Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix missing privacy statement, print in multiple locations #2622

Merged
merged 1 commit into from
Jan 12, 2023
Merged

Fix missing privacy statement, print in multiple locations #2622

merged 1 commit into from
Jan 12, 2023

Conversation

haydentherapper
Copy link
Contributor

The statement wasn't being printed, only the confirmation, so updated that and its spacing.

Additionally, I added the statement to be printed before using Fulcio in addition to Rekor. It'll only be printed once since we use sync.Once. The motivation for this is that Fulcio includes the certificate in its own CT log, so users should be prompted before. Otherwise, by the time they would say no to the Rekor prompt, the email would already be publicly logged.

Updates to #2580

Signed-off-by: Hayden Blauzvern hblauzvern@google.com

Summary

Release Note

Documentation

@haydentherapper
Fix missing privacy statement, print in multiple locations
5ee1a55 
The statement wasn't being printed, only the confirmation, so updated
that and its spacing.

Additionally, I added the statement to be printed before using Fulcio in
addition to Rekor. It'll only be printed once since we use sync.Once.
The motivation for this is that Fulcio includes the certificate in its
own CT log, so users should be prompted before. Otherwise, by the time
they would say no to the Rekor prompt, the email would already be
publicly logged.

Updates to sigstore#2580

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
asraa
asraa approved these changes Jan 12, 2023
View reviewed changes
Copy link
Contributor

@asraa asraa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AH gotcha, same privacy statement for Fulcio and for rekor upload.

@znewman01 znewman01 merged commit a4a3865 into sigstore:main Jan 12, 2023
@github-actions github-actions bot added this to the v1.14.0 milestone Jan 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@znewman01 znewman01 znewman01 approved these changes

@asraa asraa asraa approved these changes

@priyawadhwa priyawadhwa Awaiting requested review from priyawadhwa

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.14.0
Development

Successfully merging this pull request may close these issues.
3 participants
@haydentherapper @znewman01 @asraa