zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-04 08:52:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

Create a Project README

Browse source
This commit is contained in:
Colin Murphy 2022-08-05 14:44:47 -04:00 committed by GitHub
parent 1d2ddc660a
commit dbfe8995df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 39 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

39
docs/product/18FBuild_README.md Normal file
View file

@ -0,0 +1,39 @@
# Background
CISA and 18F are partnering to build a new .gov registrar.
# Goals for 18F Build (as of 08/04/2022)
**Primary Goal:** Replicate the necessary core functionality in a new system
**Secondary Goal:** Reduce the CISA admin burden while maintaining high security standards
Deprioritized for later:
* Make getting a .gov domain as easy as getting a .com or .us
* Help more government entities set up and maintain their .gov site and infrastructure
* Build awareness and credibility of .gov domains
# Milestones
_To be prioritized and posted_
# Considerations and Tradeoffs
## Success for 18F is...
* A new system that
* Can respond to user needs for all long term goals
* Can reduce the number of actors or decisions in a successful flow
* Upholds a security review process for getting a .gov domain
* Meets code and accessibility standards + open source policy
* Lays the foundation for a “a simple and secure registration process that works to ensure that domains are registered and maintained only by authorized individuals (Dotgov Act)”
* Supporting 1-2 registrant and admin flows with limited improvement and automation, based on value and complexity
* Has or is ready for an ATO
* Coordinating and navigating with procurement processes (RFPs and current vendor agreement)
## Risks
* App may be supported by a combination of manual work and automation, not fully automated
* Scope creep we build a system that cant be ATOd prior to June or Nov 2023
* We build out a narrow slice of the system, which may be insufficient for all registrant and administrative use cases
* We wouldnt be intentionally and directly focused on or prioritizing improving the registrant / admin experience
## Example User Stories (to be prioritized)
* As a potential registrant, I want to learn what I should know about .gov so I can build support inside my organization to get a .gov domain.
* As a registrant, I need the registrar to have strong user authentication so that sensitive domain- or account-impacting actions take place post-authentication.
* As a program lead, I need to ensure that issued domains are from authentic, eligible organizations and requested by someone with authority so that domains are only given to bona fide US-based government organizations.
* As a program lead, I need to run queries on .gov data to ensure alignment with program, agency, and Congressional reporting requirements.
* As a program lead, I want to be able to send messages to individuals, groups, or all registrants so they are aware of important information: status emails (system downtime, etc.) to updates to status of an application. (PENDING, APPROVED, etc.).