-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support arbitrary blob signing #283
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @rgnote
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like changes related to trust policy version 1.1 is not included in this PR?
/cc: @yizha1 @priteshbandi
Nvm, just notice that there will be other PRs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @rgnote just one comment. Overall looks good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall LGTM, added some nits
@rgnote maybe we missed the updates on the following documents |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. We can open PRs for other specifications.
@yizha1 Actually, made changes to rest of the specs in this PR itself. Please review when you get a chance. https://github.com/notaryproject/specifications/blob/main/specs/signing-and-verification-workflow.md |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed signature spec and signing/verification workflow. Yet to review trust store and policy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done reviewing all changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Added minor comments.
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
* Update threat model to add rollback attack Signed-off-by: Pritesh Bandi <priteshbandi@gmail.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: Toddy Mladenov <toddysm@gmail.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Co-authored-by: Patrick Zheng <patrickzheng@microsoft.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Co-authored-by: Pritesh Bandi <priteshbandi@gmail.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com>
Co-authored-by: Pritesh Bandi <priteshbandi@gmail.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com>
Co-authored-by: Pritesh Bandi <priteshbandi@gmail.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com>
Co-authored-by: Pritesh Bandi <priteshbandi@gmail.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thanks @rgnote for working through iterations and getting a final version out!
CLI Spec updated for Arbitrary blob signing. Proposal https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec and https://hackmd.io/@-KPyDkW6QfGA-pldFa13pA/ByuHffALa Signing Scheme and trust policy updates : notaryproject/specifications#283 Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com> --------- Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com> Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com> Signed-off-by: Feynman Zhou <feynmanzhou@microsoft.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Cameron Rozean <rcrozean@gmail.com> Signed-off-by: Yi Zha <yizha1@microsoft.com> Signed-off-by: Rakesh Gariganti <5878554+rgnote@users.noreply.github.com> Signed-off-by: Junjie Gao <junjiegao@microsoft.com> Signed-off-by: Toddy Mladenov <toddysm@gmail.com> Co-authored-by: Patrick Zheng <patrickzheng@microsoft.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Feynman Zhou <feynmanzhou@microsoft.com> Co-authored-by: Cameron Rozean <rcrozean@gmail.com> Co-authored-by: Yi Zha <yizha1@microsoft.com> Co-authored-by: Shiwei Zhang <shizh@microsoft.com> Co-authored-by: Milind Gokarn <milind81@gmail.com> Co-authored-by: Junjie Gao <junjiegao@microsoft.com> Co-authored-by: Toddy Mladenov <me@toddysm.com> Co-authored-by: Pritesh Bandi <priteshbandi@gmail.com>
Spec updates for Arbitrary blob signing. Proposal https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec
Issue : #281
Signed-off-by: rgnote 5878554+rgnote@users.noreply.github.com