-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support arbitrary blob signing #283
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @rgnote
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like changes related to trust policy version 1.1 is not included in this PR?
/cc: @yizha1 @priteshbandi
Nvm, just notice that there will be other PRs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @rgnote just one comment. Overall looks good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall LGTM, added some nits
@rgnote maybe we missed the updates on the following documents |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. We can open PRs for other specifications.
@yizha1 Actually, made changes to rest of the specs in this PR itself. Please review when you get a chance. https://github.com/notaryproject/specifications/blob/main/specs/signing-and-verification-workflow.md |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed signature spec and signing/verification workflow. Yet to review trust store and policy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done reviewing all changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Added minor comments.
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
* Update threat model to add rollback attack Signed-off-by: Pritesh Bandi <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: Toddy Mladenov <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Co-authored-by: Patrick Zheng <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]>
Signed-off-by: rgnote <[email protected]>
Co-authored-by: Pritesh Bandi <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]>
Co-authored-by: Pritesh Bandi <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]>
Co-authored-by: Pritesh Bandi <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]>
Co-authored-by: Pritesh Bandi <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
Signed-off-by: rgnote <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thanks @rgnote for working through iterations and getting a final version out!
CLI Spec updated for Arbitrary blob signing. Proposal https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec and https://hackmd.io/@-KPyDkW6QfGA-pldFa13pA/ByuHffALa Signing Scheme and trust policy updates : notaryproject/specifications#283 Signed-off-by: rgnote <[email protected]> --------- Signed-off-by: rgnote <[email protected]> Signed-off-by: Patrick Zheng <[email protected]> Signed-off-by: Feynman Zhou <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Cameron Rozean <[email protected]> Signed-off-by: Yi Zha <[email protected]> Signed-off-by: Rakesh Gariganti <[email protected]> Signed-off-by: Junjie Gao <[email protected]> Signed-off-by: Toddy Mladenov <[email protected]> Co-authored-by: Patrick Zheng <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Feynman Zhou <[email protected]> Co-authored-by: Cameron Rozean <[email protected]> Co-authored-by: Yi Zha <[email protected]> Co-authored-by: Shiwei Zhang <[email protected]> Co-authored-by: Milind Gokarn <[email protected]> Co-authored-by: Junjie Gao <[email protected]> Co-authored-by: Toddy Mladenov <[email protected]> Co-authored-by: Pritesh Bandi <[email protected]>
Spec updates for Arbitrary blob signing. Proposal https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec
Issue : #281
Signed-off-by: rgnote [email protected]