docs(security): 同步高價值配置 owner packet 快照 [skip ci]

This commit is contained in:
Your Name
2026-06-14 17:23:19 +08:00
parent 3db8d53d58
commit d636eaa008
8 changed files with 325 additions and 25 deletions

View File

@@ -2,7 +2,7 @@
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-12 |
| 日期 | 2026-06-14 |
| 狀態 | `coverage_matrix_ready` |
| 工具 | `scripts/security/high-value-config-control-coverage.py` |
| Snapshot | `docs/security/high-value-config-control-coverage.snapshot.json` |
@@ -15,6 +15,17 @@
本階段仍是只讀覆蓋矩陣,不接 blocking CI、不 SSH、不讀 live host、不執行 `nginx -t`、不 reload Nginx、不做 DNS / TLS probe、不 renew cert、不同步 refs、不修改 workflow、不收 secret value、不啟動 agent-bounty runtime。
## 1.1 2026-06-14 P0 pattern 覆蓋同步
本輪 snapshot 已從最新 `high-value-config-change-gate.py` 讀回 P0 pattern 補強:
| 類別 | 新增覆蓋 | 目前解讀 |
|------|----------|----------|
| `nginx_public_gateway` | `k8s/nginx/**` | K8s 內 Nginx 公開入口設定納入 P0 / C0 owner response 與 rollback 管控 |
| `dns_tls_certbot` | `scripts/ops/**/*cert*``scripts/ops/**/*tls*` | 憑證修復、renewal 與 TLS 腳本納入 P0 / C0 owner response 與維護窗口管控 |
此同步只修正長期覆蓋矩陣與變更 Gate 的一致性,不代表 live evidence 已收到,也不代表可執行 `nginx -t`、reload、certbot renew 或 DNS / TLS 變更。
## 2. 覆蓋摘要
| 指標 | 目前值 | 說明 |

View File

@@ -2,8 +2,8 @@
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-11 |
| 狀態 | `owner_packet_draft_ready` |
| 日期 | 2026-06-14 |
| 狀態 | `owner_packet_draft_ready_p0_path_sync` |
| 工具 | `scripts/security/high-value-config-owner-packet.py` |
| 輸入 | `docs/security/high-value-config-change-gate.snapshot.json` |
| Snapshot | `docs/security/high-value-config-owner-packet.snapshot.json` |
@@ -15,6 +15,18 @@ P0.2 已能將變更分類成 C0 / C1 / C2 / C3。本文件與工具負責下一
本階段仍是只讀草案,不送 request、不收 owner response、不標記 received / accepted、不建立 action button、不接 blocking CI、不執行 runtime。
## 1.1 2026-06-14 P0 path sync
本輪 owner packet snapshot 已跟隨高價值配置 Gate 的 P0 pattern 補強重產:
| Packet | affected files | 邊界 |
|--------|----------------|------|
| `nginx_public_gateway` | `k8s/nginx/awoooi-prod.conf` | 只要求 public gateway owner response、rendered diff、`nginx -t` 計畫、route smoke 計畫與 rollback ref不代表已讀 live conf 或 reload |
| `dns_tls_certbot` | `scripts/ops/188-registry-certbot-fix.sh``scripts/ops/fix-188-registry-certbot-renewal.sh` | 只要求 domain / TLS owner response、renewal window、ACME smoke 計畫、public HTTPS smoke 計畫與 rollback ref不代表 certbot renew 或 DNS / TLS 變更 |
| `security_evidence_tooling` | Gate 文件、snapshot 與工具 | 只要求 snapshot parse、guard smoke、doc secret sanity 與 no runtime gate increase |
重產結果為 `packet_count=3``c0_packet_count=2``c1_packet_count=0``runtime_gate_count=0`request / received / accepted 仍全部維持 `0`
## 2. Canonical 欄位
高價值配置 packet 對齊 S4.9 canonical owner response envelope使用以下欄位

View File

@@ -7,7 +7,7 @@
| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness + IwoooS AwoooP cross-session handoff packets + AwoooP 首頁 IwoooS 資安鏡像候選 + AwoooP 工作鏈路 IwoooS 資安鏡像候選 + AwoooP 審批佇列 IwoooS owner response 只讀焦點 |
| 本階段追加 | AwoooP 合約儀表板 IwoooS 資安契約只讀候選 + AwoooP 租戶管理 IwoooS 資安租戶範圍只讀候選 + AwoooP 執行監控 IwoooS 執行狀態只讀候選 + 既有安全 / 合規頁面 IwoooS 只讀反向橋接 + 告警 / 錯誤 / 授權 / 治理頁面 IwoooS 只讀反向橋接 + 稽核 / 工程審查頁面 IwoooS 深色只讀反向橋接 + IwoooS 前端資安頁面連接狀態板 + IwoooS GitHub 主要來源就緒度只讀狀態板 + AwoooP 工作鏈路 GitHub 主要來源就緒度只讀工作項 + AwoooP 合約儀表板 GitHub 主要來源就緒度合約只讀候選 + AwoooP 審批佇列 GitHub 主要來源就緒度審批邊界 + AwoooP 首頁 GitHub 主要來源就緒度只讀摘要 + AwoooP 租戶管理 GitHub 主要來源就緒度租戶範圍 + AwoooP 執行監控 GitHub 主要來源就緒度執行邊界 + IwoooS / AwoooP 資安可視區塊繁體中文呈現防護檢查 + AwoooP 執行詳情 / 審批詳情繁體中文呈現防護檢查 + AwoooP 首頁負責人回覆驗收總覽 + AwoooP 工作鏈路負責人回覆驗收只讀工作項 + AwoooP 合約儀表板負責人回覆驗收契約只讀候選 + AwoooP 審批佇列負責人回覆驗收只讀審查邊界 + AwoooP 租戶管理負責人回覆驗收租戶範圍 + AwoooP 執行監控負責人回覆驗收執行邊界 + AwoooP 執行詳情負責人回覆驗收詳情邊界 + AwoooP 審批決策負責人回覆驗收審批邊界 + IwoooS AwoooP 資安入口覆蓋狀態板 + IwoooS 階段式資安收斂節奏圖 + IwoooS 下一步人工收件作戰板 + IwoooS 人工回覆安全驗收閘道 + IwoooS 人工回覆審查結果分流 + IwoooS 人工決策準備佇列 + IwoooS 人工決策紀錄草稿防誤用 + IwoooS 人工決策正式紀錄負責人指派確認準備包 + IwoooS 人工決策正式紀錄負責人指派確認清單 + IwoooS 人工決策正式紀錄負責人指派確認結果分流 + IwoooS 人工決策正式紀錄負責人指派決策準備包 + IwoooS 人工決策正式紀錄負責人指派決策檢查清單 + IwoooS S4.9 負責人回覆封套欄位 + IwoooS S4.9 負責人回覆封套送件前檢查 + IwoooS S4.9 負責人回覆封套送件前結果分流 + IwoooS S4.9 負責人回覆送件請求草稿 + IwoooS S4.9 負責人回覆送件鏈路摘要 + IwoooS 低摩擦分階段收斂主控 + IwoooS 低摩擦下一步行動邊界 + IwoooS 64% 進度移動訊號驗收條 + IwoooS 第一個進度解鎖路徑 + IwoooS 第一解鎖證據包 + IwoooS 第一解鎖證據包預檢分流 + IwoooS 第一解鎖證據包補件路徑 + IwoooS 第一解鎖證據包補件送審前檢查 + IwoooS 第一解鎖證據包補件送審結果分流 + IwoooS 第一解鎖證據包 reviewer 指派準備包 + IwoooS 第一解鎖證據包 reviewer 指派前檢查 + IwoooS 第一解鎖證據包 reviewer 指派前檢查結果分流 + IwoooS 正式只讀 landing 與 Kali 112 只讀證據進度重估 |
| 本階段追加補充 | IwoooS 目前具體工作地圖 + IwoooS 目前具體交付清單 + IwoooS 目前阻塞與解除條件 + IwoooS 三軸進度與全產品套用範圍 + IwoooS 全產品分階段套用台帳 + IwoooS 全產品 rollout 波次驗收門檻 + IwoooS 全產品 rollout 驗收結果分流 + IwoooS 全產品證據接線地圖 + IwoooS 全產品證據接線預檢 + IwoooS 全產品證據接線預檢結果分流 + IwoooS 全產品預檢補件回收台帳 + IwoooS 全產品補件重試門檻 + IwoooS 全產品重試結果分流 + IwoooS 全產品人工審查候選準備 + IwoooS 全產品人工審查候選預檢 + IwoooS 全產品人工審查候選預檢結果分流 + IwoooS 全產品人工審查候選預檢補件回收台帳 + IwoooS 全產品人工審查候選預檢補件重試門檻 + IwoooS 全產品只讀套用快照 + P2-145 owner response acceptance gate 正式驗證完成 |
| P0 追加 | IwoooS P0 配置控管優先序前台正式驗證完成Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類先列為即時風險配置;高價值配置 Gate 已補上 `k8s/nginx/**``scripts/ops/**/*cert*``scripts/ops/**/*tls*`sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`Gate 預設工作樹 preflight 已可讀取 staged / unstaged / untracked本地 smoke 對臨時 `k8s/nginx/*` 檔命中 C0owner response / live evidence / runtime gate / action buttons 仍全部為 0 |
| P0 追加 | IwoooS P0 配置控管優先序前台正式驗證完成Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類先列為即時風險配置;高價值配置 Gate 已補上 `k8s/nginx/**``scripts/ops/**/*cert*``scripts/ops/**/*tls*`sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`Gate 預設工作樹 preflight 已可讀取 staged / unstaged / untracked本地 smoke 對臨時 `k8s/nginx/*` 檔命中 C0Owner Packet snapshot 已同步為 `packets=3 / c0=2`Coverage snapshot 已同步最新 patternsowner response / live evidence / runtime gate / action buttons 仍全部為 0 |
| 原則 | 低摩擦分階段文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary |
| P0 主控板 | `docs/workplans/2026-06-04-iwooos-security-governance-p0.md` |

View File

@@ -23,6 +23,7 @@
"patterns": [
"infra/ansible/roles/nginx/templates/*.j2",
"infra/ansible/playbooks/nginx-sync.yml",
"k8s/nginx/**",
"ops/nginx/**",
"docs/runbooks/disaster-recovery/DR-Nginx.md"
],
@@ -58,6 +59,8 @@
"docs/runbooks/REGISTRY-CERTBOT-188.md",
"docs/runbooks/**/*CERTBOT*.md",
"docs/runbooks/**/*TLS*.md",
"scripts/ops/**/*cert*",
"scripts/ops/**/*tls*",
"ops/**/*cert*",
"ops/**/*tls*",
"infra/**/*cert*",
@@ -564,8 +567,8 @@
"websocket_route_change_authorized": false,
"workflow_modification_authorized": false
},
"generated_at": "2026-06-12T10:35:00+08:00",
"git_commit": "e4747722",
"generated_at": "2026-06-14T17:21:00+08:00",
"git_commit": "3db8d53d",
"lowest_coverage_categories": [
{
"category_id": "docker_compose_systemd_host_config",

View File

@@ -24,6 +24,7 @@
"path_patterns": [
"infra/ansible/roles/nginx/templates/*.j2",
"infra/ansible/playbooks/nginx-sync.yml",
"k8s/nginx/**",
"ops/nginx/**",
"docs/runbooks/disaster-recovery/DR-Nginx.md"
],
@@ -57,6 +58,8 @@
"docs/runbooks/REGISTRY-CERTBOT-188.md",
"docs/runbooks/**/*CERTBOT*.md",
"docs/runbooks/**/*TLS*.md",
"scripts/ops/**/*cert*",
"scripts/ops/**/*tls*",
"ops/**/*cert*",
"ops/**/*tls*",
"infra/**/*cert*",
@@ -490,8 +493,8 @@
"runtime_execution_authorized": false,
"secret_value_collected": false
},
"generated_at": "2026-06-11T13:00:00+08:00",
"git_commit": "ccf87213",
"generated_at": "2026-06-14T17:21:00+08:00",
"git_commit": "3db8d53d",
"next_steps": [
"若 packet_count > 0將 packet 交給 owner 補 canonical 欄位;不得把草案視為已送件。",
"若 owner 回覆含 secret 或執行要求,先 quarantine 或 reject_execution_request。",
@@ -500,14 +503,264 @@
"packets": [
{
"affected_files": [
"docs/LOGBOOK.md",
"scripts/ops/188-registry-certbot-fix.sh",
"scripts/ops/fix-188-registry-certbot-renewal.sh"
],
"allowed_decisions": [
"confirm",
"defer",
"reject",
"request_more_evidence"
],
"blocked_requests": [
"repo_create",
"visibility_change",
"refs_sync",
"refs_delete",
"force_push",
"workflow_modify",
"runner_enable",
"secret_value_submit",
"ssh_host_modify",
"nginx_reload",
"dns_tls_modify",
"argocd_sync",
"kubectl_apply",
"active_scan",
"agent_bounty_runtime_execute",
"payout_or_withdrawal"
],
"category_id": "dns_tls_certbot",
"control_tier": "C0",
"false_flags": {
"action_buttons_allowed": false,
"active_scan_authorized": false,
"dns_tls_change_authorized": false,
"force_push_authorized": false,
"host_write_authorized": false,
"nginx_reload_authorized": false,
"refs_sync_authorized": false,
"request_sent": false,
"response_accepted": false,
"response_received": false,
"runner_change_authorized": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"workflow_modification_authorized": false
},
"field_templates": [
{
"field": "owner_role_or_team",
"instruction": "填角色或團隊不填私人帳號、密碼、token 或私人聯絡資訊。",
"required": true
},
{
"field": "decision",
"instruction": "只能填 confirm、defer、reject、request_more_evidence不得附帶 runtime 執行批准。",
"required": true
},
{
"field": "decision_reason",
"instruction": "填脫敏短理由;不可貼 raw log、raw API body、未脫敏截圖或內部對話。",
"required": true
},
{
"field": "affected_scope",
"instruction": "填受影響 repo、host、domain、namespace、route、service、secret name 或產品邊界。",
"required": true
},
{
"field": "redacted_evidence_refs",
"instruction": "只填文件路徑、snapshot id、ticket id、commit、hash 或脫敏 metadata pointer。",
"required": true
},
{
"field": "followup_owner",
"instruction": "填後續補證、審查或決策負責角色 / 團隊。",
"required": true
},
{
"field": "rollback_owner",
"instruction": "填回滾負責角色 / 團隊;不是直接執行授權。",
"required": true
},
{
"field": "maintenance_window",
"instruction": "填維護窗口或明確寫 deferred / not scheduled不得用口頭同意代替。",
"required": true
},
{
"field": "validation_plan",
"instruction": "填 preflight、post-check、rollback check若只讀文件變更寫 guard / json / doc secret sanity。",
"required": true
}
],
"label": "DNS / TLS / certbot / certificate path",
"outcome_lanes": [
"keep_waiting_owner_response",
"request_more_evidence",
"quarantine_sensitive_payload",
"reject_execution_request",
"ready_for_reviewer_validation"
],
"packet_id": "high_value_config_owner_packet:dns_tls_certbot",
"priority": "P0",
"redaction_rules": [
"只收 redacted evidence refs不收 secret value。",
"疑似 token、cookie、authorization header、private key、runner token 或 webhook secret 一律 quarantine。",
"內部工作視窗對話、抱怨、口頭同意不得進產品文案或 LOGBOOK raw text。"
],
"required_gate": "domain_tls_owner_response_required",
"required_validation": [
"domain_inventory",
"certificate_path_check",
"renewal_window",
"acme_path_smoke",
"public_https_smoke",
"rollback_ref"
],
"reviewer_checklist": [
"canonical owner fields 全部存在。",
"decision 只使用允許值。",
"affected scope 可映射到 repo / host / domain / route / service / secret name。",
"redacted evidence refs 不含 raw payload。",
"沒有夾帶執行要求。",
"C0 / C1 若要進 runtime需獨立人工批准與維護窗口。"
],
"status": "draft_waiting_owner_response"
},
{
"affected_files": [
"k8s/nginx/awoooi-prod.conf"
],
"allowed_decisions": [
"confirm",
"defer",
"reject",
"request_more_evidence"
],
"blocked_requests": [
"repo_create",
"visibility_change",
"refs_sync",
"refs_delete",
"force_push",
"workflow_modify",
"runner_enable",
"secret_value_submit",
"ssh_host_modify",
"nginx_reload",
"dns_tls_modify",
"argocd_sync",
"kubectl_apply",
"active_scan",
"agent_bounty_runtime_execute",
"payout_or_withdrawal"
],
"category_id": "nginx_public_gateway",
"control_tier": "C0",
"false_flags": {
"action_buttons_allowed": false,
"active_scan_authorized": false,
"dns_tls_change_authorized": false,
"force_push_authorized": false,
"host_write_authorized": false,
"nginx_reload_authorized": false,
"refs_sync_authorized": false,
"request_sent": false,
"response_accepted": false,
"response_received": false,
"runner_change_authorized": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"workflow_modification_authorized": false
},
"field_templates": [
{
"field": "owner_role_or_team",
"instruction": "填角色或團隊不填私人帳號、密碼、token 或私人聯絡資訊。",
"required": true
},
{
"field": "decision",
"instruction": "只能填 confirm、defer、reject、request_more_evidence不得附帶 runtime 執行批准。",
"required": true
},
{
"field": "decision_reason",
"instruction": "填脫敏短理由;不可貼 raw log、raw API body、未脫敏截圖或內部對話。",
"required": true
},
{
"field": "affected_scope",
"instruction": "填受影響 repo、host、domain、namespace、route、service、secret name 或產品邊界。",
"required": true
},
{
"field": "redacted_evidence_refs",
"instruction": "只填文件路徑、snapshot id、ticket id、commit、hash 或脫敏 metadata pointer。",
"required": true
},
{
"field": "followup_owner",
"instruction": "填後續補證、審查或決策負責角色 / 團隊。",
"required": true
},
{
"field": "rollback_owner",
"instruction": "填回滾負責角色 / 團隊;不是直接執行授權。",
"required": true
},
{
"field": "maintenance_window",
"instruction": "填維護窗口或明確寫 deferred / not scheduled不得用口頭同意代替。",
"required": true
},
{
"field": "validation_plan",
"instruction": "填 preflight、post-check、rollback check若只讀文件變更寫 guard / json / doc secret sanity。",
"required": true
}
],
"label": "Nginx / reverse proxy / public route",
"outcome_lanes": [
"keep_waiting_owner_response",
"request_more_evidence",
"quarantine_sensitive_payload",
"reject_execution_request",
"ready_for_reviewer_validation"
],
"packet_id": "high_value_config_owner_packet:nginx_public_gateway",
"priority": "P0",
"redaction_rules": [
"只收 redacted evidence refs不收 secret value。",
"疑似 token、cookie、authorization header、private key、runner token 或 webhook secret 一律 quarantine。",
"內部工作視窗對話、抱怨、口頭同意不得進產品文案或 LOGBOOK raw text。"
],
"required_gate": "public_gateway_owner_response_required",
"required_validation": [
"rendered_diff",
"nginx_t",
"affected_route_smoke",
"admin_route_smoke_if_affected",
"acme_path_smoke_if_affected",
"rollback_ref"
],
"reviewer_checklist": [
"canonical owner fields 全部存在。",
"decision 只使用允許值。",
"affected scope 可映射到 repo / host / domain / route / service / secret name。",
"redacted evidence refs 不含 raw payload。",
"沒有夾帶執行要求。",
"C0 / C1 若要進 runtime需獨立人工批准與維護窗口。"
],
"status": "draft_waiting_owner_response"
},
{
"affected_files": [
"docs/security/HIGH-VALUE-CONFIG-CHANGE-GATE.md",
"docs/security/HIGH-VALUE-CONFIG-OWNER-PACKET.md",
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
"docs/security/high-value-config-change-gate.snapshot.json",
"docs/security/high-value-config-owner-packet.snapshot.json",
"scripts/security/high-value-config-change-gate.py",
"scripts/security/high-value-config-owner-packet.py"
"scripts/security/high-value-config-change-gate.py"
],
"allowed_decisions": [
"confirm",
@@ -634,23 +887,23 @@
"schema_version": "high_value_config_owner_packet_v1",
"source_gate_schema_version": "high_value_config_change_gate_v1",
"source_gate_summary": {
"changed_file_count": 8,
"impacted_c0_category_count": 0,
"changed_file_count": 6,
"impacted_c0_category_count": 2,
"impacted_c1_category_count": 0,
"impacted_category_count": 1,
"matched_high_value_file_count": 8,
"impacted_category_count": 3,
"matched_high_value_file_count": 6,
"owner_evidence_complete": false,
"owner_evidence_provided": false,
"runtime_execution_authorized": false,
"strongest_priority": "P3",
"strongest_tier": "C3"
"strongest_priority": "P0",
"strongest_tier": "C0"
},
"status": "draft_waiting_owner_response",
"summary": {
"accepted_response_count": 0,
"c0_packet_count": 0,
"c0_packet_count": 2,
"c1_packet_count": 0,
"packet_count": 1,
"packet_count": 3,
"received_response_count": 0,
"request_sent_count": 0,
"runtime_gate_count": 0