Goal: Experimental version

Status: Done

Not for a Production Deploy. This release is for PoV/PoC of the project.

Features:

Components Milestones:

Goal: Minimum Working Version

Status: Done

Not for a Production Deploy. This release is to evaluate the features and functionality.

[x] Public online documentation (Issue #22)
[x] Implement HTTPS for the Rest API (Issue #6)
[x] Data load for migrations (Issue #188)
[x] Remove the BIN Keys from Ceremony/Bootstrap Process [Roles simplification] (Issue #28)
[x] Remove from the bootstrap the online keys [Roles simplification] (Issue #207)
[x] Simplify the metadata bootstrap process [Roles simplification] (Issue #208)
[x] Option to Disable the API Authentication/Authorization (Issue #41)
[x] Key(s) Rotation (Issue #23)

Components Milestones:

First Production Deploy This release achieves the minimum valuable project for users.

[x] Deployment Design Document (Issue #227)
[x] Support to AWS S3 (Storage) (Issue # <https://github.com/repository-service-tuf/repository-service-tuf/issues/24>)
[x] Distributed asynchronous threshold signing (Issue #327)
[x] Support to multiple Key Vaults for online Key during Ceremony/Metadata Update
- [x] AWS KMS (Issue #24)
- [x] Support of HashiCorp Vault (Issue #509)
[x] Support for Root Signing (Ceremony, Metadata Update and Sign)
- [x] HSM (Yubikey) (Issue #351[cli])
- [x] SigStore (Issue #657[cli])
[x] Improve new admin CLI UI & UX. (Issue #532[cli])
[x] Create/Remove custom delegate Target Roles (Issue #354)
[x] Security Audit on RSTUF Project (Issue #246)

Components Milestones:

Status: TBD

Implement End-to-end signing of packages. Developers or Release Manager can sign the artifacts. See PEP 480 for more details.