https://github.com/mokkunsuzuki-code/stage361
Stage361: Revocation Proof Injection Gate with Stage360 External Timestamp Binding. Adds OCSP, CRL, and signed revocation metadata receivers into the QSP evidence rail without false verified claims.
https://github.com/mokkunsuzuki-code/stage361
audit certificate crl cryptography cybersecurity evidence fail-closed ocsp provenance qsp revocation supply-chain-security timestamp transparency verification
Last synced: 10 days ago
JSON representation
Stage361: Revocation Proof Injection Gate with Stage360 External Timestamp Binding. Adds OCSP, CRL, and signed revocation metadata receivers into the QSP evidence rail without false verified claims.
- Host: GitHub
- URL: https://github.com/mokkunsuzuki-code/stage361
- Owner: mokkunsuzuki-code
- Created: 2026-06-26T04:55:14.000Z (23 days ago)
- Default Branch: main
- Last Pushed: 2026-06-26T05:10:05.000Z (23 days ago)
- Last Synced: 2026-06-26T07:07:58.261Z (23 days ago)
- Topics: audit, certificate, crl, cryptography, cybersecurity, evidence, fail-closed, ocsp, provenance, qsp, revocation, supply-chain-security, timestamp, transparency, verification
- Language: Python
- Size: 117 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Stage361: Revocation Proof Injection Gate
Stage361 adds a revocation proof injection gate on top of Stage360.
## Purpose
Stage360 binds external timestamp proof metadata.
Stage361 adds the next missing security question:
> Is the key or certificate revoked?
## What Stage361 Adds
- Stage360 result hash binding
- Stage359 public key fingerprint as revocation target
- OCSP proof receiver
- CRL proof receiver
- signed revocation metadata receiver
- pending_revocation_proof decision
- fake verified claim detection
- fail-closed block conditions
## Decision
Stage361 returns:
- `pending_revocation_proof`
- `accept_revocation_binding`
- `block`
At this stage, the default correct decision is:
```text
pending_revocation_proof
because Stage361 does not yet perform real OCSP or CRL cryptographic verification.
Safety Boundary
Stage361 does not include:
private keys
raw secrets
raw QKD key material
real OCSP verified claims
real CRL verified claims
Meaning
Stage361 does not say:
This certificate is definitely good.
Stage361 says:
The QSP evidence rail now has a safe place to inject and verify revocation proof later.