secure-systems-lab/dsse issues and pull requests

#58 - Process to enhance DSSE

Issue - State: open - Opened by adityasaky over 1 year ago - 2 comments

#57 - DSSE Maintainers

Issue - State: open - Opened by adityasaky over 1 year ago

#56 - envelope: unify `payload` language

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 2 comments

#55 - reconsider threshold (aka multi-sig) verification

Issue - State: open - Opened by jku almost 2 years ago - 7 comments

#54 - Feature: generate DSSE language clients from the protobuf

Issue - State: open - Opened by kommendorkapten about 2 years ago - 4 comments

#53 - Have you considered signing a hash digest of the payload instead of the payload itself?

Issue - State: closed - Opened by jsmith97 over 2 years ago - 3 comments

#52 - Clarify multi-signature ignores duplicate keys.

Pull Request - State: closed - Opened by MarkLodato over 2 years ago

#51 - "DSSE Multi-signature Verification" protocol lacks detail about threshold verification

Issue - State: closed - Opened by lukpueh over 2 years ago - 3 comments

#50 - Add support for x509 certificates in DSSE

Pull Request - State: open - Opened by asraa over 2 years ago - 7 comments

#49 - Specify DSSE Signature encoding in the Protocol or as a Parameter

Issue - State: open - Opened by CrossedSecurity over 2 years ago - 6 comments

#48 - Update proto signature comment to use DSSEv1 ASCII PAE encoding

Pull Request - State: closed - Opened by patricklawsongoogle about 3 years ago

#47 - Update adoption status, add links to implementations

Pull Request - State: closed - Opened by adityasaky about 3 years ago

#46 - Clarify comments regarding PASETO and PAE.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#45 - Procedures to Verify Envelopes

Pull Request - State: closed - Opened by shizhMSFT over 3 years ago - 4 comments

#44 - Document the sigstore/sigstore client libraries?

Issue - State: closed - Opened by dlorenc over 3 years ago - 3 comments

#43 - Clarify design philosphy

Issue - State: open - Opened by MarkLodato over 3 years ago

#42 - Add field for certificate chains, or explain alternative solution

Issue - State: open - Opened by MarkLodato over 3 years ago - 26 comments
Labels: enhancement

#41 - Clarify verification on multiple signatures in a envelope

Pull Request - State: closed - Opened by shizhMSFT over 3 years ago - 3 comments

#40 - How to verify an envelope properly?

Issue - State: closed - Opened by shizhMSFT over 3 years ago - 5 comments

#39 - Extending DSSE to accept optional signature specific metadata

Issue - State: open - Opened by shizhMSFT over 3 years ago - 26 comments

#38 - Allow signature-less envelopes.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago - 2 comments

#37 - Rename to DSSE, update PAE, mark as v1

Pull Request - State: closed - Opened by MarkLodato over 3 years ago - 32 comments

#36 - Envelope headers

Issue - State: closed - Opened by iamwillbar over 3 years ago - 6 comments
Labels: wontfix

#35 - Communicating signing algorithm and parameters

Issue - State: closed - Opened by iamwillbar over 3 years ago - 10 comments

#34 - Add envelope version

Issue - State: open - Opened by iamwillbar over 3 years ago - 8 comments

#33 - Design: Where to put timestamps in envelope?

Issue - State: open - Opened by dlorenc over 3 years ago - 23 comments

#32 - Better explain why not JWS.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#31 - payloadType: promote media type; use ITE-5 value

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#30 - Reimplement and fix reference implementation in Python.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#29 - Wrong signature in example?

Issue - State: closed - Opened by kommendorkapten over 3 years ago - 1 comment

#28 - Create a reference implementation and test vectors

Issue - State: closed - Opened by MarkLodato over 3 years ago - 4 comments

#27 - Use a simpler PAE

Issue - State: closed - Opened by MarkLodato over 3 years ago - 11 comments

#26 - Relax URI requirement on payloadType

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#25 - Relax URI requirement on payloadType?

Issue - State: closed - Opened by MarkLodato over 3 years ago - 5 comments

#24 - Create a protobuf schema.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago - 2 comments

#23 - Split specification.md into three separate files.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago

#22 - Update date to tag v0.1.0

Pull Request - State: closed - Opened by adityasaky over 3 years ago

#21 - What comes before v1.0?

Issue - State: closed - Opened by adityasaky over 3 years ago - 12 comments

#20 - Add data structure and convention associating multiple messages with an artifact

Issue - State: closed - Opened by MarkLodato over 3 years ago - 4 comments

#19 - Remove backwards compatibility mode.

Pull Request - State: closed - Opened by MarkLodato over 3 years ago - 5 comments

#18 - Define spec in protobuf

Issue - State: closed - Opened by colek42 almost 4 years ago

#17 - Explain the project in more detail

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago - 1 comment

#16 - Choose a more specific name than "signing-spec"

Issue - State: closed - Opened by lukpueh almost 4 years ago - 12 comments

#15 - Add "design requirements" section.

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago - 5 comments

#14 - Re-think use of "Backwards Compatibility" and replace with something more appropriate

Issue - State: closed - Opened by adityasaky almost 4 years ago - 4 comments

#13 - Replace magic payloadType with explicit sigType.

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago - 14 comments

#12 - Minor cleanups to the specification

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago

#11 - Fully specify all fields within `signatures`

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago

#9 - Specify revised public key metadata formats

Issue - State: open - Opened by lukpueh almost 4 years ago - 2 comments

#8 - Use an exact match for backwards-compatible-json.

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago - 15 comments

#7 - Fully specify all encodings.

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago

#6 - Fix Markdown syntax for link references.

Pull Request - State: closed - Opened by MarkLodato almost 4 years ago - 1 comment

#5 - Backwards compatible `payloadType` should be an exact match

Issue - State: closed - Opened by MarkLodato almost 4 years ago - 3 comments

#4 - Specify the other fields of `signature`

Issue - State: closed - Opened by MarkLodato almost 4 years ago - 1 comment

#3 - Clarify encoding of payload type in PAE

Issue - State: closed - Opened by MarkLodato almost 4 years ago - 1 comment

#2 - Add initial draft of specification based on ITE-5

Pull Request - State: closed - Opened by adityasaky about 4 years ago - 6 comments

#1 - What is secure-systems-lab/signing-spec?

Issue - State: closed - Opened by lukpueh about 4 years ago - 20 comments

GitHub / secure-systems-lab/dsse issues and pull requests