-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redo staging TUF root to not contain deprecated keys #140
Comments
SGTM. I would recommend we simply duplicate the key (example below), and instruct clients to ignore any keys whose If we choose to wipe the log, we'll modify the set of trusted keys later to remove the duplicate, or wait until all clients have been updated to support the new Extra key:
|
Key generated with https://go.dev/play/p/O-xYbvvgCaY |
I believe Here's where we naively load keys, whether PEM or DER: and (This is entirely non-ideal 😅 -- I think it predates TUF and the trusted root significantly. I'll look into refactoring it to make sure that we both handle |
FWIW, in Golang, we'll likely do the same, because the standard libraries do a great job of abstracting away details about the key algorithm that we don't need any hints. And where the standard libraries don't handle encodings like PKIX vs PKCS, we made sigstore/sigstore as another abstraction. So I guess we need to let clients know to fail gracefully regardless if they want to look at keyDetails or blindly load in keys - either approach seems fine! |
Sigstore JavaScript respects the key type as the underlying crypto package needs the information when parsing DER encoded data. |
Description
As clients add support for
--staging
, they will need to support the staging TUF root, which today includes a key of typePKCS1_RSA_PKCS1V5
which is deprecated in protobuf-specs v0.3.x.As clients adopt protobuf-specs v0.3.x, instead of having them add support for a deprecated key type, we could re-make the staging root to not use deprecated keys. We probably do want at least 2 ctlog keys, one of which is outside of its valid time range, to ensure clients are properly verifying keys that were previously valid.
The text was updated successfully, but these errors were encountered: