diff --git a/DEPENDENCIES b/DEPENDENCIES
index 255ca583c..80b8c9507 100644
--- a/DEPENDENCIES
+++ b/DEPENDENCIES
@@ -68,7 +68,7 @@ maven/mavencentral/com.lmax/disruptor/3.4.4, Apache-2.0, approved, clearlydefine
 maven/mavencentral/com.networknt/json-schema-validator/1.0.76, Apache-2.0, approved, CQ22638
 maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.25, Apache-2.0, approved, clearlydefined
 maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.28, Apache-2.0, approved, clearlydefined
-maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.31, Apache-2.0, approved, clearlydefined
+maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.32, Apache-2.0, approved, #10561
 maven/mavencentral/com.puppycrawl.tools/checkstyle/10.0, LGPL-2.1-or-later, approved, #7936
 maven/mavencentral/com.samskivert/jmustache/1.15, BSD-2-Clause, approved, clearlydefined
 maven/mavencentral/com.squareup.okhttp3/okhttp-dnsoverhttps/4.11.0, Apache-2.0, approved, clearlydefined
@@ -154,9 +154,9 @@ maven/mavencentral/jakarta.annotation/jakarta.annotation-api/2.1.1, EPL-2.0 OR G
 maven/mavencentral/jakarta.inject/jakarta.inject-api/2.0.1, Apache-2.0, approved, clearlydefined
 maven/mavencentral/jakarta.json/jakarta.json-api/2.1.1, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7907
 maven/mavencentral/jakarta.transaction/jakarta.transaction-api/2.0.0, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7697
-maven/mavencentral/jakarta.validation/jakarta.validation-api/2.0.2, Apache-2.0, approved, clearlydefined
-maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.0, Apache-2.0, approved, clearlydefined
-maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, clearlydefined
+maven/mavencentral/jakarta.validation/jakarta.validation-api/2.0.2, Apache-2.0, approved, ee4j.validation
+maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.0, Apache-2.0, approved, ee4j.validation
+maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, ee4j.validation
 maven/mavencentral/jakarta.ws.rs/jakarta.ws.rs-api/3.1.0, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.rest
 maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/2.3.2, BSD-3-Clause, approved, ee4j.jaxb
 maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/3.0.0, BSD-3-Clause, approved, ee4j.jaxb
@@ -233,6 +233,7 @@ maven/mavencentral/org.eclipse.edc/policy-model/0.3.1-SNAPSHOT, Apache-2.0, appr
 maven/mavencentral/org.eclipse.edc/policy-spi/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/runtime-metamodel/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/sql-core/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
+maven/mavencentral/org.eclipse.edc/state-machine/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/transaction-datasource-spi/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/transaction-spi/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
 maven/mavencentral/org.eclipse.edc/transform-core/0.3.1-SNAPSHOT, Apache-2.0, approved, technology.edc
@@ -331,7 +332,6 @@ maven/mavencentral/org.slf4j/slf4j-api/1.7.35, MIT, approved, CQ13368
 maven/mavencentral/org.slf4j/slf4j-api/1.7.36, MIT, approved, CQ13368
 maven/mavencentral/org.slf4j/slf4j-api/2.0.5, MIT, approved, #5915
 maven/mavencentral/org.slf4j/slf4j-api/2.0.6, MIT, approved, #5915
-maven/mavencentral/org.slf4j/slf4j-api/2.0.9, MIT, approved, #5915
 maven/mavencentral/org.testcontainers/database-commons/1.19.0, Apache-2.0, approved, #10345
 maven/mavencentral/org.testcontainers/jdbc/1.19.0, Apache-2.0, approved, #10348
 maven/mavencentral/org.testcontainers/junit-jupiter/1.19.0, MIT, approved, #10344
diff --git a/docs/developer/decision-records/2023-09-27-adoption_of_the_identity_and_trust_protocol/README.md b/docs/developer/decision-records/2023-09-27-adoption_of_the_identity_and_trust_protocol/README.md
new file mode 100644
index 000000000..306c05b84
--- /dev/null
+++ b/docs/developer/decision-records/2023-09-27-adoption_of_the_identity_and_trust_protocol/README.md
@@ -0,0 +1,36 @@
+# Identity Hub - Adoption of the Identity And Trust Protocols
+
+## Decision
+
+The Identity Hub component will adopt the Identity And Trust Protocols (
+cf. [this decision-record](https://github.com/eclipse-edc/docs/tree/e7730f432305775542503e4ecb61aa7e829bea30/developer/decision-records/2023-09-06-identity-trust)).
+To that end, the current content of the repository will be preserved in a branch named `identity_dwn` (to indicate the
+partial implementation of the DWN Spec).
+
+All further developments will happen on the `main` branch.
+
+## Rationale
+
+The adoption of the Identity and Trust Protocols spec may bring some substantial changes, for example it will introduce
+a series of new APIs.
+
+The entire work package is too large to be done in one feature branch, so we will do the adoption iteratively.
+
+To avoid potential conflicts with existing implementations (model classes, interfaces, etc.) the current state of the
+IdentityHub will be preserved in a separate branch.
+
+It's generally just good practice to have the `main` branch reflect the most recent state of development, but there are
+other, more technical advantages as well:
+
+- some GitHub actions only run on the `main` branch
+- dependabot only inspects the `main` branch
+- new workflows are only detected once they are available on the `main` branch
+- cloning the repo by default clones the `main` branch
+- newly created PRs by default target the `main` branch. Doing ongoing dev work on any other branch would be a
+  significant risk of PRs targeting the wrong head branch. While it's not a big issue, it can be an annoying one.
+
+## Approach
+
+- create a new branch `identity_dwn`
+- add architecture documents
+- add GitHub issues for the upcoming developments
\ No newline at end of file