v0.3.1 — CTEF frozen interop snapshot

CTEF v0.3.1 — interop frozen for State of Agent Security 2026 launch

What's locked

• 4 inline conformance vectors at /.well-known/cte-test-vectors.json — covering identity / transport / authority / continuity claim_types
• 5-way byte-match validation — AgentGraph, APS (aeoess), AgentID (haroldmalikfrimpong-ops), @nobulex/crypto, HiveTrust (srotzin)
• 6th in-flight — msaleme/red-team-blue-team-agent-fabric, v4.5 byte-match report queued
• Live harness aggregator at /.well-known/interop-harness.json

Standards-track posture

• A2A WG proposal #1786 in Proposal Phase awaiting maintainer sponsorship
• aeoess/agent-governance-vocabulary epoch enum landed via PR #61 — CTEF v0.3.1 named as one of three production crosswalks
• Nobulex bilateral-receipt primitive shipped in Microsoft Agent Governance Toolkit (microsoft/agent-governance-toolkit#1333, 216 LOC + 11 tests + OpenSSF passing badge)

What ships in this release

• src/cte/canonicalize.py — RFC 8785 JCS strict canonicalizer
• src/cte/sign.py — Ed25519 + JWS attestation generation
• src/api/jwks_router.py — /.well-known/jwks.json + /.well-known/cte-test-vectors.json + /.well-known/interop-harness.json
• tests/test_cte_test_vectors.py, tests/test_jcs_canonicalize_aps_interop.py, tests/test_aps_rotation_attestation_interop.py — three independent regression harnesses

Anchor

This release is the load-bearing snapshot for the May 12 State of Agent Security 2026 litepaper byline.