cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

docs(04-01): complete security service foundation plan

Browse Source 
- SUMMARY.md with TDD execution results and self-check
- STATE.md updated to Phase 4 Plan 1 complete
- ROADMAP.md updated: 1/3 security plans done
- REQUIREMENTS.md: SECU-03 and SECU-05 marked complete

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-11 20:10:49 +01:00
parent ac9e8ae4dd
commit c5a5c28fe0
4 changed files with 171 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.planning/REQUIREMENTS.md
View File

@@ -45,9 +45,9 @@ Requirements for initial release. Each maps to roadmap phases. Tracked as Gitea
- [ ] **SECU-01**: All API endpoints (except health and register) require valid JWT Bearer token (#23)
- [ ] **SECU-02**: JWT refresh flow via `POST /api/v1/agents/{id}/refresh` (#24)
- [ ] **SECU-03**: Server generates Ed25519 keypair; public key delivered at registration (#25)
- [x] **SECU-03**: Server generates Ed25519 keypair; public key delivered at registration (#25)
- [ ] **SECU-04**: All config-update and replay SSE payloads are signed with server's Ed25519 private key (#26)
- [ ] **SECU-05**: Bootstrap token from `CAMELEER_AUTH_TOKEN` env var validates initial agent registration (#27)
- [x] **SECU-05**: Bootstrap token from `CAMELEER_AUTH_TOKEN` env var validates initial agent registration (#27)
### REST API