--insecure-ignore-sct=true required to verify in v2.2.1 when using own keys

[federico-falconieri-form3]

Description

In v2.2.1 I fail to verify when using my own keys and my own rekor instance with an error about ctlog public key not being available. However I can verify successfully with the --insecure-ignore-sct=true in v2.2.1. I'm working with my own deployment of sigstore, using the scaffold chart: that is trillian, ctlog, rekor, fulcio and tuf. I did not configure ctlog ingress, which may explain the error message?

First initialise cosign, generate the keys and then sign. Everything ok.

cosign initialize --mirror=$TUF_URL --root=$TUF_URL/root.json
cosign generate-key-pair --output-key-prefix=classic
cosign sign --rekor-url=$REKOR_URL --tlog-upload=true --yes --key=classic.key $IMAGE_URI

Then I verify:

1. without the --insecure-ignore-sct=true flag both version fail:

cosign verify --rekor-url=$REKOR_URL --key=classic.pub $IMAGE_URI
# v.2.2.0 and v2.2.1 fail with same error
**Warning** Missing fallback target ctfe.pub, skipping
Error: getting ctlog public keys: no matching targets by custom metadata, fallbacks not found: ctfe.pub
main.go:74: error during command execution: getting ctlog public keys: no matching targets by custom metadata, fallbacks not found: ctfe.pub

2. with the --insecure-ignore-sct=true only 2.2.1 fail

cosign verify --rekor-url=$REKOR_URL --key=classic.pub $IMAGE_URI --insecure-ignore-sct=true
# v2.2.0
(...) truncated
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The signatures were verified against the specified public key
# v.2.2.1 fails with same error
**Warning** Missing fallback target ctfe.pub, skipping
Error: getting ctlog public keys: no matching targets by custom metadata, fallbacks not found: ctfe.pub
main.go:74: error during command execution: getting ctlog public keys: no matching targets by custom metadata, fallbacks not found: ctfe.pub

I think the behaviour in 2.2.1 is a bug. But also I do not understand why the --insecure-ignore-sct=true is required in 2.2.0. I understand that rekor works as a timestamp authority... so why does one need that flag? I think this is similar or at least related to #3236 and possibly to #3368

Version

v2.2.0 and v2.2.1

[federico-falconieri-form3]

I now believe the culprit is sigstore/scaffolding#873, this is not an issue in cosign. On the other hand the different behaviour between 2.2.0 and 2.2.1 may be interesting to the maintainers, so I will keep the issue open

[haydentherapper]

Thanks for filing, #3236's logic is flipped, we shouldn't require CT log keys if a key is provided.