+1 from me Howard Kitto
Qredo Chief Technology Officer [email protected] > On 13 Sep 2019, at 09:10, Stanislav Mihaylov <[email protected]> wrote: > > I vote +1 > > Regards, > Stan > > On Thu, Sep 12, 2019 at 6:45 PM John McCane-Whitney <[email protected]> wrote: > >> Hi, >> >> This is a call to vote on the first (alpha) ASF release of the Apache >> Milagro (incubating) Decentralized Trust Authority v0.1.0 tag from the >> following repository: >> >> Milagro Decentralized Trust Authority (D-TA): >> https://github.com/apache/incubator-milagro-dta/releases/tag/0.1.0 >> Please see the release notes at the above link for a full description and >> release rationale. >> >> DESCRIPTION SUMMARY: >> The Apache Milagro (Incubating) Decentralized Trust Authority (D-TA) is a >> collaborative key management server. It has two primary functions. >> >> -Issue shares of identity-based Type-3 pairing secrets for initializing >> zero-knowledge proof multi-factor authentication (ZKP-MFA) networks of >> clients and authentication servers. >> -Safeguards shares of generic secrets, acting independently but in >> conjunction with other D-TA nodes, for the benefit of other D-TA nodes. >> >> In the use case where it issues shares, the D-TA holds nothing except for >> its Master Secret and acts as a distributed private key generation server. >> In the use case where it is safeguarding shares of secrets, it is up to the >> application developer to implement back-end application logic to hold those >> shares securely. Examples include using Hardware Security Modules (HSMs) >> via an on-board PKCS#11 implementation to create a realm of key encryption >> keys, or multi-party computation through BLS signature aggregation. >> >> RELEASE RATIONALE SUMMARY: >> By default, the D-TA allows requests from a Principal's D-TA for an >> secp256k1 public key from a Fiduciary D-TA and then to subsequently allow >> the Principal to request its corresponding private key. Whilst this may >> have utility on its own, the Milagro community's intention is to extend the >> capability of the server over time to meet many key generation, key storage >> and distribution use cases. This will be achieved using the D-TA's plugin >> architecture, and to this end, the initial release includes two plugins to >> demonstrate the D-TA's extensibility. >> >> Subsequent releases will enable the D-TA to issue Type-3 pairing/identity >> based secrets for "M-Pin" clients and servers ("M-Pin" is a zero-knowledge >> authentication protocol in the milagro-crypto-c library that also >> facilitates multi-factor authentication). In parallel with this will be a >> rewritten release of the Milagro MFA Authentication server (the original >> authentication server was conflated with the D-TA function limiting its >> security efficacy). >> The Milagro community is publishing this release now to elicit feedback >> from a wider community that may have interest in an open source, >> decentralized key generation, storage and distribution solution. Our >> intention is to then to release a series of enhanced versions culminating >> with a production-ready GA version. >> >> Please see the README for build/test instructions and >> https://milagro.apache.org/docs/d-ta-overview for a full overview and >> usage guide. >> >> RELEASE FILES: >> The repo has the required DISCLAIMER, NOTICE and LICENSE file in its root >> directory. All source files have the appropriate license header. No >> binaries are included in this release. >> >> I have successfully built and ran the tests as per the instructions in the >> readme file on Ubuntu 18, Ubuntu 19, Debian 10 and MacOS 10.14 Mojave. >> >> Release links: >> Source code archive: >> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz >> >> SHA512 checksum: >> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz.asc >> >> PGP Signature: >> https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz.sha512 >> >> Keys: https://dist.apache.org/repos/dist/dev/incubator/milagro/KEYS >> >> VOTING: >> This round of voting will remain open for at least 72 hours. All >> committers are welcome to vote. 3 x [+1] votes are required to move >> forward. If the vote is passed, a second vote is requested from the IPMC. >> >> Please vote: >> [+1] Signatures and checksums verified. Releases built and tests >> completed. Release approved. >> [0] No opinion >> [-1] Release rejected - please include your reasoning. >> >> Many thanks to all the contributors, >> >> Regards, >> >> John >> >> John McCane-Whitney >> Director of Product at Qredo Ltd >> T: +44 7966 490687 >> 1 Primrose Street >> London, UK EC2A 2EX >> https://qredo.com >> Qredo Ltd is a limited company registered in England and Wales (registered >> number 7834052). This e-mail and any attachments are confidential, and are >> intended only for the named addressee(s). If you are not the intended >> recipient you may not copy, disclose to anyone else or otherwise use the >> content of this e-mail or any attachment thereto and should notify the >> sender immediately and delete them from your system. >> >>
