cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

docs(04-03): complete SSE payload signing plan

Browse Source 
- SUMMARY.md with self-check passed
- STATE.md updated to plan 3/3 complete, 100% progress
- ROADMAP.md and REQUIREMENTS.md updated (SECU-04 complete)
- deferred-items.md documents pre-existing test failures from Plan 02

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-11 20:31:58 +01:00
parent 0215fd96ae
commit 45f0241079
5 changed files with 168 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.planning/REQUIREMENTS.md
View File

@@ -46,7 +46,7 @@ Requirements for initial release. Each maps to roadmap phases. Tracked as Gitea
- [ ] **SECU-01**: All API endpoints (except health and register) require valid JWT Bearer token (#23)
- [ ] **SECU-02**: JWT refresh flow via `POST /api/v1/agents/{id}/refresh` (#24)
- [x] **SECU-03**: Server generates Ed25519 keypair; public key delivered at registration (#25)
- [ ] **SECU-04**: All config-update and replay SSE payloads are signed with server's Ed25519 private key (#26)
- [x] **SECU-04**: All config-update and replay SSE payloads are signed with server's Ed25519 private key (#26)
- [x] **SECU-05**: Bootstrap token from `CAMELEER_AUTH_TOKEN` env var validates initial agent registration (#27)
### REST API