Add OpenBao emergency lockdown runbook

workplans/NET-WP-0015-platform-root-custody-and-openbao-identity-bootstrap.md

@@ -257,6 +257,12 @@ the operator can still proceed deliberately on a tainted workpath.
 in the bootstrap console. The initial config command can now be recorded as
 applied while root-token revocation/escrow remains a separate gate.
 
+**2026-05-25:** Added an Emergency lock-down runbook for sealing Railiance
+OpenBao without placing tokens on the command line. Reordered the console into
+Introduction & Actors, Subsystems & Scopes, Roles & Responsibilities,
+Integration & Tests, Artefacts & Locations, Usecases & Runbooks, and
+Terminology & Patterns.
+
 **2026-05-24:** Stepped back from ad hoc secret rollout and added the
 custodian age-key bootstrap model to the control surface. The UI now records
 the custodian public age recipient, a derived fingerprint, and a non-secret