 admin
|
e7ed8a8483
|
doc(03-host-agent): slice-7 scope, scenario-specific identity-reset, PBS escrow (§8a)
- §9 rewritten: bring-up is a shared FRONT HALF only; identity-reset policy is
scenario-specific (provision = fresh everything; guest-loss DR = preserve
restic/tunnel/hub continuity, reset only collision-prone host-local identity).
Added the slice 7/8/10 mapping table.
- NEW §8a: PBS recovery-code escrow (zero-knowledge) — live key on box; agent-generated
recovery code R; PBS-native passphrase-wrap of K under R escrowed to hub; consumption
slice 10; irreducible-residual + rotation != key-rotation stated.
- §13 updated (resolved: provision/DR slice boundary + escrow design; open: identity-reset
set, hub-side escrow storage + restore-mode serving).
Doc-only; no version bump.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
2026-06-09 20:25:11 +02:00 |
|