-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move the ssh signing/verification utilities to sigstore from rekor. #141
Conversation
I like this (and am supportive of moving over the rest of |
Yeah I don't think we need to move allllll of it over. This one was particularly ripe for a move though because we don't even use the Sign function other than for tests of Verify. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM FWIW
also lgtm, do we need to coordinate a removal PR from rekor? |
Thanks for the reminders - cleaned up the last TODOs. |
SSH signing has started to gain momentum with support in git! We have an implementation in rekor that works, but it probably doesn't belong there. Let's move it here and realign it with our sigstore signing APIs. Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>
PTAL, should be good now! |
SSH signing has started to gain momentum with support in git! We have an implementation
in rekor that works, but it probably doesn't belong there. Let's move it here and realign
it with our sigstore signing APIs.
Signed-off-by: Dan Lorenc lorenc.d@gmail.com
Summary
Ticket Link
Fixes
Release Note