New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change default rekor type for attestations from 'intoto:0.0.2' to 'dsse' #526

Open

bobcallaway opened this issue May 29, 2023 · 0 comments · May be fixed by #631

Labels

Member

bobcallaway commented May 29, 2023

Description

This has not been rolled out into the production sigstore environment yet, but it is available in staging (rekor.sigstage.dev).

sigstore/rekor#1487 added support for a new pluggable type dsse which has the following benefits:

The JSON schema more clearly separates the proposed entry from what is persisted to simplify client expectations
The DSSE envelope is provided as a JSON string, rather than double-encoding values in base64
The DSSE envelope is not stored by Rekor; this is to set the client expectation that attestation storage in Rekor should not be relied upon for attestation discovery.

The text was updated successfully, but these errors were encountered:

bobcallaway added the enhancement label

bobcallaway mentioned this issue

Adds support for new Rekor 'dsse' entry type #527

Merged

bobcallaway mentioned this issue

change default Rekor entry type for intoto attestations to 'dsse' #552

Closed

bdehamer linked a pull request

that will close this issue

use 'dsse' as the default rekor type when signing #631

Draft

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment