Skip to content
This repository has been archived by the owner on Apr 9, 2024. It is now read-only.

Verify that a provenance is signed by a Trusted Builder #200

Open
mariaschett opened this issue Dec 23, 2022 · 0 comments
Open

Verify that a provenance is signed by a Trusted Builder #200

mariaschett opened this issue Dec 23, 2022 · 0 comments
Labels
endorser

Comments

@mariaschett
Copy link
Contributor

We can get inspiration from the check in verifySignedAttestation in SLSA.

However, we do want to avoid fetching information from Rekor, if possible.
@mariaschett mariaschett self-assigned this Dec 23, 2022
@mariaschett mariaschett removed their assignment Jan 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
endorser
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mariaschett @rbehjati