Rename Feedser to Concelier

docs/security/authority-threat-model.md

@@ -14,7 +14,7 @@
 |-----------------|-------------|----------------|
 | Token issuance APIs (`/token`, `/authorize`) | OAuth/OIDC endpoints mediated by OpenIddict | CLI, UI, automation agents |
 | Bootstrap channel | Initial admin invite + bootstrap CLI workflow | Platform operators |
-| Revocation bundle | Offline JSON + detached JWS consumed by agents | Feedser, Agents, Zastava |
+| Revocation bundle | Offline JSON + detached JWS consumed by agents | Concelier, Agents, Zastava |
 | Plug-in manifests | Standard plug-in configuration and password policy overrides | Operators, DevOps |
 | Signing keys | ES256 signing keys backing tokens and revocation manifests | Security Guild, HSM/KeyOps |
 | Audit telemetry | Structured login/audit stream persisted to Mongo/observability stack | SOC, SecOps |
@@ -68,7 +68,7 @@ flowchart LR
     end
     subgraph Distribution
         OFFKIT[Offline Kit Bundle]
-        AGENT[Authorized Agent / Feedser]
+        AGENT[Authorized Agent / Concelier]
     end
     OPS -->|Bootstrap CLI (`stellaops auth bootstrap`)| AUTH
     AUTH -->|One-time invite + Argon2 hash| STORE

docs/security/revocation-bundle-example.json

@@ -12,14 +12,14 @@
       "id": "7ad4f3d2c21b461d9b3420e1151be9c4",
       "category": "token",
       "tokenType": "access_token",
-      "clientId": "feedser-cli",
+      "clientId": "concelier-cli",
       "subjectId": "user:ops-admin",
       "reason": "compromised",
       "reasonDescription": "Access token reported by SOC automation run R-2045.",
       "revokedAt": "2025-10-12T14:32:05Z",
       "scopes": [
-        "feedser:export",
-        "feedser:jobs"
+        "concelier:export",
+        "concelier:jobs"
       ],
       "fingerprint": "AD35E719C12204D7E7C92ED3F6DEBF0A44642D41AAF94233F9A47E183F4C5F18",
       "metadata": {

docs/security/revocation-bundle.md

@@ -1,6 +1,6 @@
 # Authority Revocation Bundle
 
-The Authority service exports revocation information as an offline-friendly JSON document plus a detached JWS signature. Operators can mirror the bundle alongside Feedser exports to ensure air-gapped scanners receive the latest token, subject, and client revocations.
+The Authority service exports revocation information as an offline-friendly JSON document plus a detached JWS signature. Operators can mirror the bundle alongside Concelier exports to ensure air-gapped scanners receive the latest token, subject, and client revocations.
 
 ## File layout
 
@@ -88,4 +88,4 @@ The repository contains an [example bundle](revocation-bundle-example.json) demo
 - `stella auth revoke verify` validates a bundle using cached JWKS or an offline PEM key, honours the `provider` metadata embedded in the signature, and reports digest mismatches before distribution.
 - `POST /internal/revocations/export` provides the same payload for orchestrators that already talk to the bootstrap API.
 - `POST /internal/signing/rotate` rotates JWKS material without downtime; always export a fresh bundle afterward so downstream mirrors receive signatures from the new `kid`.
-- Offline Kit automation should mirror `revocation-bundle.json*` alongside Feedser exports so agents ingest revocations during the same sync pass.
+- Offline Kit automation should mirror `revocation-bundle.json*` alongside Concelier exports so agents ingest revocations during the same sync pass.