Commit e3eb6b4
docs(architecture): NFR review fixes — SEC-44 timing, SEC-45/39 cross-ref, measurability
Applies the duplication / contradiction / slop review findings:
- SEC-44: the ≤1 min revoke bound applied to all token classes was wrong for
the Session JWT (host-side JWT revoke is ≤5 min per SEC-04). Restate: the
pre-snapshot JWT is invalid at resume by construction; only the custody/
storage lease carries the ≤1 min (SEC-29) replay bound.
- SEC-45 ⊃ SEC-39: add a bidirectional cross-reference so the operator-action
audit set and the tier-downgrade alarm do not read as duplicate controls.
- SEC-46: bind the "≤10% degradation" target to a named SLI (p99-latency
regression vs the NFR-PERF baseline).
- SEC-58: drop the "documented in datasheet" clause from the Target (a
deliverable, not a measurable bar).
- SEC-57: drop "zero reliance on payload inspection" from the Target (a design
constraint already stated in the Scenario).
- SEC-56 / SEC-49: add one disambiguating clause each (vs SEC-46 data-plane
limits; vs SEC-51 structural validation).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent d298bb1 commit e3eb6b4
1 file changed
Lines changed: 8 additions & 8 deletions
0 commit comments