From bf163772267ce49db9dcd3cc1cb3b8f1931baf8c Mon Sep 17 00:00:00 2001 From: Katrina Prosise Date: Thu, 12 Feb 2026 08:10:53 -0500 Subject: [PATCH] Cleanup readme MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Minor changes to README.md, such as adding a top level header. This commit applies to issue FFTK-4611, "…cleanup README" Signed-off-by: Katrina Prosise --- README.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 90e1d90..cbe1a9f 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ +# Fioconfig + This is a simple daemon designed to manage configuration data for an -embedded device. Its based on a customized OTA Community Edition +embedded device. It is based on a customized OTA Community Edition device-gateway endpoint, but the idea used could be generic to any system wanting to employ secure configuration management. @@ -8,17 +10,17 @@ system wanting to employ secure configuration management. OTA devices communicate with a device-gateway using SSL client authentication. This means the public key of each device is known. By default, devices will have Elliptical Curve keys. Using a technique -known as [ECIES](https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme) -a the configuration values can be encrypted client-side and sent to +known as [ECIES](https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme), +the configuration values can be encrypted client-side and sent to the device-gateway so that it has no knowledge of a device's configuration values. The device can then pull down the encrypted configuration and use its private key to decrypt. The encrypted file is stored to a persistent location on disk. At boot, -a fioconfig can extract this data to tmpfs (/var/run/secrets) so that +fioconfig can extract this data to `tmpfs` (`/var/run/secrets`) so that they are only available at runtime. +## How to Build -## How to build `make bin/fioconfig-linux-amd64` `make test`