[[[ Agile Tasking ]]]


[[ WORKING ]]

* PKI Bootstrap:  cp lifecycle functions
* PKI Lifecycle



[[ BACKLOG ]]

[ current ]
* zip distribution folder (ca_i_4321.skunkworks.acme.xyz.zip)
* add CA password
* create certificate installation guide
  -copy file to sd, select .p12 file, password="password"
* can I install certificates from an android application??
  -can I used knox to install certificates??
* create GUI for cert gen process  (electron+crypto-interface)
* add tool for .p12 file extractor for MH provisioning
* add havegd (make sure there is adequite entropy)

[ ver 3.5  :  xdev bootstrap chain-of-trust ]
* select bootstrap generation cpu (beaglebone, raspi)
* change strings from "acme.xyz" to ".mil"
* generate bootstrap
  -sneakernet two CA-I
* integrate into the build
  -modify CI global variables (for each build)
  -certs are generated BEFORE pulled into image (not part of build process)
  -modify cert gen on NAS (looks for files in mount dir)


[ ver 3.6 ]




[[ COMPLETED ]]

[ ver 3.3 ]
* SERIOUS refactoring to focus on local execution with default configs and SERIAL # incrementation
* configuration defaults generated so that the CA-I package is all automated
* gen_client.sh modified run with config defaults
* gen_server.sh modified to run with config defaults
* gen_client.sh will generate # of certs
* gen_server.sh will generate # of certs
* auto-increment SERIAL
* CA FQDN saved to config file
* CA-I FQDN saved to config file


[ ver 3.2 ]
* create new CA-I generation script that uses a CA
  -also packages .p12 for distrobution  (use random high quality password)
* added resources directory
* added files to be copied during CA-I package creation



[[ STORIES ]]

PKI Bootstrap
  -generate a PKI Lifecycle Package

PKI Lifecycle Package
  * Local Lifecycle : CA-I generation

  * Remote Lifecycle : CA-I distributed to organizations
    -generate client/server certificates






[[ ISSUES ]]