Roadmap

## Documentation
- **General**
  - [ ] Add list of goals and non-goals for the project
  - [ ] Identify use-cases and non-use cases
  - [ ] Identify threat models (based on who they apply to: end-users, application developers, e2esdk developers)
- **Cryptography**
  - [x] Encodings
  - [x] Signatures
  - [x] Identity
  - [x] Public key authentication
  - [ ] Cipher suite
  - [ ] Keychain items
  - [ ] Sharing
  - [x] Form data handling
- **Components**
  - [ ] Server
    - [x] Swagger/OpenAPI docs (#12)
    - [ ] How to deploy the Docker image
  - [x] Client (#20)
  - [ ] Devtools

## Cryptography
- [ ] Password derivation _(Argon2id)_ for authentication (#19)
- [ ] Secret splitting _(Shamir Secret Sharing)_ for recovery
- [x] PAKE for online authentication _(OPAQUE)_
- [x] Form data handling
- [x] ~Separate~ Consolidate cryptographic layer: 
  - ~`@e2esdk/crypto-core` for common code (codecs, utils)~
  - ~`@e2esdk/crypto-lite` for TweetNaCl-based ingestion operations (sealed box, secret box)~
  - ~`@e2esdk/crypto-sodium`  for complete Sodium-based operations~
  - ~`@e2esdk/crypto-forms` for higher-level form data encryption~
  Note: it is preferable to focus on a single ciphersuite to avoid rolling out missing algorithms on a "lite" version that will only save a few KiB. So everything should be part of a single cryptographic library.

## Client
- [x] Real-time notifications via WebSocket ~+ SharedWorker, gracefully degraded to polling where SW aren't available.~ (#8)
- [ ] Configure persistance ("remember me for N days")

## Server
- [x] Add audit logs

## Devtools
- [x] Investigate passing a live Client as "props" rather than creating a dedicated one
- [x] Fix usage in SSR frameworks (Next.js)
- [ ] Allow configuring position & size, for static panel vs drawer behaviour

## Examples
- [x] Add contact form example from https://github.com/SocialGouv/chiffrement-sandbox

## Other
- [x] Add CI
- [x] ~Investigate [Changesets](https://github.com/changesets/changesets) for versioning packages~ -> Using semantic release instead
- [x] Investigate [Verdaccio](https://github.com/verdaccio/verdaccio) for local NPM deployment testing (#11)
- [x] Deploy to ~SocialGouv's internal NPM registry~ for testing -> deployed to public NPM registry, under the `@socialgouv` organisation
- [x] Deploy Docker image to SocialGouv's container registry
- [x] Add CD

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Roadmap #10

Documentation

Cryptography

Client

Server

Devtools

Examples

Other

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Roadmap #10

Description

Documentation

Cryptography

Client

Server

Devtools

Examples

Other

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions