You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The layout defines generic supply chain policies, i.e. any package must be rebuilt by n rebuilders, and the corresponding attestations must be signed with the keys authorized by the layout.
As root of trust for the supply chain verification, the layout itself must be signed by at least one key, which is available in the system key chain and the corresponding keyid(s) must be defined in the config file.
Current behavior:
Default layout is not signed and default config authorizes a dummy keyid. As a consequence, in-toto verification performed by the transport will immediately fail, because the first step in the verification routine is checking the layout signature(s).
Note: regardless of the default layout, users can aways change the layout locally, sign it with their own key and specify the keyid in the config file accordingly.
Expected behavior:
Default layout is signed by at least one Debian maintainer and the corresponding keyid(s) are listed in the config file.
The text was updated successfully, but these errors were encountered:
Description of issue or feature request:
During installation a default layout (data/root.layout) and config file (data/intoto.conf) are copied to the system.
The layout defines generic supply chain policies, i.e. any package must be rebuilt by n rebuilders, and the corresponding attestations must be signed with the keys authorized by the layout.
As root of trust for the supply chain verification, the layout itself must be signed by at least one key, which is available in the system key chain and the corresponding keyid(s) must be defined in the config file.
See #13 for more details.
Current behavior:
Default layout is not signed and default config authorizes a dummy keyid. As a consequence, in-toto verification performed by the transport will immediately fail, because the first step in the verification routine is checking the layout signature(s).
Note: regardless of the default layout, users can aways change the layout locally, sign it with their own key and specify the keyid in the config file accordingly.
Expected behavior:
Default layout is signed by at least one Debian maintainer and the corresponding keyid(s) are listed in the config file.
The text was updated successfully, but these errors were encountered: