generated from coulomb/repo-seed
Guide OpenBao custody ceremony order
This commit is contained in:
@@ -193,10 +193,13 @@ Before OpenBao initialization:
|
||||
1. Use the guided bootstrap UX or checklist to decide the current trust stage.
|
||||
2. Record `tegwick` as setup operator/contact, not as final root custodian.
|
||||
3. Create or import the dedicated king credential and verify its second factor.
|
||||
4. Prepare offline recovery bundle locations.
|
||||
5. Choose whether this is temporary single-custodian king custody or preferred
|
||||
4. Choose whether this is temporary single-custodian king custody or preferred
|
||||
independent escrow.
|
||||
6. Run Railiance `make openbao-status` and `make openbao-verify`.
|
||||
5. Prepare offline recovery bundle locations for that strategy.
|
||||
6. Prepare the OpenBao custody packet for that strategy, including share
|
||||
assignment rows, quorum plan, root-token disposition, and signoff line.
|
||||
7. Approve the selected custody strategy in the NetKingdom control surface.
|
||||
8. Run Railiance `make openbao-status` and `make openbao-verify`.
|
||||
|
||||
During initialization:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user