stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
0987cd6ac81edc2540d8abce362e822e2f0ecef3
git.stella-ops.org/docs/modules/policy/prep/2025-11-20-policy-airgap-56-002-prep.md
master d519782a8f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
prep docs and service updates
2025-11-21 06:56:36 +00:00

1.1 KiB
Raw Blame History

Policy AirGap Import Prep — PREP-POLICY-AIRGAP-56-002-DEPENDS-ON-56-001-B

Status: Draft (2025-11-20) Owners: Policy Guild · Policy Studio Guild Scope: Define policy bundle import and DSSE signing expectations once mirror bundle schema (56-001) is fixed.

Dependencies

  • Mirror bundle schema from 56-001 (fields: bundle_id, provenance, policy_hash, trust_roots, retained_at).
  • DSSE signing profile and RootPack mapping.

Expected contract

  • Import endpoint: POST /policy/airgap/import accepting mirror bundle (file) + metadata.
  • Validation: verify DSSE, trust roots, policy hashes; reject on staleness over budget.
  • Response: {bundle_id, policy_hash, imported_at, staleness_seconds} ordered deterministically.

Acceptance

  • Once 56-001 schema is frozen, record hash+version here and in sprint Decisions.
  • Add sample request/response to docs/modules/policy/design/policy-mirror-bundle-schema.md and samples folder.

Handoff

Use this doc as the prep artefact for PREP-POLICY-AIRGAP-56-002-DEPENDS-ON-56-001-B. Update with schema hash and DSSE profile when available, then move sprint task to DONE.