Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for ClientTrustConfig #185

Closed
haydentherapper opened this issue May 21, 2024 · 1 comment · Fixed by #367
Closed

Add support for ClientTrustConfig #185

haydentherapper opened this issue May 21, 2024 · 1 comment · Fixed by #367
Assignees
@haydentherapper
Labels
enhancement New feature or request

Comments

@haydentherapper
Copy link
Contributor

Description

A ClientTrustConfig message wraps a TrustRoot and a SigningConfig, the latter specifying which URLs should be contacted to fetch a signing certificate, fetch an identity token, log a signing event, and get a signed timestamp.

This standardizes support for bring-your-own-infrastructure without the need to configure each client or bake in any URLs from the public good infrastructure.
@haydentherapper haydentherapper added the enhancement New feature or request label May 21, 2024
@haydentherapper haydentherapper mentioned this issue May 21, 2024
Closed
haydentherapper added a commit to haydentherapper/sigstore-go that referenced this issue Dec 20, 2024
@haydentherapper
Add support for SigningConfig
03af4d5 
Created a simple wrapper around the protobuf SigningConfig. I mirrored
the existing code for TrustedRoot, though this is far simpler since
this is just a few strings.

I didn't add support for ClientTrustConfig since we won't distribute
this file via TUF, but this would be easy enough to add later on.

Fixes sigstore#185

Signed-off-by: Hayden Blauzvern <[email protected]>
@haydentherapper haydentherapper mentioned this issue Dec 20, 2024
Merged
@haydentherapper haydentherapper self-assigned this Dec 20, 2024
@haydentherapper
Copy link
Contributor Author

Created a PR for SigningConfig. We can omit ClientTrustConfig for now since the TUF root won't ship this file, this would only be for private use cases where both signing and verification configs are distributed by the same entity.

haydentherapper added a commit to haydentherapper/sigstore-go that referenced this issue Jan 9, 2025
@haydentherapper
Add support for SigningConfig
cd57778 
Created a simple wrapper around the protobuf SigningConfig. I mirrored
the existing code for TrustedRoot, though this is far simpler since
this is just a few strings.

I didn't add support for ClientTrustConfig since we won't distribute
this file via TUF, but this would be easy enough to add later on.

Fixes sigstore#185

Signed-off-by: Hayden Blauzvern <[email protected]>
haydentherapper added a commit to haydentherapper/sigstore-go that referenced this issue Jan 9, 2025
@haydentherapper
Add support for SigningConfig
6c8f5e4 
Created a simple wrapper around the protobuf SigningConfig. I mirrored
the existing code for TrustedRoot, though this is far simpler since
this is just a few strings.

I didn't add support for ClientTrustConfig since we won't distribute
this file via TUF, but this would be easy enough to add later on.

Fixes sigstore#185

Signed-off-by: Hayden Blauzvern <[email protected]>
haydentherapper added a commit that referenced this issue Jan 10, 2025
@haydentherapper
Add support for SigningConfig (#367)
f62d7f4 
* Add support for SigningConfig

Created a simple wrapper around the protobuf SigningConfig. I mirrored
the existing code for TrustedRoot, though this is far simpler since
this is just a few strings.

I didn't add support for ClientTrustConfig since we won't distribute
this file via TUF, but this would be easy enough to add later on.

Fixes #185

Signed-off-by: Hayden Blauzvern <[email protected]>

* bump conformance

Signed-off-by: Hayden Blauzvern <[email protected]>

---------

Signed-off-by: Hayden Blauzvern <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@haydentherapper haydentherapper

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for SigningConfig haydentherapper/sigstore-go
1 participant
@haydentherapper