-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
keyid is not Optional in securesystemslib Signature #416
Comments
Related to #409 (comment) |
Thanks for posting this issue, @PradyumnaKrishna! Here's what I think:
|
My comment above only talks about keyids in signatures, but the issue description also seems to discuss keyids in public keys. FYI: I captured some thoughts about the latter in #310 (comment) |
Description of issue or feature request:
As per DSSE signing-spec
keyid
field must be optional and treated the same as set-but-empty. Currently, securesystemslib Signature and Key Schema don't havekeyid
as optional.create_signature()
andverify_signature()
method inkeys.py
require them to create and verify signatures.Current behavior:
There is no support for
keyid
as optional field in securesystemslib formats forSIGNATURE
, orKEY_SCHEMA
(e.g.ANYKEY_SCHEMA
in formats.py).securesystemslib/securesystemslib/formats.py
Lines 220 to 227 in 6f14522
Expected behavior:
securesystemslib should mark
keyid
field as optional, which can be any string not just hex? or provide good alternatives to current methods for creation or verification of signatures that doesn't requireskeyid
.Linked Discussion: in-toto#2 (comment)
The text was updated successfully, but these errors were encountered: