Skip to content
This repository has been archived by the owner on Feb 21, 2023. It is now read-only.

Refine definition of feed #36

Closed
SteveLasker opened this issue Nov 16, 2022 · 2 comments
Closed

Refine definition of feed #36

SteveLasker opened this issue Nov 16, 2022 · 2 comments

Comments

@SteveLasker
Copy link

A feed is a great base for how we can create a series of statements for different artifacts, getting freshness for a receipt/or VEX report.
The current definition likely needs to expand a bit to account for:

  • What are the versions of a specific artifact
  • What are all the statements for a version of an artifact
  • What is the latest statement for a specific contentType of a specific versioned artifact: (eg: what's the latest VEX for the net-monitor:v1 software?
  • If the contentType is a referenced statement by reference, which stores SBOMs, VEX, Scan Reports, how do we drill into each if they all use the same payload contentType of satementByReference?
@SteveLasker SteveLasker mentioned this issue Nov 16, 2022
Closed
@yogeshbdeshpande
Copy link
Contributor

@SteveLasker To move this to new repo with correct definition of the problem statement

@SteveLasker SteveLasker mentioned this issue Feb 21, 2023
Closed
@SteveLasker
Copy link
Author

Closing as this has been copied over to: ietf-wg-scitt/draft-ietf-scitt-architecture#11

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SteveLasker @yogeshbdeshpande