Closed mkeeter closed 1 month ago
Hubris counterpart to https://github.com/oxidecomputer/management-gateway-service/pull/274; see that PR or RFD 492 § Sketch of an unlock policy for more details.
We use the new SpRot::lifecycle_state function to decide whether to send UnlockChallenge::Trivial or UnlockChallenge::EcdsaSha2Nistp256.
SpRot::lifecycle_state
UnlockChallenge::Trivial
UnlockChallenge::EcdsaSha2Nistp256
(opening as a draft pending testing)
Hubris counterpart to https://github.com/oxidecomputer/management-gateway-service/pull/274; see that PR or RFD 492 § Sketch of an unlock policy for more details.
We use the new
SpRot::lifecycle_state
function to decide whether to sendUnlockChallenge::Trivial
orUnlockChallenge::EcdsaSha2Nistp256
.(opening as a draft pending testing)