309gTPPmqo04+mf46d7gKK/MttfaPukdbx3ftabHBFGneR0h5OFX
b9K/6sQn0buHm6vRqH/1Ud10X9/1Nzcegq2bu7Pu5/eNi+mx/4/oy8WkvhH3
O0d3lzfH7byIO/vfDuLB4z/udne/euoyDOtvdx/fDTrv3sYh0MVutN+96h6f
bxbNw+bbk3by58eLo93O0c3d/eAm7EYfp794czKny1JXy3SUNy2lijFbPUbB
mqBFX1J6GoVRSLHWqsT53xfNB9fdd23V2nu7He5NetfFu3fHV6+vDs5Otz9f
d66j8732/f4kvt/eu9xYEM39F0Rz+me/vR+fyXC3PnuYbjT9h8MbNdr8Mnyz
m3S/vD6dvpkm1zf7n/1vx8+IZjkvmlsLvg/nwfry/4LANcIUDJVt0QHFfZAW
SfiLBwZswj7TDjgSYKHQIyfpDXJ35Nc3X7/5sLP9dm//bHL37vBj1//req89
vvzr68+7sjiT5/fj153jyefLm09bo25xcPHVQ4Hp1g0AMuRjvj6J/ShZJrlv
JtnG24eLs/3dd3ed2dHVRS9qXxWbk3RyFqXh6ceulHd3wzej+K+76xvxetRp
ffX2+p8vjv/s9fcO1ZY6iI7Wu8VmMD49vhg2R5eHvc03m63pC5KbbbhFOW2l
NNAbQ/HVq2P3SfmgHhKCUOpr+Y8FE4s6AJ9aWQ+I+ZG0f+NK+034B6X9oqwH
LeJI+/+/xHb0gth+6G7CLJ/PLx/Pby7P946u4s3wW+vx+uqmfZl00uP4Junc
d4qL5nXz4jDYBClwc3n/5c/rq0nnR2L7ernYjv7Pi21c8d8W2xGI7cGX4WU9
kkedkX/9+v3k/Ynf25f5Xn70rV9Mk+m53PjqXUzrs2/Nx95Na5jdNbvfWlHy
qbN11g8Hk/23m8PdXrDpH27t/ePIfwjPiuOL48O94S/eL14nFVTejXoenLPQ
xzrhZ4Q5SyMUUa9EuxrP7xK7eN7vMNHgbyBHyNNDubNPzWk7YoIhAfTWximl
FCilqouGQeZPJfiKvsmFmGCInuPt++3NmknIcUkbuxC/r9N6OhdksvuZDKi6
k/wY9sXAQbhPsK5xacmJ0yRiqncp2bVQiqJVF7nKMBI8t9y67vByG5MpiQQR
iU1aOsHi1BNT9RwM8uP5+BSmdBBKU/jGX09MscL8rk3FqIGYip1zzFhQ/Akb
mXQwhDoHdfgtBFCoKtwW6eA38GGY6RgENZcpjXYFru0pn1qS5k7qFCMtGmwM
OaDz/BCF2Nwwl+XBItIycIVfzrA5Js0UvWQyirhHWOuAE6/ouNdggJCDAdYZ
2ewrHAVXB9hYJIYWdI8YQSUxoKnLiXm76KVjwVIc8ZkSOlBOA+4LTIbrHgXt
tVok+jo9Ni4AjzqAjE0P2DSpA841DLH5uR+njIkHbCFEn3yBxMg5Br9qIE37
ErZWhqbPxw8fIsWzlnhOKS45PxXGkCj8i0HOAKlcR6lLLlkpQy8+mlDADQ+R
nJqMUKXcXxliGSYiLBhCUHO6oIwCmZx+Ubwpipwh2vvgHQ6iXDeYJVxeGEqT
ycVtUhwPOVpiMRkyM7yMWQ3CEQbcs6iaDxxIGfZ9E/Omtca+TlRbRMjQ8qri
GM9YR8kE19gUExMqduhyEWqMY3BRq0NBLH9w79hpkK9wRG83HQAEWP10Umll
1M9/nZOFO+J341rpnk50qgJ6eb1s2aR3omF9kgZ/gzmOEQqsIqE2xV8plPLX
5yqMdxAH6aAO/wZoFkxymGEX0/Tw3g6OrT03FF48AoEPcnxHtCbYbyM2Gxs0
HPYfgAl0hwHEv/N+G1GKAzCWW0yo5mFHNLfqnfShvrmx+RoVQVcGtHGcoCQe
NSeSbQmmMq9XaE3TF3KDDfDrU6y28ywKaipUF6bJwfs3UpoU4oCFntvSsnYb
67TY5mXTF4YHlkktg0yAC6jnuRpvHHeKp4h8cWo7dnRj6A+7i1CloJVO3Ivb
z2QuqM8QJLk/GXHBt9Y+ns7ll9KRY4hMQlqLmXYhv5o4eRmbppK0x9E5jhrF
NqpJpjKfbeAnnIXT28BOVVvLpnsJVTmdQSs26yBZUI0cxlt1gNJbbEOynSY4
NtGZnUjZUce9o265gFPe6NEbGAmGD7BYxvs2XaYkJkYynmCsG7uYTN2winIQ
MNxnS2YBQRvlHhJ+TqW0gNqIEvpE3voNA9uyE9BZz8CfILljxBazJJhi1ien
47OAF6f6S4c1F3mFSvXnFGOZY1u2Ac12AVZwUK7Tz3JrJlU6IqlKepKiyxNh
1N9mc9bmm310HIDKWUxptVuJzUrYk3E0jhIKOlJfssmLRup+gRkxeYv6JQeh
dY/Kjcwr7nTtp4+NHxb7j+HpUHO5Li9xi1xPOeWPb+6DFlIhGG3kS+PeycbT
KWneCpAVaOPE7kWkfWonRAsp4wIbel8jY66TcuSDox0Te6CedgjpR2RCwe08
l+NJziULSCGYPIAPQyxbxEh/+OCDKBpKSrVzDTi1PRJ0RNaEGK9cbtlStq6c
MqSYm/NZZMqaSdY5TZJwPtj+GdjwgSiSGGaygyzE3BGDxgFZZipFm5p4tkxl
NASGePFuAVvwh8Aby8fjrjZ6+MYUllF11OvN1yDqzdbB1tCJLG1x2poM1IZj
rlUq+eYIuEpNfC2LnVpa/dzOi/SqSy4LXTsGhDXKnVpPquMANPtkfwAxpLT9
AnBpWQcDLGD2qHs4fp+b0k1SEC+NSIJZjVLAhSooJanFgC7mX0gcggVLtIZy
we3L0c0M4IkUuakABKu0mgCcrxsgHJ0zeZ3arj4nSFUWeGsN/1LBColCWoar
gWNT8D1AAq65Qk4F6UQnd8pKEV2ZtVDIo7PXmpHNSdsODqR8JgN934HmGadV
0UfOUXmZd9e1n34M3nFIZiEo9T26egUxXExSU21GJrQpVOQrSnT1CewHq+Bw
78SdapYEoywFM1LqDdI2AjLF/CBLkVdAdRi8arpHVwXLv31HzqDMQLYZgZUP
ZiwQWqKVk62g11uyk4hV6gthMx0OTOXEb3hFjEGVcqlpDT8k3iKuOCSpPSO8
7YPkMZs8xySFxcf0kZrhrFCW6juJZWJ1t4E9/4HJ84xY8lYtba0RniegIYTp
tS970ukstF1Rlbz2ogKQgPo1lEkk4ahJH1kud8wRp/AV/1f6e/o+hBg7KnX9
u+fUVYJ6s5aEdAsu8dQTKulIQ+PQsixml9FzfROXLexGyFsJmCaMLtCmg67E
pHNzxQNZv7icVyS2CMIuU2bFOcsuc9wmqX2T7CX+RYxneIELyndTd+IdO3oV
gwRlOfL8JRxUw4GOBmEwBo0UU5G4McV5GJVV5YVvO4gdMeBFZfEV+9FlSYfR
+6wadXkvkSaF2oNFZwXOWFnTpKyvJjjROKVOAB2md0/FYAtETiZQT5G7r513
JuQIHf5d3CAFE4BdQBnIxFXFYaQwxk4XMAwW3NJK4p3uViBb1L2+YKLBghcs
JMQ0qso1DQMp0o7tL1iwrZzrWBJmcr/0yxDUmgCZA3vP0Ipfys52Bi0DnTVC
0IwB1kyT+4LTaUvb4yP3s0rVHxA0nbDbia6NNknxBDwSFnMVPDKkuk5HH6d2
QgodbsEuh3uzh4oz+yn143kf1hbpy3FEhxOX9DrE952qDk3uuivMeCBASXdF
EpSmoxEv6E2xLdAQJwVIkWiMTgT1CJHKCpFDQBnqKI4uuABk8cLwIlES2wfy
IY0fJBsbeqOViqG5mKfhDEmFJ8BwUs03kJEHVpBFbnVyha0160SZw8LkQRdj
bUP0yPcwtYsEdRu+Bj6x1f95VihdzxnhVw5awAHDfiegGmwAM7pCcZQI6NVn
anJLZeBP8Fjjh7IeV6+HeyVPFCQRMkVJ9lwnReGTkl5N/QoCxy2TRrviVvBO
AnvNDeFpYV4CC1YNRqkRnxyZwx26VZdoQ6WUJEXSbTDSBK6Vybk7eLA8R5sZ
qnoydBKMSB3bRKJ33DTb5Wo3alwbibQWcGg2ZVOjsiiXvdbocHwd0XMalll3
Kc+EGVmA5HjrmY6HVNFVuYXHuTAHRFzZ2IseAEkaknxamPAlECRMkJwTrdVQ
xJa2hr1VBQeCxTZJgSFKy2g1dSX0mokAL8rCJWeuuAQRjIwa2WovQYTdi5Gm
ZML0qm/S4UzWWq9F4FzkvBe+2sraGGg4ktlb84xFW9MVXTNCmEEJu7cWCUxu
2qFgA8PccINMX+0PQDZtlUfHC7FbY2sq0U0t+7XwRiu3jx/8MpbtvDl829r2
OmhCpvsP1jHFfGjbgnsFmh4R4TI2+sQaGaUHyUFzozIWqrLBjPcoiUBxAzpe
unUrAp8rwjrSvNKMYUDU1WFlLabmSS4CxaB0ZHCM9ZFpDCuQPGe7zvFFsGJS
m+RkHFAbH0KSThNWPnQ7F/e140F0StPFqC2y2yJNmcj03A9JxuysCkGjnAxV
oSAy1XGgqjk31ynr9lxE1sjAqvoySeexz7NwIUNp8j09VW/A+F6bM1yde/Gc
wmG3wYbyeE5J4GLReVqWlQLP+JVGtWU9abQvp/YbXe35SJRYJYWtMbXWMAdh
7MwXT+LfIkmxSJKezbIto0arIJx+FtxhLnfEoT5QanR6/lCXWO661RKrZ0VF
U7iQUjtzLE2HabVtbAENTNA6bsAX+cBYLWPOF7xJ05+VZxFZhrrGPbRlsQs5
UNjpXLiePNsa2oCc3MMb4FhFBiOss0mGeqOOC86oxN14Ad89pj3w0utea7Dp
YppBTX0rNtbypTw+GWFI4eR7zufsdFzC8dB0G7NuX0YTEaYegDuEoeIG3m1W
5gFVhIrWDYc6javmog/t5nFgQJXxcht+Rp/IMxf2TXV6tKyUN/VFurKYg+GE
AueKKx001fEBCsqiVkLjH2alcNqv4uW2Lqdxd0kfiV1Dg1Qt7HVqyG3LRilN
cVtoCzDeOMQpTWuIc8cL7vOCg5LLdlrSXrXdp6ZvxswlM4K2pK1uXLeTURFt
pEr0L2MPrKFodVpznqh4eoXXkdartP2duGkuun9sOt1Oy1bhczlE8tfanOaP
bNsNW9YZvSKzuZC4xJS4tLdCrLy82IqeKpthH+Hzl7OiqJ3o9TJnfwL5IWaz
143ico+rI6nnL+Wo6Vp+QtTC7RyNZZdlLBmycGsGiaxXFR2kD2OxdxtkLt13
67wMz/bKoo0d7dqh6WgY1nRwNmw+xPFMkV9/c1Izyxu+y9S2rlNw7kf4lZOg
uMIO1QNcXV3VxJL7S6qAOtxXAXexZXMO6HLgPOjpnAhgEGuVyLBuhjbNi4tc
uqxJzEVQtTHMz13u/hEilp07XpKKlQfIlHtGUR4CpabZTJc0PV/K9KOyJEDz
T9z2jZUFybyUo15tagRZdveLkdyID0Da2m8lX5OKI34Ew8BtlrAYM10TqMd0
Wr/MqSAZ5pV2UnNYWEvDnW7lVRmrWCrBzjoFU2Sm26BeBHvLWgKg324v6Z2W
5pBb10QtIyU/3da/6l4vsAw1YvVl+ba2iD/GuUHf/zPUbZKjFmKSe/pj1K2q
AmNGUufYKvcOJAIO4WeXbOKSu9g6TsbgvN5sVL51GtVUQ0e0y0w1bZ2u53Vj
Z+Vz0ORLiwtNHO4nd7yBO27j3ZEc/lJknC+52aS+8ZZnY/LQnX8CL9VXz6zl
XrkOw5mS0Z9lqX+KF7PcgmVi718Bg2Nirzghs5lurCeo9yIVFEqxEQX2QhTr
xI3JO8B8JX5nuq0LDJ4wBszXygpFSg2OuN+ZiGB7o0kD2SnXyefQ8r/BeVUr
l92TfPUKNzHre38og6/AUOaD7AD92SuVEt0sl4DGGmuNdKHKHvbnGmF/Csdv
EMf75raF0N4Kam+GWcge7cos55AnbXVvYYiTUIYnc4U9+goFyi/mle+rFwI3
gDgjHQFyiyl/CqjXTDioRThSpUN9i8AYJNtQaZJOrburTbbKNbDlpbO/zl9W
Z01cUG7l71zgueDLXbTnp7qwME2YKm0hh4339uUML8sliw/5DGVq1Wb9KQxs
Mwa0mguSQeNuet+g670ijqQwxIBScg3dG3LKVkzkldOe0NfkGEgWvUyq8NHu
2MDc1Icj/SSsDEWbPDVBLufCWauJqrhGGH8KXNJ5u3x3NpwIVzSVLQYrDbeY
kNKVFFexoqp72j442Dd5TA5GHvv3gDrQI85FZog4G3igKGEY2kP1++iKcDt+
bCs9kXet66yDtUyalclpK1og8cp3efTMyvjOfkVY2UbRSvEWJf+4U+LnqGaT
0Ui5BEp507m4pVtKYzJLdcFq9TcWIn8IWt6SO0WOWx87B1U1Fs1dpgKyj+Y9
Jn610XFyRwOsLgf/dqh/BuEnoGhqLZ7xtVNOLZx77KcRGiPVjVUj0kKXgKo5
VbDCeYcwxVjPCkXDV5ZIOSK6Y0xjOh3TgC8qMBxTIrwM0JG3X1pEsZ8MC7qY
jgtWVyu1B3QSa0ZauXdBaC25LK/v2AFW6uk7sbUMwvu76/Zqb7pRmyjI2hP2
Sn6K7i2UwOpfB3Cu1P6p46rYE5ef+HXdSQ8WBWxyQlqbp1H8CyjPzGRArEbm
RuxwGLD5Oux5yGELGvITpwRt6SXESy8b58ye++MMroTUJZScViuvo8OrVZJh
PtIl5NK/T7h9ACwHn6XKXHRO/4gIHEetathwQMmcVcM7lPoyEqGK8RiLDUyY
CyOUZgsBXXBB9RpLalLpvnecdiHsjL4dBeyrRAPCvTBxR4oDkfA33FODte/1
/TEYlOPiIXAPJmQNeRxyKqvQXV3IGbcBgq4NOa5R0kULfHtcYe6g8nwTikwL
NVeeogKZwJmlqizJoBRvPcS4e2IrWxDCxeOv2atfabMogGu2ap8ECxGubuSo
gE8uM1KVx7E9hTcN4OUZ4XxoU0NrpxmS0CBTaCx9U9RNRK55koPMdFUJTpVx
NBTT+jUT2uBYIsM8H0qt1t1QyhLOx94IrO/kq4tPhKHKrYarz9QX8Z0SZI0j
5X2+7HFN5IKUoR+nMNlblXLXPLxuaUiTPAdMZTBim6FOoRrF16hh6SAfVdl5
qKg6k1pSfLyHZQkr259P4KpOc3mq0GXPA69crjaf6cUqG6fyVDOlYTJqGQDz
lYnpGVqCl7G4nlzJSFe0cmbJ/eGHCpGDr2lqbJOhZ8JYnEsw5VczN0/JF5kR
Yp+e3IIxZuEWF7Sbglbc/jI8WYrDHg59TfGiq9pjgoRToWYRNGspUMv8iibK
oNC/xcT9UkrbTOYnVIBSQUI49+OY6LG1q2uc4TcmT0Ue6Bout68MlfM6YbYs
s3GrXYwoIFwAtegy+6XEYgqshtRXWl2b9QDFgb2lqpSIvCEOCnPNjCqb5FBV
kZtMdd/O/SBzXLpGSTLEXSg9gzILlo9/6R+OcaKb7MlqORfoThayDMq6T7rA
UtW8smK79GPSzLlYjDph6DzQouFh3BHFLVx+WZQGzKPwIj0nY6tFSiZN1Y6f
sBDV+RPnusp0kOs7i0zNC5uc5HlZvSMWxYiVg1w5qmte9M011UCAubWf96Bx
oGsTsdGLcIHkSFBgpzb1weTZTLeGZTKi39RYQixU89Sq2q7e0w7/ZKAMP6wM
gCOluS6EzV2zJKbOdew1uddmqvjTB7MghmMhsieSIXuS88T842Oe0+35GUsA
4bxA+gC/AD37cNx3UuzPFFrxfBeMH6bqf/43fwqLgB76Ju+rd4ezdLPUScQ5
skZTlOFdVBkSmOLfDeIN7/kJoFIcADrd7drWQG5KSoEashgtgEVeMB62uNSC
iyduZUmYi24wmsrkXgUjLrHFXX3MIlhp1x9P+gj+dIS/tcZIlZyJHmJnNZZF
O2a+1VuwmUvXZOMuKPY9/xfIw0DN5XIAAA==

-->

</rfc>
