{
"path": "/3ly6yulzgo22c",
"site": "at://did:plc:5svqtrhheairglgiiyvutzik/site.standard.publication/3lvt33dtzps2a",
"$type": "site.standard.document",
"title": "🐛 Workload ID Musings 2025-09-06",
"content": {
"$type": "pub.leaflet.content",
"pages": [
{
"$type": "pub.leaflet.pages.linearDocument",
"blocks": [
{
"$type": "pub.leaflet.pages.linearDocument#block",
"block": {
"$type": "pub.leaflet.blocks.unorderedList",
"children": [
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "Workload Identity OAuth (or otherwise) Reverse Proxy"
},
"children": [
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "Enables fine grained access control around what a workload can do with an API, more so than fine grained tokens, control specific POST data or query parameters allowed. Or potentially response filtering."
},
"children": []
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "For traceability the SCITT policy engine can be used on each OIDC claims validation. The claims can be added to the transparency service."
},
"children": []
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "ATProto can be a place to store SCITT messages, and SCRAPI can be built on top of it. This enables federation."
},
"children": [
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [
{
"index": {
"byteEnd": 145,
"byteStart": 144
},
"features": [
{
"$type": "pub.leaflet.richtext.facet#code"
}
]
}
],
"plaintext": "SCITT content addressable URIs are still interesting for this use case. Need to pull from old version of spec because microsoft didn't like the : character (yes it's that dumb)"
},
"children": []
}
]
}
]
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "Using ATProto as the graph"
},
"children": [
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "No private accounts yet, these would be ideal for networked ssh-ai swarms"
},
"children": []
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "AT-SMS could be promising in that direction"
},
"children": [
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [
{
"index": {
"byteEnd": 41,
"byteStart": 0
},
"features": [
{
"uri": "https://boscolo.leaflet.pub/3lxx6eqkga226",
"$type": "pub.leaflet.richtext.facet#link"
}
]
}
],
"plaintext": "https://boscolo.leaflet.pub/3lxx6eqkga226"
},
"children": []
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [
{
"index": {
"byteEnd": 43,
"byteStart": 0
},
"features": [
{
"uri": "https://ngerakines.leaflet.pub/3lxxk3oahzc2f",
"$type": "pub.leaflet.richtext.facet#link"
}
]
}
],
"plaintext": "https://ngerakines.leaflet.pub/3lxxk3oahzc2f"
},
"children": []
}
]
}
]
},
{
"$type": "pub.leaflet.blocks.unorderedList#listItem",
"content": {
"$type": "pub.leaflet.blocks.text",
"facets": [],
"plaintext": "gobengo wasup"
},
"children": []
}
]
}
},
{
"$type": "pub.leaflet.pages.linearDocument#block",
"block": {
"$type": "pub.leaflet.blocks.image",
"image": {
"$type": "blob",
"ref": {
"$link": "bafkreicfqbl4r3fm72gbhnk2mnnmu4keos7xzq2pkx76pqy2i2gr3geavq"
},
"mimeType": "image/jpeg",
"size": 183958
},
"aspectRatio": {
"width": 738,
"height": 827
}
}
}
]
}
]
},
"bskyPostRef": {
"cid": "bafyreifhkb22wk3qhw53dzthwq6mqshwpjvfpdz343ckgbe5ja53cucfxu",
"uri": "at://did:plc:5svqtrhheairglgiiyvutzik/app.bsky.feed.post/3ly6yuuzpbk2c",
"commit": {
"cid": "bafyreibitzy6po25poxbuc3oztsf6hcokcf7xykwv4ix6nuoxklrrmahdq",
"rev": "3ly6yuv4hvt2d"
},
"validationStatus": "valid"
},
"description": "Whoooooo areeeee yoooouuuuuu?",
"publishedAt": "2025-09-06T20:22:03.664Z"
}