public
/
docs
5
0
Fork 0
Code Issues 9 Pull Requests 1 Packages Projects Releases Wiki Activity

wip for tamper proofing and chain of custody docs #10

Open
anton wants to merge 5 commits from feat/tamper-proofing-chain-of-custody into main
pull from: feat/tamper-proofing-chain-of-custody
merge into: public:main
Conversation 0 Commits 5 Files Changed 18 +463 -95
anton commented 2024-11-27 16:45:47 +00:00
Owner
Copy Link
No description provided.
anton added 1 commit 2024-11-27 16:45:48 +00:00
anton added 1 commit 2024-11-27 20:48:07 +00:00
anton added 1 commit 2024-11-28 23:30:30 +00:00
anton added 1 commit 2024-12-01 00:40:00 +00:00
anton added 1 commit 2024-12-01 19:43:39 +00:00
lrvick reviewed 2024-12-02 16:41:16 +00:00
quorum-key-management/src/portable-reusable-laptop-ceremony.md
@ -0,0 +4,4 @@
* A polaroid of the laptop tamper evidence should be carried on person at all times
* A vacuum sealer, and plastic beads will be necessary in order to be able to re-seal the laptop after use
lrvick commented 2024-12-02 16:41:16 +00:00
Owner
Copy Link

plastic beads, beans, confetti, foam pellets, or other similarly loose non-uniform material

plastic beads, beans, confetti, foam pellets, or other similarly loose non-uniform material
lrvick commented 2024-12-02 16:43:05 +00:00
Owner
Copy Link

Also any time we say something like this, people ask right away for reference hardware they can go buy.

Any time we suggest any items someone has to source, we should include a minimum of two specific reference products that fit the bill.

Also any time we say something like this, people ask right away for reference hardware they can go buy. Any time we suggest any items someone has to source, we should include a minimum of two specific reference products that fit the bill.
lrvick reviewed 2024-12-02 16:47:20 +00:00
quorum-key-management/src/portable-reusable-laptop-ceremony.md
@ -0,0 +8,4 @@
* A polaroid and digital camera are also required
2. The laptop can be left stored in a hidden location or ideally in a safe
lrvick commented 2024-12-02 16:47:19 +00:00
Owner
Copy Link

Honestly I would recommend keeping it with them as often as possible, or a safe, or worst case put it in the hands of people whose entire career hinges on full time supervised storage like a bag check at a hotel bellhop.

Honestly I would recommend keeping it with them as often as possible, or a safe, or worst case put it in the hands of people whose entire career hinges on full time supervised storage like a bag check at a hotel bellhop.
lrvick reviewed 2024-12-02 17:02:27 +00:00
quorum-key-management/src/portable-reusable-laptop-ceremony.md
@ -0,0 +16,4 @@
5. Unseal the laptop using the [Unsealing Procedure](tamper-evidence-methods.md#procedure)
6. Follow the [coin playbook](TODO)
lrvick commented 2024-12-02 17:02:27 +00:00
Owner
Copy Link

coins won't be the only type of ceremony.

I think it will be easiest to have these split into multiple docs, probably a total of 5.

  1. Tamper Evidence (Maybe break it down into stacking security levels with their own threat models like 1, 2, 3)
  2. one time ceremony (usage only)
  3. on premise ceremony (usage only)
  4. field ceremony (will reference doing tamper evident (usage only)
coins won't be the only type of ceremony. I think it will be easiest to have these split into multiple docs, probably a total of 5. 1. Tamper Evidence (Maybe break it down into stacking security levels with their own threat models like 1, 2, 3) 2. one time ceremony (usage only) 2. on premise ceremony (usage only) 3. field ceremony (will reference doing tamper evident (usage only)
This pull request can be merged automatically.
You are not authorized to merge this pull request.
You can also view command line instructions.

Step 1:

From your project repository, check out a new branch and test the changes.
git checkout -b feat/tamper-proofing-chain-of-custody main
git pull origin feat/tamper-proofing-chain-of-custody

Step 2:

Merge the changes and update on Forgejo.
git checkout main
git merge --no-ff feat/tamper-proofing-chain-of-custody
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/docs#10
No description provided.
Delete Branch "feat/tamper-proofing-chain-of-custody"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?