-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Delegate "validity" to signing key certificates #222
Comments
Absent a way to revoke a certain CoRIM, we must have a mechanism to timebomb it. That mechanism is the validity-map. (Even if an explicit revocation mechanism existed, the timebomb is still a useful defense.) |
Clarifying question: Is the proposal to require the supply chain to mint a one-shot, short-term certificate for every CoRIM? |
Not necessarily every CoRIM, but perhaps with every CoRIM bundle created for a release, yes. This is common practice for code signing. |
Alternatively, whatever notion of validity a profile wants can be added later. There really should be a core and extended form of CoRIM for all these bells and whistles. |
I think that the lifetime of the information asserted in a CoRIM is a basic feature and should be provided (at least in some crude form) by the base spec. |
Okay, can we say this issue is to move validity-map and uses to a Lifetime management section to discuss its use? It seems there is no removing anything at this point, but we can at least give interpretations as meant by the default (DICE) profile. |
I'm going to close this as a dupe for #236 given the change in direction. |
We should remove
validity-map
entirely. The validity of a signature is the purview of the PKI only. Validity without a signature is irrelevant.The text was updated successfully, but these errors were encountered: