Signed link generation #30
Comments
|
Hello, I am Jigar and would like to contribute in this project. It would be really helpful if you could point me to some resources which I can read to know more about the project. Currently found these all resources:
Are there any othes which you might suggest? |
|
Thanks for your interest, @Jigar3! in-toto/in-toto#284 provides an overview of available documentation. You can find more talk recordings on the in-toto website (in-toto.io). I also recommend you to take a look at the Let me know if you have any questions! |
|
Thanks @lukpueh for providing resources, will definitely look into them and get back to you with any questions I may have. |
|
Signed Link generation should have been adressed in #56. I think we can close this issue: |
* Mark necessary flags as required for run and verify commands * Allow intermediates to be supplied at verification time We want to support the case where an intermediate was rotated or newly created but still establishes trust back to the root in the signed layout.
Description of issue or feature request: The current implementation can only generate unsigned links for the sake of inspections. Although this is enough to perform verification it is not the complete functionality required for use by functionaries.
Current behavior: There are no library functions to generate and sign in-toto link metadata. (only to run inspections)
Expected behavior: A function or group of functions should be available to generate and sign in-toto link metadata.
The text was updated successfully, but these errors were encountered: