Add release evidence and audit packet
ci / test (push) Has been cancelled
ci / fuzz-smoke (push) Has been cancelled
ci / package-release (linux-x86_64, ubuntu-latest) (push) Has been cancelled
ci / package-release (macos-aarch64, macos-14) (push) Has been cancelled
ci / package-release (macos-x86_64, macos-13) (push) Has been cancelled
ci / package-release (windows-x86_64, windows-latest) (push) Has been cancelled
ci / remote-bench (push) Has been cancelled
ci / test (push) Has been cancelled
ci / fuzz-smoke (push) Has been cancelled
ci / package-release (linux-x86_64, ubuntu-latest) (push) Has been cancelled
ci / package-release (macos-aarch64, macos-14) (push) Has been cancelled
ci / package-release (macos-x86_64, macos-13) (push) Has been cancelled
ci / package-release (windows-x86_64, windows-latest) (push) Has been cancelled
ci / remote-bench (push) Has been cancelled
This commit is contained in:
@@ -250,6 +250,9 @@ fast path after the first authentication has issued an attach ticket. See
|
||||
strongest claim is fast attach/reconnect plus native encrypted forwarding on
|
||||
Dosh-installed servers, not generic SSH compatibility.
|
||||
|
||||
The latest local release evidence is in
|
||||
`docs/RELEASE_EVIDENCE_2026-06-20.md`.
|
||||
|
||||
Generate a publishable Markdown benchmark report:
|
||||
|
||||
```bash
|
||||
@@ -366,11 +369,12 @@ the native authenticated path is tried first and falls back to SSH bootstrap
|
||||
explicitly when native auth is disabled, unavailable, or rejected. It never silently
|
||||
degrades to an unauthenticated mode.
|
||||
|
||||
Native v1 is **not yet fully verified**. Long-running sleep/roaming soak evidence
|
||||
and deeper fuzzing evidence are still open launch gates. See
|
||||
`docs/THREAT_MODEL.md` for the published threat model and accepted residual risks,
|
||||
`docs/PROTOCOL_VERSIONING.md` for the v1 versioning policy, and the "Native v1
|
||||
verification checklist status" table in `docs/PUBLIC_READINESS.md` for the
|
||||
item-by-item state. Dosh does not claim generic SSH compatibility; its defensible
|
||||
claim is fast encrypted native attach/reconnect and forwarding on Dosh-installed
|
||||
servers with SSH bootstrap fallback.
|
||||
Native v1 is **not externally audited yet**. Local 30-minute sleep/roaming soak,
|
||||
fuzz-smoke, and Docker SSH/Mosh benchmark evidence is captured in
|
||||
`docs/RELEASE_EVIDENCE_2026-06-20.md`. See `docs/THREAT_MODEL.md` for the
|
||||
published threat model and accepted residual risks, `docs/PROTOCOL_VERSIONING.md`
|
||||
for the v1 versioning policy, `docs/AUDIT_PACKET.md` for the external security
|
||||
review handoff, and the "Native v1 verification checklist status" table in
|
||||
`docs/PUBLIC_READINESS.md` for the item-by-item state. Dosh does not claim generic
|
||||
SSH compatibility; its defensible claim is fast encrypted native attach/reconnect
|
||||
and forwarding on Dosh-installed servers with SSH bootstrap fallback.
|
||||
|
||||
Reference in New Issue
Block a user