Re-sort the zddc-server feature list so the most-immediately-useful
behaviours (lazy folder creation, virtual .archive URLs, basic ACL,
roles, WORM, cascade tracer) come first, then the operational table
stakes (per-request logging, TLS hygiene), and the federal/regulated
bullets (OPA decider, designed-for-regulated-environments) last. Within
each tier the simpler item leads.
Strip the explicit ZDDC_ROOT=/srv/zddc from the run example. The binary
defaults to the current working directory, so for a quick start
"./zddc-server" is all that's needed. Add a follow-on note that the
listener defaults to https://localhost:8443/ with a self-signed cert
and that --root / --addr / --tls-* override the defaults.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Update reference.html § 9 (transmittal workflow): replace the legacy
per-party tree (project/{party-name}/{incoming,received,issued}) with
the current canonical layout — project root has working/, staging/,
reviewing/, archive/, and per-party folders sit under
archive/<party>/{mdl,incoming,received,issued}/. Note lazy creation,
case-fold matching, the per-user virtual <viewer-email>/ entry, mdl
opening the table editor, and the staging↔working drafting mirror.
Add a "Drafting a response transmittal" subsection describing how
inbound submittals (-SUB- @ IFR/IFA) flow through staging→working
into archive/<party>/issued/ as RS* responses.
Update index.html "Access control via .zddc files" bullet to describe
what the server actually does today: cascade direction, the five
verbs (r/w/c/d/a), explicit deny via empty grant, and the
X-Auth-Request-Email convention. Add new bullets for roles (with a
short YAML example), WORM archive folders + drop-in producer pattern,
lazy folder creation + case-fold matching, the cascade tracer
admin endpoint, and an expanded OPA paragraph (input shape, cache
TTL, fail-open flag, --print-rego=federal). Update the install card's
tool-folder list to use lowercase canonical names, mention browse,
and add mdl.table.html as the per-party MDL view.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
A non-technical entry point for federal evaluators answering "can this
go in our environment, and what would need to be added during ATO?" —
the question that today only has an answer buried in the engineering
README.
Six sections, written for the procurement / decision-maker audience
with engineers as the secondary reader:
1. Hero: ZDDC is designed to be deployed in regulated environments.
2. What's already in place — hardened TLS posture, pluggable OPA
policy engine, federal-mode strict-least-privilege Rego, audit
logging, vulnerability-disclosure policy, documented access-
control model with a 5-minute verify-it recipe.
3. Supported deployment shape — diagram showing zddc-server on
loopback behind a TLS-terminating proxy on a RHEL/UBI base.
4. What you'd add for full ATO — table of five integration items
(FIPS-validated crypto, authenticated proxy↔server channel, RBAC,
policy export, code-signed tool fetches) with plain-language
summaries.
5. The two-track build plan — explains why the standard binary
stays pure-Go and a parallel zddc-server-fips build is the right
answer for federal customers.
6. Engineering reference — links into the in-repo gap analysis,
ARCHITECTURE.md security section, and access-control reference
for implementors.
Linked from index.html in two places: a new feature bullet on the
zddc-server (optional) section pointing at the page, and a "For
federal evaluators" entry in the Learn-more list at the bottom.
No engineering content here — federal.html is the procurement entry
point. The deeper detail (NIST control numbers, library choices,
effort estimates) lives in zddc/README.md § Federal-readiness gap
analysis where engineers will look for it.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- New zddc-server feature bullet for OPA-compatible policy decider:
ZDDC_OPA_URL flips to external Rego with the same .zddc files as input
- Access-control bullet now links to the cascade reference (worked
examples for paired open/closed + third-party-vendor layouts)
- Access-logging bullet covers stdout-as-canonical and the file-tee
fallback so orchestrator-pipeline deployments aren't surprised
- New Learn-more link to the access-control reference (cascade rules,
anti-patterns, five-minute verify recipe, federal-readiness gap
analysis with NIST control refs)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- index.html: stable channel chip referenced --color-primary, which
is undefined; falling back to the browser-default visited-link color
rendered it purple. Switch to the actually-defined --color-accent.
- css/style.css: lift dark-mode pill backgrounds (--color-accent-soft,
--color-Tracking, --color-Title) so pills have a visible edge against
the near-black page bg (~1.5:1 → ~2.2:1 adjacency contrast). Accent
text on the lighter pills stays at 3.6:1, fine for short labels.
- css/style.css: brand-logo's navy <rect> blends into the page bg in
dark mode; override its fill to a lighter steel-blue so the rounded
square stays visible.
Light mode is untouched.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Seeded from the website branch's working tree as of zddc@76e1e78.
Release artifacts (HTML tool builds + zddc-server binaries) live on
the deploy host under /srv/zddc/releases/; they are reproducible
from <tool>-vX.Y.Z tags on https://codeberg.org/VARASYS/ZDDC.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
