save checkpoint: save features
This commit is contained in:
master
@@ -121,3 +121,8 @@ Backend signing services enabling CI/CD keyless signing integration. SigstoreSig
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 496/496).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/ci-cd-keyless-signing-workflow-templates/run-012/tier2-api-check.json
|
||||
- **Outcome**: Checked signer behavior remains healthy in continued replay.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/ci-cd-keyless-signing-workflow-templates/run-014/tier2-api-check.json
|
||||
|
||||
@@ -129,3 +129,8 @@ Orchestrator for M-of-N threshold signing ceremonies requiring multiple authoriz
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 497/497).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/dual-control-signing-ceremonies/run-013/tier2-api-check.json
|
||||
- **Outcome**: Invalid `operationType` now returns `400 Bad Request` (client validation) instead of `500 Internal Server Error`; live create/get/approve/execute and negative-path semantics are stable.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/dual-control-signing-ceremonies/run-014/tier2-api-check.json
|
||||
|
||||
@@ -127,3 +127,8 @@ Fulcio-based keyless signing using OIDC tokens from CI runners, ephemeral key pa
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 496/496).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/fulcio-sigstore-keyless-signing-client/run-012/tier2-api-check.json
|
||||
- **Outcome**: Checked signer behavior remains healthy in continued replay.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/fulcio-sigstore-keyless-signing-client/run-014/tier2-api-check.json
|
||||
|
||||
@@ -123,3 +123,8 @@ Automated key rotation service with temporal key validity windows, key history t
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 496/496).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/key-rotation-service-with-temporal-validity/run-012/tier2-api-check.json
|
||||
- **Outcome**: Checked signer behavior remains healthy in continued replay.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/key-rotation-service-with-temporal-validity/run-014/tier2-api-check.json
|
||||
|
||||
@@ -121,3 +121,15 @@ Key escrow system using Shamir's Secret Sharing over GF(256) to split signing ke
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 496/496).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/shamir-secret-sharing-key-escrow/run-012/tier2-integration-check.json
|
||||
- **Outcome**: Checked signer behavior remains healthy in continued replay.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/shamir-secret-sharing-key-escrow/run-014/tier2-integration-check.json
|
||||
|
||||
## Recheck (Run-017)
|
||||
- Date (UTC): 2026-02-11T07:14:08Z
|
||||
- Method: Strict Tier 2 API replay against live Signer ceremony endpoints with key-recovery operations and negative-path assertions.
|
||||
- Tests: PASS (`src/Signer/StellaOps.Signer/StellaOps.Signer.Tests`: 497/497).
|
||||
- Tier 2 Evidence: docs/qa/feature-checks/runs/signer/shamir-secret-sharing-key-escrow/run-017/tier2-api-check.json
|
||||
- Outcome: Fresh user-surface transactions now cover key-recovery ceremony create/approve/execute, quorum enforcement (400 before threshold), duplicate approval rejection (409), auth challenge (401), and missing ceremony lookup semantics (404).
|
||||
|
||||
@@ -122,3 +122,15 @@ Trust anchor management system with PURL-based pattern matching for artifact-to-
|
||||
- **Tests**: PASS (src/Signer/StellaOps.Signer/StellaOps.Signer.Tests: 496/496).
|
||||
- **Tier 2 Evidence**: docs/qa/feature-checks/runs/signer/tuf-client-for-trust-root-management/run-012/tier2-integration-check.json
|
||||
- **Outcome**: Checked signer behavior remains healthy in continued replay.
|
||||
|
||||
## Recheck (Run-014 Module Sweep)
|
||||
- Date (UTC): 2026-02-11T00:18:12Z
|
||||
- Result: Tier 2 replay passed in strict module sweep with Signer suite 497/497.
|
||||
- Evidence: docs/qa/feature-checks/runs/signer/tuf-client-for-trust-root-management/run-014/tier2-integration-check.json
|
||||
|
||||
## Recheck (Run-017)
|
||||
- **Verified**: 2026-02-11
|
||||
- **Method**: Strict Tier 2 API replay against live Signer WebService (`http://127.0.0.1:10301`) with fresh request/response captures.
|
||||
- **Tests**: PASS (`src/Signer/StellaOps.Signer/StellaOps.Signer.Tests`: 497/497).
|
||||
- **Tier 2 Evidence**: `docs/qa/feature-checks/runs/signer/tuf-client-for-trust-root-management/run-017/tier2-api-check.json`
|
||||
- **Outcome**: Trust-root endpoints returned expected semantics for unknown key/anchor validity and add-key operations (`404`), while protected endpoint auth challenge (`401`) and service readiness (`200`) behaved correctly.
|
||||
|
||||
Reference in New Issue
Block a user