Registration Request: signature #51
Description
Relation Name
signature
Description
Refers to a resource that contains the context's cryptographic signature.
Reference
https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#7115-requirement-15-rolie-feed
Additional Information
The OASIS Common Security Advisories Framework (CSAF) Technical Committee (TC) has been chartered to standardize the implementation and exchange of security advisories. The automatic and fast discovery of relevant as well as actionable security advisories is an important step in the process of effectively mitigating and ultimately removing vulnerabilities as they become apparent. We are requesting the registration of a "signature" link type that would contain parameters and configuration requirements to allow this level of automated discovery. Resource-Oriented Lightweight Information Exchange (ROLIE) is a standard to ease discovery of security content. ROLIE is built on top of the Atom Publishing Format and Protocol, with specific requirements that support publishing security content. Each ROLIE feed document MUST be a JSON file that conforms with [RFC8322]. Any existing signature file (requirement 19) MUST be listed in the corresponding entry of the ROLIE feed as an item of the array link having the rel value of signature.
For further reference, the CSAF version 2.0 OASIS Standard is always available at: https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html