Welcome to Trustpoint’s documentation!¶
Warning
Trustpoint is currently in a technology preview (beta) state. Do not use it in production.
Getting Started
- Introduction
- Quickstart Setup Guide
- Quickstart Operation Guide
- Trustpoint Usage Guide
- Community & Support
- Frequently Asked Questions (FAQ)
- What is Trustpoint?
- Who can benefit from Trustpoint?
- Who is (mainly) developing Trustpoint?
- Who are the associated partners of Trustpoint?
- How is Trustpoint funded?
- How can I ask questions or provide feedback about Trustpoint?
- What technologies does Trustpoint use?
- How can I set up the development environment for Trustpoint?
- How can I build and run Trustpoint using Docker?
- How can I contribute to the Trustpoint project?
- 1. What license does Trustpoint use?
- Glossary
Features
- Trustpoint APIs Overview
- Automated Onboarding Key Infrastructure (AOKI)
- Trustpoint mDNS Responder Service
- Onboarding Mechanisms
- PKI
- Management
- Database Encryption in Trustpoint
- HSM Integration in Trustpoint
- Workflow Engine
EU Cyber Resilience Act
- CRA Conformity Assessment
- Purpose Statement
- Purpose & Scope
- Risk Management and Evidence Process
- 1️⃣ Project Identification
- 2️⃣ CRA Scope & Classification
- 3️⃣ Technical Documentation
- 4️⃣ Threat and Risk Assessment
- 5️⃣ Essential Cybersecurity Requirements
- 6️⃣ Conformity Assessment Evidence
- 7️⃣ Security Maintenance and Vulnerability Handling
- 8️⃣ EU Declaration of Conformity
- 9️⃣ Assessment Completion & Approval
- CRA Assessment Maintenance
- Related Documents
- Threat Model
- Risk Register
- Security Controls
Development
- Trustpoint Development environment setup
- Application Overview
- Credentials - Architecture
- Backup And Restore Concept
- Crypto Backend Redesign
- Overview
- Status
- Goals
- Non-Goals
- Repository Findings That Drive This Design
- Core Design Decision
- Use-Case Model
- Top-Level Architecture
- Layer Responsibilities
- Target Package Structure
- Backend Contract
- Key Referencing Strategy
- Provider Profiles
- Capability Probing
- Managed Key Flow
- Export Bundle Flow
- Sessions, Login, and Concurrency
- Certificates and Credential Records
- Secrets Protection
- Bootstrap and Restore
- Error Handling
- Observability
- What Should Be Removed
- Out-of-Scope but Related
- Summary
- Crypto Redesign Implementation Plan
- Overview
- Implementation Principles
- Scope Decisions for This Plan
- Milestone Summary
- Phase 0: Freeze the Target
- Phase 1: Create the New Package Skeleton
- Phase 2: Build the PKCS#11 Core
- Phase 3: First Vertical Slice
- Phase 4: Migrate Persistent Server-Held Flows
- Phase 5: Migrate Export / Download Flows
- Phase 6: Replace Secret Protection
- Phase 7: Remove Legacy Crypto Implementation
- Phase 8: Hardening, Restore, and Rollout
- Testing Strategy
- Recommended Order of File-Level Migration
- De-Risking Guidelines
- Definition of Done
- Auto Restore Workflow
- Trustpoint Software Bill of Materials
- Request Pipeline
- Release Checklist
- Test Plan
- Introduction
- Test Items (Functions)
- Software Risk Issues
- Features To Be Tested
- Features Not To Be Tested
- Approach (Strategy)
- Item Pass/Fail Criteria
- Suspension Criteria And Resumption Requirements
- Test Deliverables
- Remaining Test Tasks
- Environmental Needs
- Staffing And Training Needs
- Responsibilities
- Schedule
- Planning Risks And Contingencies
- Approvals
- Test Cases
- CI/CD
- Test Report