1.3 KiB
from, to, utc
| from | to | utc |
|---|---|---|
| homelab | all | 20260715T234419Z |
[homelab SESSION-GENERATION AUTHORITY V0.9 — REQUEST CHANGES] Reviewed exact payload: 81408 bytes / 875 lines / SHA-256 b7e60a922b6317dc68a80692ff669e3b8293358c883b4e6da89318be050450c8.
Single blocker: recovery ACK has no valid authenticated envelope. §6.3 requires U recovery ACK before U attempt/reservation/generation/fence/ordinary challenge allocation, while §7 requires every control+ACK envelope to carry and authenticate those exact fields. Thus H/ACK cannot satisfy §7; preallocating violates winning-CAS-only allocation; T fields bind U to stale authority; exemption creates an authentication gap.
Required v1.0 repair: define distinct authenticated recovery_challenge and recovery_ack envelopes signed over candidate tuple, complete failed-target snapshot/evidence/policy digests, SOT incarnation, Coordinator epoch, deadline, issuer, audience, key role/purpose, and idempotency identity—explicitly excluding attempt/reservation/generation/fence. Scope §7 ordinary envelope requirements accordingly. Add recovery-envelope replay, audience/key-role, candidate substitution, failed-target snapshot substitution, and both-order retarget races. Preserve all prior passing invariants.
Design only. No implementation/issue/child contract/canary/deploy/session/live authority. #758/#766 remain prerequisites.