Update README and documentation.

io7m-com · May 11, 2024 · dec1239 · dec1239
1 parent 0785260
commit dec1239
Show file tree

Hide file tree

Showing 3 changed files with 129 additions and 3 deletions.
diff --git a/README.in b/README.in
@@ -0,0 +1,38 @@
+
+## idstore
+
+The `idstore` package provides an identity server for centralized
+authentication.
+
+## Features
+
+* Simple, centralized identity storage and password checking. Passwords are
+  securely stored using PBKDF2.
+* Email-based password reset functionality with a minimalist web interface.
+* Full API access for all operations: Separate user-facing and
+  administrator-facing APIs are exposed on different ports and are accessed
+  using an efficient binary protocol over HTTP.
+* Full Java API for performing user and administrative operations.
+* Strong separation between administrators and users.
+* Fine-grained capability based security model for administrative operations;
+  Safely write external services that can perform administrative operations
+  while maintaining the principle of least privilege.
+* Command-line administrative shell.
+* Complete audit log; every operation that changes the state of the system is
+  logged in an append-only log.
+* Fully instrumented with [OpenTelemetry](https://opentelemetry.io/).
+* A small, easily auditable codebase with a heavy use of modularity for
+  correctness.
+* An extensive automated test suite with high coverage.
+* Platform independence. No platform-dependent code is included in any form,
+  and installations can largely be carried between platforms without changes.
+* [OCI](https://opencontainers.org/)-ready: Ready to run as an immutable,
+  stateless, read-only, unprivileged container for maximum security and
+  reliability.
+* [OSGi](https://www.osgi.org/)-ready.
+* [JPMS](https://en.wikipedia.org/wiki/Java_Platform_Module_System)-ready.
+* ISC license.
+
+## Usage
+
+See the [documentation](https://www.io7m.com/software/idstore).
diff --git a/README.md b/README.md
@@ -14,3 +14,42 @@ idstore
 | OpenJDK (Temurin) LTS | Linux | [![Build (OpenJDK (Temurin) LTS, Linux)](https://img.shields.io/github/actions/workflow/status/io7m-com/idstore/main.linux.temurin.lts.yml)](https://www.github.com/io7m-com/idstore/actions?query=workflow%3Amain.linux.temurin.lts)|
 | OpenJDK (Temurin) Current | Windows | [![Build (OpenJDK (Temurin) Current, Windows)](https://img.shields.io/github/actions/workflow/status/io7m-com/idstore/main.windows.temurin.current.yml)](https://www.github.com/io7m-com/idstore/actions?query=workflow%3Amain.windows.temurin.current)|
 | OpenJDK (Temurin) LTS | Windows | [![Build (OpenJDK (Temurin) LTS, Windows)](https://img.shields.io/github/actions/workflow/status/io7m-com/idstore/main.windows.temurin.lts.yml)](https://www.github.com/io7m-com/idstore/actions?query=workflow%3Amain.windows.temurin.lts)|
+
+## idstore
+
+The `idstore` package provides an identity server for centralized
+authentication.
+
+## Features
+
+* Simple, centralized identity storage and password checking. Passwords are
+  securely stored using PBKDF2.
+* Email-based password reset functionality with a minimalist web interface.
+* Full API access for all operations: Separate user-facing and
+  administrator-facing APIs are exposed on different ports and are accessed
+  using an efficient binary protocol over HTTP.
+* Full Java API for performing user and administrative operations.
+* Strong separation between administrators and users.
+* Fine-grained capability based security model for administrative operations;
+  Safely write external services that can perform administrative operations
+  while maintaining the principle of least privilege.
+* Command-line administrative shell.
+* Complete audit log; every operation that changes the state of the system is
+  logged in an append-only log.
+* Fully instrumented with [OpenTelemetry](https://opentelemetry.io/).
+* A small, easily auditable codebase with a heavy use of modularity for
+  correctness.
+* An extensive automated test suite with high coverage.
+* Platform independence. No platform-dependent code is included in any form,
+  and installations can largely be carried between platforms without changes.
+* [OCI](https://opencontainers.org/)-ready: Ready to run as an immutable,
+  stateless, read-only, unprivileged container for maximum security and
+  reliability.
+* [OSGi](https://www.osgi.org/)-ready.
+* [JPMS](https://en.wikipedia.org/wiki/Java_Platform_Module_System)-ready.
+* ISC license.
+
+## Usage
+
+See the [documentation](https://www.io7m.com/software/idstore).
+
diff --git a/src/site/resources/features.xml b/src/site/resources/features.xml
@@ -2,8 +2,57 @@
 
 <div xmlns="http://www.w3.org/1999/xhtml">
   <ul>
-    <li><a href="https://www.osgi.org/">OSGi</a>-ready</li>
-    <li><a href="https://en.wikipedia.org/wiki/Java_Platform_Module_System">JPMS</a>-ready</li>
-    <li>ISC license</li>
+    <li>
+      Simple, centralized identity storage and password checking. Passwords are securely stored using PBKDF2.
+    </li>
+    <li>
+      Email-based password reset functionality with a minimalist web interface.
+    </li>
+    <li>
+      Full API access for all operations: Separate user-facing and administrator-facing APIs are exposed on different
+      ports and are accessed using an efficient binary protocol over HTTP.
+    </li>
+    <li>
+      Full Java API for performing user and administrative operations.
+    </li>
+    <li>
+      Strong separation between administrators and users.
+    </li>
+    <li>
+      Fine-grained capability based security model for administrative operations; Safely write external services that
+      can perform administrative operations while maintaining the principle of least privilege.
+    </li>
+    <li>
+      Command-line administrative shell.
+    </li>
+    <li>
+      Complete audit log; every operation that changes the state of the system is logged in an append-only log.
+    </li>
+    <li>
+      Fully instrumented with <a href="https://opentelemetry.io/">OpenTelemetry</a>.
+    </li>
+    <li>
+      A small, easily auditable codebase with a heavy use of modularity for correctness.
+    </li>
+    <li>
+      An extensive automated test suite with high coverage.
+    </li>
+    <li>
+      Platform independence. No platform-dependent code is included in any form, and installations can largely be
+      carried between platforms without changes.
+    </li>
+    <li>
+      <a href="https://opencontainers.org/">OCI</a>-ready: Ready to run as an immutable, stateless, read-only,
+      unprivileged container for maximum security and reliability.
+    </li>
+    <li>
+      <a href="https://www.osgi.org/">OSGi</a>-ready.
+    </li>
+    <li>
+      <a href="https://en.wikipedia.org/wiki/Java_Platform_Module_System">JPMS</a>-ready.
+    </li>
+    <li>
+      ISC license.
+    </li>
   </ul>
 </div>