Uploaded image for project: 'OpenShift Pipelines'
  1. OpenShift Pipelines
  2. SRVKP-7363

Develop a migration strategy aligned with general OpenShift products.

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • Operator, Tekton Pipelines
    • None

      Story (Required)

      As a Developer I want to develop a comprehensive migration strategy for post-quantum cryptography So that we can systematically transition OpenShift and Tekton ecosystem projects to quantum-resistant cryptographic methods with minimal disruption

      Background

      The Tekton ecosystem comprises multiple projects with critical CI/CD infrastructure. Recent advancements in quantum computing pose significant risks to traditional cryptographic methods. This analysis is crucial to:

      • Understand existing cryptographic vulnerabilities
      • Prepare for potential quantum computing attacks
      • Proactively protect software supply chain security
      • Ensure long-term resilience of Tekton projects

      Out of Scope

      • Immediate implementation of quantum-resistant algorithms
      • Comprehensive code refactoring
      • Replacing all existing cryptographic implementations
      • Performing actual exploits or penetration testing

      Approach (Required)

      • Leverage previous cryptographic inventory and vulnerability analysis
      • Identify current cryptographic dependencies across OpenShift products
      • Review NIST Post-Quantum Cryptography (PQC) standardization efforts
      • Engage and Align with Redhat Crypto Team

      Dependencies

      <Describes what this story depends on. Dependent Stories and EPICs should be linked to the story.>

      Acceptance Criteria (Mandatory)

      <Describe edge cases to consider when implementing the story and defining tests>

      <Provides a required and minimum list of acceptance tests for this story. More is expected as the engineer implements this story>

      INVEST Checklist

      Dependencies identified

      Blockers noted and expected delivery timelines set

      Design is implementable

      Acceptance criteria agreed upon

      Story estimated

      Legend

      Unknown

      Verified

      Unsatisfied

      Done Checklist

      • Code is completed, reviewed, documented and checked in
      • Unit and integration test automation have been delivered and running cleanly in continuous integration/staging/canary environment
      • Continuous Delivery pipeline(s) is able to proceed with new code included
      • Customer facing documentation, API docs etc. are produced/updated, reviewed and published
      • Acceptance criteria are met

              Unassigned Unassigned
              jkhelil abdeljawed khelil
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: