stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
a7f3880e9f38d35162b0f9724b6ab5dea018cf16
git.stella-ops.org/docs/modules/issuer-directory
History
master fdf95e0f46 docs: module dossier + install/quickstart sync for truthful cutover sprints 
- API_CLI_REFERENCE.md, INSTALL_GUIDE.md, quickstart.md, architecture/integrations.md, dev/DEV_ENVIRONMENT_SETUP.md, integrations/LOCAL_SERVICES.md: reflect real-service wiring.
- docs/modules/**: module dossier updates across the modules touched by SPRINT_20260415_001..007 + SPRINT_20260416_003..017 + SPRINT_20260417_018..024 + SPRINT_20260418_025 + SPRINT_20260419_026.
- docs/features/checked/web/**: update feature notes where UI changed.
- docs/qa/feature-checks/runs/web/evidence-presentation-ux/: QA evidence artifacts.
- docs/setup/**, docs/technical/**: align with setup wizard contracts.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-19 14:45:09 +03:00
..
operations
audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories
2026-01-07 18:50:11 +02:00
architecture.md
docs: module dossier + install/quickstart sync for truthful cutover sprints
2026-04-19 14:45:09 +03:00
README.md
docs: module dossier + install/quickstart sync for truthful cutover sprints
2026-04-19 14:45:09 +03:00

README.md

IssuerDirectory

Status: Implemented (source relocated by Sprint 216) Source: src/Authority/StellaOps.IssuerDirectory/ (previously src/IssuerDirectory/) Owner: Authority domain (Identity & Trust)

Latest updates (2026-04-16)

  • IssuerDirectory web runtime no longer silently falls back to in-memory persistence outside Testing; non-testing hosts now require PostgreSQL wiring.
  • Canonical configuration now lives under IssuerDirectory:Persistence:*, while legacy IssuerDirectory:Postgres:* settings remain supported for compatibility.
  • Focused runtime coverage lives in StellaOps.IssuerDirectory.WebService.Tests.

Purpose

IssuerDirectory maintains a trust registry of CSAF publishers and VEX statement issuers. Provides discovery, validation, and trust scoring for upstream vulnerability advisories and VEX statements.

Domain ownership

As of Sprint 216, IssuerDirectory source is owned by the Authority domain. The runtime service identity, container, and database schema remain independent. Schema isolation from AuthorityDbContext is a deliberate security feature.

See docs/modules/authority/architecture.md (sections 21.1--21.4) for schema ownership and the no-merge ADR.

Components

Services:

  • StellaOps.IssuerDirectory - Main service for issuer registry management and API

Configuration

See etc/issuer-directory.yaml.sample for configuration options.

Key settings:

  • IssuerDirectory:Persistence:Provider=Postgres
  • IssuerDirectory:Persistence:PostgresConnectionString
  • IssuerDirectory:Persistence:SchemaName (defaults to issuer)
  • Authority integration settings
  • Issuer discovery endpoints
  • Trust validation policies
  • CSAF provider metadata validation

Dependencies

  • PostgreSQL (schema: issuer_directory)
  • Authority (authentication)
  • Concelier (consumes issuer metadata)
  • VexHub (consumes issuer trust data)
  • VexLens (trust scoring integration)

Related Documentation

  • Architecture: ../authority/architecture.md (sections 21.1--21.4)
  • Archived original: docs-archived/modules/issuer-directory/
  • Concelier: ../concelier/
  • VexHub: ../vexhub/
  • VexLens: ../vex-lens/