Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use tuf to init signer and verifier #492

Merged
merged 1 commit into from
Sep 8, 2023
Merged

Conversation

loosebazooka
Copy link
Member

@loosebazooka loosebazooka commented Sep 7, 2023

This does not the solve the problem of TUF going out of date while a long long signing operation is in progressr. I believe we'd have to work that into something similar to the certificate caching mechanism.

~~ needs #493 ~~
here's the diff with the original signer and verifier: https://github.com/sigstore/sigstore-java/compare/diffbase-for-keyless2..tuf-in-keyless-workflows

@loosebazooka loosebazooka force-pushed the tuf-in-keyless-workflows branch from 3e3d622 to 6f937e7 Compare September 7, 2023 03:07
Signed-off-by: Appu Goundan <appu@google.com>
@loosebazooka loosebazooka force-pushed the tuf-in-keyless-workflows branch from 6f937e7 to 34dcb33 Compare September 7, 2023 16:43
@loosebazooka loosebazooka changed the base branch from main to diffbase-for-keyless2 September 7, 2023 16:45
@loosebazooka loosebazooka changed the base branch from diffbase-for-keyless2 to main September 7, 2023 16:45
@loosebazooka loosebazooka merged commit dfe3807 into main Sep 8, 2023
@loosebazooka loosebazooka deleted the tuf-in-keyless-workflows branch September 8, 2023 03:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants