You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, when COSIGN_EXPERIMENTAL=1 is set, content is always published to rekor. However, when --upload=false, it should be possible to not only support storing image signatures and certificates locally, but the necessary details to avoid needing to communicate with rekor.
Assumptions:
COSIGN_EXPERIMENTAL=1 set
Discussion:
Support is needed to avoid uploading to tlog when --upload=false is set
Verification always assumes that content is stored in the tlog. Verification will fail if content is not available.
sign-blob contains the functionality to store a bundle to disk through the --bundle flag. Feature should also be implemented in sign. When verifying, bundle can either be provided from disk or from rekor to avoid communication if needed
The text was updated successfully, but these errors were encountered:
Currently, when
COSIGN_EXPERIMENTAL=1
is set, content is always published to rekor. However, when--upload=false
, it should be possible to not only support storing image signatures and certificates locally, but the necessary details to avoid needing to communicate with rekor.Assumptions:
COSIGN_EXPERIMENTAL=1
setDiscussion:
--upload=false
is setsign-blob
contains the functionality to store a bundle to disk through the--bundle
flag. Feature should also be implemented insign
. When verifying, bundle can either be provided from disk or from rekor to avoid communication if neededThe text was updated successfully, but these errors were encountered: