# MVG Air‑gapped Verifier Kit — Key Rotation & Keyring Policy (Public‑safe) **Version:** v1.0.0 **Issued (UTC):** 2026-02-12T04:00:00Z **Scope:** Offline verification of MVG air‑gapped verifier kit supply‑chain artifacts. > Boundary language (procurement‑grade): This document is informational only and **non‑binding unless signed**. > Public materials do **not** grant any patent license by publication. This is **not** a compliance certification. --- ## 1) Goals 1. **Rotation without breaking verification** Reviewers must be able to validate historical artifacts even after signing keys rotate. 2. **Fail‑closed behavior** Missing/unsupported crypto yields **HOLD**. Cryptographic or integrity mismatches yield **FAIL**. 3. **Offline‑first** Verification is designed to be performed with no network access. --- ## 2) Objects ### 2.1 Trust anchors (root) File: `MVG_Airgapped_Verifier_Kit_Keyring_TrustAnchors_PUBLIC_v1.0.0.json` A small set of pinned public keys that can verify a **signed keyring snapshot**. ### 2.2 Signed keyring snapshot (DSSE) File: `MVG_Airgapped_Verifier_Kit_Keyring_PUBLIC_v1.0.0.dsse.json` Payload type: `application/vnd.mvg.airgapped_verifier_kit.keyring_snapshot+json` Contains the list of currently recognized signing keys, their roles, and lifecycle metadata. ### 2.3 Signing keys (in keyring) Keys are scoped by **role**, for example: - `airgap_kit.release.dsse.sign` — kit release receipts - `airgap_kit.commitments.dsse.sign` — commitment log heads + private receipts - `airgap_kit.headchain.dsse.sign` — commitment headchain heads (log‑of‑heads) --- ## 3) Lifecycle states Each key has a `status`: - **active** — valid for signing new artifacts - **deprecated** — valid for verification within a grace window - **revoked** — MUST NOT be accepted for verification (FAIL) Recommended evaluator behavior: - `active` → accept - `deprecated` and `now ≤ grace_until_utc` → accept (mark as deprecated) - `deprecated` and `now > grace_until_utc` → **HOLD** (unless an explicit legacy override is enabled) - `revoked` → **FAIL** > Why HOLD after grace? Offline machines can have inaccurate clocks. HOLD is fail‑closed without creating false accusations. --- ## 4) Rotation procedure (public‑safe) 1. MVG issues a new signing key (new `kid`) for the relevant role. 2. MVG publishes an updated **signed keyring snapshot** (DSSE), verified by the pinned trust anchor(s). 3. MVG marks the previous key as `deprecated` and sets `grace_until_utc`. 4. After the grace window, MVG may mark the old key as `revoked` (or keep it deprecated for historical verification under agreement). --- ## 5) Audit attachment set (recommended) For a procurement/audit record, the recommended attachment set is: - Artifact ZIP (kit or pack) - Artifact DSSE receipt - Signed keyring snapshot DSSE (the snapshot used for verification) - Any referenced logs/heads (if applicable) - Verifier print summary (PASS/FAIL/HOLD) with Approval ID / QR re‑verification --- ## 6) Non‑binding boundary language - **Non‑binding unless signed.** Binding terms exist only in fully executed agreements. - **No patent license by publication.** Public materials are informational only. - **Not a certification.** This is a verification format + toolchain, not a compliance stamp.