-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarifying/reducing agility in a few more messages #38
Comments
re: re: Is |
Not that I can see either 🙂 -- maybe there's somewhere that should have it that's currently missing, although the only place I can think of it being relevant is in the certificates themselves (and those are opaque DER blobs to the protobuf layer). |
Opened #39 for this -- I left |
The |
Will remove now! |
#30 is getting a little long, so I'm filing a separate issue to track some other potential changes to the current messages 🙂
LogId
Here's how
LogId
is currently defined:IMO, we probably don't want this agility: the message formats will probably have to change significantly anyways if and when Sigstore moves to CT 2.0, so we should probably limit
LogId
to just theSHA256(DER(pk))
format that CT 1.0 allows.HashAlgorithm
andSignatureAlgorithm
Here's how these are currently defined:
I might be wrong about this, but I believe we don't need SHA2-512 or RSA PSS: neither of these is mentioned in the CT RFCs. But it's possible these show up in certificates anyways; cc @haydentherapper for thoughts on these.
The text was updated successfully, but these errors were encountered: