fix: remove accidentally checked in file that's part of prod ceremony
This commit is contained in:
parent
a4bb75162e
commit
128b3f70b7
GPG Key ID:
44A86CFF1FDF0E85
|
|
@ -1,60 +0,0 @@
|
|||
usage: Location Key
|
||||
officiant: Anton Livaja
|
||||
location: Private Home (Address Redacted)
|
||||
witnesses: N/A
|
||||
hardware: Dell XPS 13 9630
|
||||
firmware: BIOS 2.13.0
|
||||
laptop_modifications:
|
||||
- Removed WLAN Card
|
||||
- Removed speakers
|
||||
- Removed microphone
|
||||
- Removed all drives
|
||||
boot_media: Kingston Type 2 SD Card 1GB
|
||||
backup_media: TeamGroup High Endurance Micro SDXC 128GB
|
||||
smart_cards: Yubikey 5 NFC
|
||||
software:
|
||||
- name: Airgap OS
|
||||
repo: https://git.distrust.co/public/airgap
|
||||
ref: main
|
||||
hash: 485fc58bfb1b4dc75a81138d93948385cc5bf600
|
||||
playbooks:
|
||||
- name: some/path/to/location_key_generation.md
|
||||
repo: https://git.distrust.co/public/docs
|
||||
ref: some-git-ref-here
|
||||
notes: used once for each Location Key
|
||||
- name: some/path/to/hybrid_quroum_key_generation.md
|
||||
repo: https://git.distrust.co/public/docs
|
||||
ref: some-git-ref-here
|
||||
notes: used once to generate Root Entropy and Disaster Recovery Key
|
||||
outputs:
|
||||
- location.pub.asc
|
||||
public_key_fingerprints:
|
||||
- type: location
|
||||
fingerprint: BBDEC472E16A7D11830B07F7582CC40F8A9BB54E
|
||||
- type: operator
|
||||
fingerprint: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
|
||||
log:
|
||||
- 2024-08-05:1723: Selected a room in residence which has no electronics in it
|
||||
and closed window and window blinds.
|
||||
- 2024-08-05:1727: Booted the laptop with AirgapOS of an SD card using the
|
||||
built in card reader.
|
||||
- 2024-08-05:1730: Plugged in SanDisk Ultra 32GB with operator PGP pub key and
|
||||
imported it into the local GPG keychain using a USB card reader.
|
||||
- 2024-08-05:1752: Followed the ceremony guide to generate artifacts.
|
||||
- 2024-08-05:1813: Plugged in one of the backup SD cards using the USB reader
|
||||
and copied over public artifacts, repeated with second SD card.
|
||||
- 2024-08-05:1832: Plugged in a new smart card and seeded it with the Location
|
||||
Key PGP private key and repeated with the second smart card.
|
||||
- 2024-08-05:1848: Placed the Location Key PGP pub cert onto the SanDisk Ultra
|
||||
32GB which was used to bring the Operator Key cert to the airgapped machine,
|
||||
so that it can be brought to the ceremony
|
||||
- 2024-08-05:1902: Deleted all data from laptop and shut it down.
|
||||
- 2024-08-05:1949: Created two packages, each consisting of a YubiKey that was
|
||||
seeded, and backup SD card, inside of a static proof bag, then both inside of
|
||||
a faraday bag.
|
||||
- 2024-08-TODO:TODO: Put the laptop and backup SD cards and smart cards into
|
||||
a plastic roll, filled it with confetti and vacuum sealed it.
|
||||
general_notes:
|
||||
- Nobody entered the part of the house where the ceremony was conducted for
|
||||
the duration of the ceremony, up to the point where all data was securely
|
||||
stored and destroyed where applicable
|
||||
Loading…
Reference in New Issue