identity: session-as-process — create/lookup/expire/revoke + idle timeout (11 tests)

Session is an Erlang process holding {subject, client, status}. lookup/
touch/expire/revoke are messages; expiry is the process's own
`receive ... after Ttl` timeout (RFC-agnostic; no global sweep), which
notifies the owner and tombstones. Tombstoned sessions answer lookups
with an explicit {error, expired|revoked}, never a silent dead mailbox.
Adds the conformance harness + scoreboard.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

plans/identity-on-sx.md

@@ -19,7 +19,7 @@ through the event log, all authorization questions delegated to `acl-on-sx`.
 
 ## Status (rolling)
 
-`bash lib/identity/conformance.sh` → **0/0** (not yet started)
+`bash lib/identity/conformance.sh` → **11/11** (Phase 1: session)
 
 ## Ground rules
 
@@ -57,7 +57,7 @@ lib/identity/api.sx ── (identity/login) (identity/grant?) (identity/revoke)
 ```
 
 ## Phase 1 — Sessions + tokens
-- [ ] `session.sx` — session process, create/lookup/expire
+- [x] `session.sx` — session process, create/lookup/expire
 - [ ] `token.sx` — issue/introspect/revoke (opaque, grant-backed)
 - [ ] `registry.sx` — route by subject/client
 - [ ] `api.sx` + tests + scoreboard + conformance.sh
@@ -78,7 +78,12 @@ lib/identity/api.sx ── (identity/login) (identity/grant?) (identity/revoke)
 - [ ] tests: audit completeness, cross-instance subject mapping
 
 ## Progress log
-(loop fills this in)
+- 2026-06-06 — `session.sx`: session-as-Erlang-process. create/lookup/touch/
+  explicit-expire/revoke as messages; idle-timeout self-expiry via
+  `receive ... after Ttl` notifying the owner then tombstoning. Tombstones
+  answer lookups with `{error, expired|revoked}` — never a silent dead
+  mailbox. Established the conformance harness (`conformance.sh`, scoreboard,
+  `tests/session.sx`). 11/11.
 
 ## Blockers
 (loop fills this in)