Add v1 location key artifacts #2

Open
anton wants to merge 1 commits from feat/anton-location-key into main
14 changed files with 171 additions and 0 deletions
Showing only changes of commit d4f0c39174 - Show all commits

View File

@ -0,0 +1,67 @@
usage: Location Key
officiant: Anton Livaja
location: Private Home (Address Redacted)
witnesses: N/A
hardware:
- Dell XPS 13 9630
firmware: BIOS 2.13.0
laptop_modifications:
- Removed WLAN Card
- Removed speakers
- Removed microphone
- Removed all drives
boot_media: Kingston Type 2 SD Card 1GB
backup_media: TeamGroup High Endurance Micro SDXC 128GB
smart_cards: Yubikey 5 NFC
software:
- name: Airgap OS
repo: https://git.distrust.co/public/airgap
ref: 485fc58bfb1b4dc75a81138d93948385cc5bf600
playbooks:
- name: location-key-provisioning.md
repo: https://git.distrust.co/public/docs
ref: 5438f99c9c8a174334cd45623a9b09143ead79c3
inputs:
- name: operator.pub.asc
identifier: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
outputs:
- name: location.pub.asc
identifier: BBDEC472E16A7D11830B07F7582CC40F8A9BB54E
log:
- 2024-08-05:1723: >-
Selected a room in residence which has no electronics in it and closed window
and window blinds.
- 2024-08-05:1727: >-
Booted the laptop with AirgapOS of an SD card using the built in card reader.
- 2024-08-05:1730: >-
Plugged in SanDisk Ultra 32GB with operator PGP pub key and imported it into
the local GPG keychain using a USB card reader. Then the SD card was
disconnected from the computer.
- 2024-08-05:1752: >-
Followed the ceremony guide to generate artifacts.
- 2024-08-05:1813: >-
Plugged in one of the backup SD cards using the USB reader and copied over
public artifacts, repeated with second SD card.
- 2024-08-05:1832: >-
Plugged in a new smart card and seeded it with the Location Key PGP private
key and repeated with the second smart card.
- 2024-08-05:1840: >-
Deleted all plaintext data from the laptop.
- 2024-08-05:1848: >-
Placed the Location Key PGP pub cert onto the SanDisk Ultra 32GB which was
used to bring the Operator Key cert to the air-gapped machine, so that it can
be brought to the ceremony.
- 2024-08-05:1855: >-
Deleted the remaining data and shut down the computer.
- 2024-08-05:1949: >-
Created two packages, each consisting of a YubiKey that was seeded, and backup
SD card, inside of a static proof bag, then both inside of a faraday bag.
- 2024-08-06:1622: >-
Put the laptop and backup SD cards and smart cards into a plastic roll, filled
it with confetti and vacuum sealed it.
general_notes:
- Nobody entered the part of the house where the ceremony was conducted for
the duration of the ceremony, up to the point where all data was securely
stored and destroyed where applicable.
- While away from the private residence to procure seal bag, the laptop was
stored inside of a locked room.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,68 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEAAAAARYJKwYBBAHaRw8BAQdAOL8x7eo5eQXPRZalUPk8gCYamSLR29+Ha6P0
+6nfc5yIxgQfFgoAeAWCZrClCAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2Fs
dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnjY2/MXd7Om1EETNqTKqP+AXKICMR
ZkKF8VkghRDiFiECmwEWIQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAh14BAN1UVeFr
inaJJnGvqZe7G/EQAKmvv3hdWQS3Flmj1FbYAQDgySS6+Ftrphc1GrY8iT7I7oxf
XV94kCfEJvEydjryD4jGBB8WCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcUAAAA
AAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcJRia6UAifLHTymRFZ
f60e8tiDJp3fDXObz4bwzL6ZmgKbARYhBLvexHLhan0RgwsH91gsxA+Km7VOAADK
egD/dQw5dtjhJ6EMe/ezy0OEo2IL3SdRkR2IK6phPIsNRXIBAIGXKrUaH5KVpGU8
XAUp7b0N3bThjmM69/+uzx7NKF8CtClMb2NhdGlvbiBLZXk6IERpc3RydXN0IERp
c2FzdGVyIFJlY292ZXJ5IIjGBBMWCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcU
AAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmf0tB9Gr7I5XwLN
8GhtAE1zoB42Zpe76P8JE0mu8ub14wKbARYhBLvexHLhan0RgwsH91gsxA+Km7VO
AACfOAD/feIxYT4+vQUvcLc+0MDENE/Ym/FEhnY0aA63xJjb62UA/0vjHUwQ6ukZ
L2V3/8YTM6n/vS6fc/f9dKsPjR80cKQEiMkEExYKAHsFgl3R23wFiV3TLPsJEFgs
xA+Km7VORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZx55
+mrPBdsujPaPeDW1HBhR2SeU3ieG6xIA4apfUtPMApkBApsBFiEEu97EcuFqfRGD
Cwf3WCzED4qbtU4AAMNvAQDggmCzShe8pJd7GGVhe5xtnNujqYViyTpDsL2is4xO
oAD9GrRG7sTSY/D9BvMWWda1v03OfkYiZVDfCpYKYIKuDQOIyQQTFgoAewWCZrCl
CAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p
YS1wZ3Aub3JnqIEo1ZS/NOExEVRWu1p/FfTXwYOjOhPytRstsbKFfBYCmQECmwEW
IQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAv5QA/0i9igO6yu+nKRMBWalo0De4xIcq
4usHTKKU5dpGKcE1AQD+DAI6wiA+hcmZqoNw7eoRKyzcPYSszUndyE+juW2RBYjG
BBMWCgB4BYJmsKUIBYlmsfaHCRBYLMQPipu1TkcUAAAAAAAeACBzYWx0QG5vdGF0
aW9ucy5zZXF1b2lhLXBncC5vcmcxBmxELKMCaZFGTtsxMPXDV/EXPHrsAoPKUK7E
D/JMZQKbARYhBLvexHLhan0RgwsH91gsxA+Km7VOAADPBwEAvWgH3Arqs7mkY4Br
8KT6qFsJsKt6VO/27YA7AU+zVHEBANcD2aCINmAOoVeJbhE4E8skeueJiDPu8MQp
gZiEvmcBuDMEAAAAARYJKwYBBAHaRw8BAQdAEo1b+Yc69r05685Y2cETrXyMQT3X
fRSrU10fn69zSaeIxgQYFgoAeAWCXdHbfAWJXdMs+wkQWCzED4qbtU5HFAAAAAAA
HgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jn/HWvwXiBkLbIHzHmkVta
c1mbiN9/QSZgO/i9oLDeFacCmyAWIQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAo+AA
/ipzeMyCgAW5RsCDo762FEncyjBOylJiUBM/LfdHsxIrAQC9P6QFbH1AJ4HY61b1
D14v3LahcBHk84stP/krmm8eAYjGBBgWCgB4BYJmsKUIBYlmsfaHCRBYLMQPipu1
TkcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcnJ1eDaK0J
Ttwe6TZiQcqA4SkLV1rUdy00tBhBWi8SZwKbIBYhBLvexHLhan0RgwsH91gsxA+K
m7VOAAAISQEAv8hmj0NinthB/kf3421gfgQh26qOwlOapzc7WPfNTWcBAIX+QmIz
lv9JWnQZar8epZ2aD+Vw7P8bEikjNc3CFAELuDMEAAAAARYJKwYBBAHaRw8BAQdA
4RVAY4IPMZtk7N/9fmn8WlDZA15hNgDlayNA4blYVMaJAYUEGBYKATcFgl3R23wF
iV3TLPsJEFgsxA+Km7VORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEt
cGdwLm9yZxtF9LcaM7xrRpCrtIGjD6T+LRDErEJmeZa67+SctgZtApsCvqAEGRYK
AG8Fgl3R23wJEJ2hw+aj+IpORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVv
aWEtcGdwLm9yZ0XzNC+HwN13G3uRuQXMPUkqjsaHsOGKnBFvG7CMrfs6FiEE/BDb
TMXs5J2FtdNcnaHD5qP4ik4AAKtQAQDI/bdcYA03opiX4MinAxamIoEo1QWtzLYP
TriCYxROPQEAjBpe1/8PAJ5J86/SFIQoA0P87viC64mYooPO3TdyWgcWIQS73sRy
4Wp9EYMLB/dYLMQPipu1TgAAZE0A/Av+TlszzOLUIL4lkMMvgan3xsDlDqlKJ4GA
VFSiWxaHAP4iP3INDFxCZ5FgSOS++f1A/bhtsDlhNhpuyY35KCpICIkBhQQYFgoB
NwWCZrClCAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMu
c2VxdW9pYS1wZ3Aub3Jn1imzRE26CeqVPqD/ImPueeQtt420MteMk1NfIg0KnJ4C
mwK+oAQZFgoAbwWCZrClCAkQnaHD5qP4ik5HFAAAAAAAHgAgc2FsdEBub3RhdGlv
bnMuc2VxdW9pYS1wZ3Aub3JnJgkob3QUx7qq5Oo2nrjg9zo5sw0sylpqwsp/7s9C
cdgWIQT8ENtMxezknYW101ydocPmo/iKTgAA0pUBAJlv2NqAUhcXXUbJlFmSrUnP
z3dXa5VQr6urzmhdrfH2AP9wRL/E6nVkdvEB9WwYxWEbc3M0v9dVYnxI9kMPc0zz
CxYhBLvexHLhan0RgwsH91gsxA+Km7VOAADcpgEAy9tPaHtx1o36Ra4mjbMcJQJU
RtDpt6o4GIOcoPAuSSIBAK0xa4tpahx4ZKDoaKztaLLloJsYwMt+7dwAAHqNu/8L
uDgEAAAAARIKKwYBBAGXVQEFAQEHQLpNSoOy0xxw+3uVHcejUeKnMonGpRyqLsOl
VWBO8nMOAwEIB4jGBBgWCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcUAAAAAAAe
ACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdIukhi2zqqWtis+g+Rtx/n
vGgPjUqy/Ur7+t8cLKVKIwKbDBYhBLvexHLhan0RgwsH91gsxA+Km7VOAAAwCwD/
Y5eG+fRSXu9EuOmObzIE6NB1V4JP0s4NA47oHwvjKpYA/28ym7AubkrO6C34Lxhl
Lb/7ow+eMqV8Dhtpf+y/E8cHiMYEGBYKAHgFgmawpQgFiWax9ocJEFgsxA+Km7VO
RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZzlBKkolHCHT
cJIDvIdFgzYcufPqc8bmgbhwagfo2hCIApsMFiEEu97EcuFqfRGDCwf3WCzED4qb
tU4AAKjyAP9gMsrgbGRLRITmRE2Qn/pQOcbRdLjP8EM00EX70mFxkAEA/2WfmxJ/
Oj/9572i7OzWR0rySWwDnChhZYKrzrNXmAs=
=ja4u
-----END PGP PUBLIC KEY BLOCK-----