You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We can use the TUF root of trust to create namespaced delegations to Fulcio identities for particular artifacts. This would allow verifiers to determine which identity should be signing a given artifact.
To do so, we need a couple of things:
delegation from the TUF root of trust to a role that will create these delegations (related to Delegation tracking issue #398)
tuf-on-ci itself supports this already (its is experimental since very few clients support the TAP) so repositories like this can be setup in minutes right now...
However
I suggest that we don't use this feature in root-signing
The specification and client support required is going to take effort that is not really a root-signing issue anyway
We can use the TUF root of trust to create namespaced delegations to Fulcio identities for particular artifacts. This would allow verifiers to determine which identity should be signing a given artifact.
To do so, we need a couple of things:
The text was updated successfully, but these errors were encountered: