Bumping this up. IPMC folks, could you please help us and review.
+1 from me but it is non-binding. Thanks Brian On 2019/09/17 16:02:01, John McCane-Whitney <j...@qredo.com> wrote: > Hi, > > This is a call to vote to release Apache Milagro (incubating) Decentralized > Trust Authority v0.1.0 (alpha release). > > The Apache Milagro (incubating) community has voted to approve this release > with 6 +1 votes. The vote result thread can be found here: > > https://lists.apache.org/thread.html/d4b0d5c1c1a2ed991104f0804d6faaaf70f32a865316d5aaf91e18bf@%3Cdev.milagro.apache.org%3E > > RELEASE TAG: > Milagro Decentralized Trust Authority v0.1.0 (alpha release) release tag: > https://github.com/apache/incubator-milagro-dta/releases/tag/0.1.0 > Please see the release notes at the above link for a full description and > release rationale. > > DESCRIPTION SUMMARY: > The Apache Milagro (Incubating) Decentralized Trust Authority (D-TA) is a > collaborative key management server. It has two primary functions: > > -Issue shares of identity-based Type-3 pairing secrets for initializing > zero-knowledge proof multi-factor authentication (ZKP-MFA) networks of > clients and authentication servers. > -Safeguards shares of generic secrets, acting independently but in > conjunction with other D-TA nodes, for the benefit of other D-TA nodes. > > In the use case where it issues shares, the D-TA holds nothing except for its > Master Secret and acts as a distributed private key generation server. In the > use case where it is safeguarding shares of secrets, it is up to the > application developer to implement back-end application logic to hold those > shares securely. Examples include using Hardware Security Modules (HSMs) via > an on-board PKCS#11 implementation to create a realm of key encryption keys, > or multi-party computation through BLS signature aggregation. > > RELEASE RATIONALE SUMMARY: > By default, the D-TA allows requests from a Principal's D-TA for an secp256k1 > public key from a Fiduciary D-TA and then to subsequently allow the Principal > to request its corresponding private key. Whilst this may have utility on its > own, the Milagro community's intention is to extend the capability of the > server over time to meet many key generation, storage and distribution use > cases. This will be achieved using the D-TA's plugin architecture, and to > this end, the initial release includes two plugins to demonstrate the D-TA's > extensibility. > > Subsequent releases will enable the D-TA to issue Type-3 pairing/identity > based secrets for "M-Pin" clients and servers ("M-Pin" is a zero-knowledge > authentication protocol in the milagro-crypto-c library that also facilitates > multi-factor authentication). In parallel with this will be a rewritten > release of the Milagro MFA Authentication server (the original authentication > server was conflated with the D-TA function limiting its security efficacy). > > The Milagro community is publishing this first release of the D-TA now to > elicit feedback from a wider community that may have interest in an open > source, decentralized key generation, storage and distribution solution. Our > intention is to then to release a series of enhanced versions culminating > with a production-ready GA version. > > Please see the README for build/test instructions and > https://milagro.apache.org/docs/d-ta-overview for a full overview and usage > guide. > > RELEASE FILES: > The repo has the required DISCLAIMER, NOTICE and LICENSE files in its root > directory. All source files have the appropriate license header. No > binaries are included in this release. I have successfully built and ran the > tests as per the instructions in the readme file on Ubuntu 18, Ubuntu 19, > Debian 10 and MacOS 10.14 Mojave. > > Release links: > Source code archive: > https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz > SHA512 checksum: > https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz.sha512 > PGP Signature: > https://dist.apache.org/repos/dist/dev/incubator/milagro/apache-milagro-dta-0.1.0-incubating/apache-milagro-dta-0.1.0-incubating-src.tar.gz.asc > > Keys: https://dist.apache.org/repos/dist/dev/incubator/milagro/KEYS > > Please note that the project's website (https://milagro.apache.org) will be > updated with download links as soon as the release's approval has been > completed and the archives are available for public download. > > We now kindly request that the Incubator PMC members review and vote on this > incubator release as follows: > > [ ] +1 approve > [ ] +0 no opinion > [ ] -1 disapprove with the reason > > Checklist for reference: > > [ ] Download links are valid > [ ] Checksums and PGP signatures are valid > [ ] DISCLAIMER, LICENCE & NOTICE files are included > [ ] Source code archives have correct names matching the current release. > [ ] All source code files have licence headers > [ ] No compiled binaries are included > [ ] Library builds correctly and all tests pass (as per the instructions in > the readme file) > > The vote will be open for a minimum of 72 hours. 3 x +1 votes are required > to approve this release. > > Many thanks, > > John > > John McCane-Whitney > Director of Product at Qredo Ltd > T: +44 7966 490687 > Kemp House > 152 - 160 City Road > London > EC1V 2NX > https://qredo.com > Qredo Ltd is a limited company registered in England and Wales (registered > number 7834052). This e-mail and any attachments are confidential, and are > intended only for the named addressee(s). If you are not the intended > recipient you may not copy, disclose to anyone else or otherwise use the > content of this e-mail or any attachment thereto and should notify the sender > immediately and delete them from your system. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
