From ffa23947d7632ca7f83c85ca88fd10955c6e98c6 Mon Sep 17 00:00:00 2001 From: Anton Livaja Date: Tue, 28 Jan 2025 02:32:11 -0500 Subject: [PATCH] minor updates --- quorum-key-management/src/SUMMARY.md | 4 ++-- .../src/component-documents/ceremony-repository.md | 12 ++++++------ .../all-levels/pgp-key-provisioning.md | 2 -- .../level-2/fixed-location/procurer/index.md | 4 +++- .../fixed-location/procurer/procure-sd-card-pack.md | 2 -- 5 files changed, 11 insertions(+), 13 deletions(-) diff --git a/quorum-key-management/src/SUMMARY.md b/quorum-key-management/src/SUMMARY.md index bbd04e3..551835d 100644 --- a/quorum-key-management/src/SUMMARY.md +++ b/quorum-key-management/src/SUMMARY.md @@ -22,9 +22,9 @@ * [Provision Computer](generated-documents/level-2/fixed-location/provisioner/provision-computer.md) * [Provision AirgapOS](generated-documents/level-2/fixed-location/provisioner/provision-airgapos.md) * [Provision Air-Gapped Bundle](generated-documents/level-2/fixed-location/provisioner/air-gapped-bundle.md) - * [Proposer](system-roles.md) + * [Proposer]() * [Propose Transaction](generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md) - * [Approver](system-roles.md) + * [Approver]() * [Transaction Approval](generated-documents/level-2/fixed-location/approver/approve-transaction.md) * [Operator](generated-documents/level-2/fixed-location/operator/index.md) * [Quorum Entropy Ceremony](generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md) diff --git a/quorum-key-management/src/component-documents/ceremony-repository.md b/quorum-key-management/src/component-documents/ceremony-repository.md index c2269b4..4a3c650 100644 --- a/quorum-key-management/src/component-documents/ceremony-repository.md +++ b/quorum-key-management/src/component-documents/ceremony-repository.md @@ -50,17 +50,17 @@ This repository holds data pertaining to ceremonies. The primary data consists o ## Procedure: Adding a OpenPGP Public Certificate -1. Designate the role of the key - it should be placed into the corresponding role directory - -1. Open a PR submitting the key to the repository +1. Open a PR submitting the public key to the repository * MUST be via commit signed by the PGP key being submitted to the repository -1. Two other authorized individuals (TODO define how they are authorized) must perform a signing ceremony where the master key signature of the public certificate is added to the public certificate +1. One other individual should review the PR and verify that the key belongs to the individual using an out of band channel - - [ ] TODO add instructions/doc +1. If validates successfully the reviewer should create a detached signature of the key using: -1. The PR should be merged using a signed commit via the git CLI + * `gpg --detach-sign ` + +1. The detached signature should be added to the PR and then the PR should be merged // ANCHOR_END: content /* ANCHOR_END: all */ diff --git a/quorum-key-management/src/generated-documents/all-levels/pgp-key-provisioning.md b/quorum-key-management/src/generated-documents/all-levels/pgp-key-provisioning.md index 9a16af4..b4bafe9 100644 --- a/quorum-key-management/src/generated-documents/all-levels/pgp-key-provisioning.md +++ b/quorum-key-management/src/generated-documents/all-levels/pgp-key-provisioning.md @@ -2,8 +2,6 @@ ## Requirements -* 2 Operators, each with a [Personal PGP key pair](/key-types.md#personal-pgp-keypair) - * Computer that can load AirgapOS ([compatibility reference](https://git.distrust.co/public/airgap#tested-models)) * [AirgapOS SD card](../level-2/fixed-location/provisioner/provision-airgapos.md) diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/index.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/index.md index 8272f73..225d893 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/index.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/index.md @@ -18,10 +18,12 @@ The procurer is responsible for: ## Order of Operations -1. Provisioning [Personal PGP Keys](./provision-pgp-signing-keys-on-board-smart-card.md) +1. Provisioning [Personal PGP Keys](../../../all-levels/pgp-key-provisioning.md) 1. Procuring a [facility](./procure-facility.md) 1. Procuring [tamper proofing equipment](./procure-tamper-proofing-equipment.md) 1. Procuring [hardware](./procure-hardware.md) + +1. Procuring [SD cards](./procure-sd-card-pack.md) \ No newline at end of file diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/procure-sd-card-pack.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/procure-sd-card-pack.md index c793a54..8da5f53 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/procure-sd-card-pack.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/procure-sd-card-pack.md @@ -4,8 +4,6 @@ {{ #include ../../basic-requirements.md:requirements }} -* Tamper proofing evidence (photographs) - * 5 Fresh SD card(s) per booster pack * High Visibility Storage