[incubator-milagro] 04/06: overview page one

[ki...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

kittohoward pushed a commit to branch dta/overview
in repository https://gitbox.apache.org/repos/asf/incubator-milagro.git

commit 8012882181d1bbd09a299acceb325962cde776fa
Author: howardkitto <ki...@gmail.com>
AuthorDate: Fri Jun 28 14:11:30 2019 +0100

    overview page one
---
 docs/d-ta-overview.md                     |  30 ++++++++++++++++++++++++++----
 website/static/img/dta/Figure1.png        | Bin 58639 -> 0 bytes
 website/static/img/dta/RC1-Ecosystem.png  | Bin 0 -> 86849 bytes
 website/static/img/dta/RC1-Overview-1.png | Bin 0 -> 28513 bytes
 4 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/docs/d-ta-overview.md b/docs/d-ta-overview.md
index b4c71a8..b3f6bb9 100644
--- a/docs/d-ta-overview.md
+++ b/docs/d-ta-overview.md
@@ -4,16 +4,38 @@ title: Decentralized Trust Authority Overview
 sidebar_label: D-TA Node Overview
 ---
 
-## Introduction
+# Introduction
 
-Apache Milagro Distributed Trust Authority is a server application that enables you to generate and secure secret keys using the Milagro Cryptographic libraries. In future releases we aim to enable a wide range of keys to be generated including type 3 pairing keys that can be used to authorise MPIN authentication servers and as client secrets. Securing of keys is enabled in RC1 - and is the focus of this documentation. 
+Apache Milagro Distributed Trust Authority is a server application that enables you to generate and secure secret keys using the Milagro Cryptographic libraries. Securing of secret keys (Safeguarding)  is enabled in RC1 - and is the focus of this documentation. In future releases we aim to enable a wide range of keys to be generated including Type-3 Pairing Keys that can be used to authorise MPIN authentication servers and as client secrets.
 
 ## Safeguarding Secrets 
 
-Inorder to safeguard a secret a pair of Milagro DTA servers is required, a client (refered to as the Principal) and a server (refered to as a Fiduciary) in addition the third party can be nominated at the ultimate recipient of the secret (refered to as the Beneficiary). This can be imagined like a "network HSM". Here is a VERY simplified version of the process:
+In order to safeguard a secret, a pair of Milagro DTA servers is required: a client (refered to as the Principal) and a server (refered to as a Fiduciary). In addition a third party can be nominated as the ultimate recipient of the secret (refered to as the Beneficiary). This system can be imagined like a "network HSM". Here is a VERY simplified version of the process:
 
-![alt text](/img/dta/Figure1.png)
+![Figure 1](/img/dta/RC1-Overview-1.png)
 
+## Milagro DTA is Not Secure (on its own)
+The key seed is the focus of the system - Milagro DTA aims to provide a method for communicating with organisations who provide services for securing seeds (Custodians), it does not prescribe how the securing should be done. We hope that many custodial services will adopt Milagro as a communication protocol and that they will bring a proffusion of security paradigms: working together we can make the Internet a safer place. The most basic implementation of Milagro should secure seeds in a [...]
+
+## The Milagro Communication Protocol
+Milagro DTA provides a secure, distributed method of communication between beneficiaries, principals and fiduciaries. It aims to solve the following problems:
+
+1. How can actors in the system be identified and trusted?
+
+    **Answer:** Identity Documents
+2. How can records of interactions between actors in the system be trusted and verified?
+
+    **Answer:** Encrypted Envelopes via IPFS
+3. How can conditions for revealing or using secrets be specified? 
+
+    **Answer:** Redemption Policies
+4. How can different custodial services provide their own "special security sauce"?
+
+    **Answer:** Plugins
+
+A more complete view of the Milagro DTA ecosystem is shown below
+
+![Figure 1](/img/dta/RC1-Ecosystem.png)
 
 
 
diff --git a/website/static/img/dta/Figure1.png b/website/static/img/dta/Figure1.png
deleted file mode 100644
index 4c08ad6..0000000
Binary files a/website/static/img/dta/Figure1.png and /dev/null differ
diff --git a/website/static/img/dta/RC1-Ecosystem.png b/website/static/img/dta/RC1-Ecosystem.png
new file mode 100644
index 0000000..59bf721
Binary files /dev/null and b/website/static/img/dta/RC1-Ecosystem.png differ
diff --git a/website/static/img/dta/RC1-Overview-1.png b/website/static/img/dta/RC1-Overview-1.png
new file mode 100644
index 0000000..5fdfa85
Binary files /dev/null and b/website/static/img/dta/RC1-Overview-1.png differ