System Reform Open Questions (3 CEO Decisions)
Open Questions — 3 CEO Decisions Pending
OPEN QUESTION #1 — CRITICAL SECURITY
Timestamp: 2026-04-29T05:50:00Z
Project: client/lumiscare (repo: github.com/johnatbasicas/vivacare)
Decision needed: RSA private key files (MyPrivate.key, CAPrivate.key) are git-tracked and pushed to GitHub.
CEO action required:
- Determine if these keys are in use (do they protect any live SSL endpoint?)
- If yes: revoke and reissue immediately (treat as compromised)
- Remove from git history via git filter-repo (requires force push)
- Add *.key, *.pem to .gitignore in all client sub-projects
Blast radius: If keys are live SSL/TLS certs, they could be used for MITM attacks on whatever service they protect. If VivaCare/Lumiscare app, patient data could be at risk.
Recommendation: REVOKE IMMEDIATELY regardless of current use status. Exposed private keys are non-recoverable.
OPEN QUESTION #2 — bih-tenders sunset
Project: bih-tenders
Decision needed: CLAUDE.md says "Active" but MEMORY context confirms "BiH dead" post-Intesa/HR pivot. Should bih-tenders be formally deprecated and archived?
Recommendation: YES, deprecate. Mark status: "deprecated" in CLAUDE.md, run sunset procedure (Blueprint Section 4.9), archive project. No blast radius — not deployed, no customers.
OPEN QUESTION #3 — tools/ directory confusion
Project: ~/projects/tools/ vs ~/system/tools/
Decision needed: Should ~/projects/tools/ be renamed to ~/projects/autocoder/ or ~/projects/internal-tools/ to remove ambiguity?
Recommendation: Rename to ~/projects/autocoder/. This removes the naming collision with ~/system/tools/ (canonical ALAI runtime).
File location: /Users/makinja/system/specs/system-reform-open-questions.md
MC Task: #10043
Tags: system-reform-2026-04, MC-10043, petter-graff, CEO-decision
No comments to display
No comments to display