Hayden B
Hayden B
Would it be worthwhile creating a verification policy in protobuf-specs? We can start relatively barebones, something like: * List of tuple of (identity, issuer) * Issuer could have aliases for...
Hey @woodruffw, just wondering, are there any major blockers for this? Is there python support for rfc3161 timestamping?
We should also use the newly added expiration information and stop relying on the usage metadata for active vs expired.
Currently, the hash function is specified per signing (invocation of `Sign` or `SignMessage`), not per `Signer`. Is this proposing allowing you to set the hash function once for the `Signer`?
@malancas Any guesses? I don't have the environment to repro this.
@kommendorkapten Do you want to take a look at this PR? There's an open question of how this should interact with `PublicKeyDetails` ([thread](https://github.com/sigstore/protobuf-specs/pull/199#issuecomment-1909460347))
Two other possible approaches: * Go's [plugin support](https://pkg.go.dev/plugin). This notes that it only works on certain Linux distros and macOS so it's probably not the best approach * kubectl has...
The go-plugin library seems like the most promising solution. We haven't started working on this yet. Are you interested in implementing it?