Hayden B
Hayden B
I don't think this should be relevant anymore and we haven't seen this issue in some time. Closing.
Idea, it hasn’t been created yet. However, it was meant for debugging purposes and would be internal, not for public consumption, probably using Cloud Monitoring. If you want it for...
@jku this will be resolved when we switch to tuf-on-ci, yea?
Yea, this issue was just about TUF specification conformance, that currently `root.json` is included in the list of files that the snapshot is signed over. Looks like the snapshot generated...
Are there particular areas to log that would be helpful?
Closing as we didn’t have any specific suggestions and this is not outdated.
@kommendorkapten I think this is still relevant, could we use `trtool` to verify the trusted root file?
Yes, we should test this first there.
Yea, didn't know if I should put this in sigstore/sigstore or here, I'd rather just discuss here cause this is where most TUF work happens now. This is specifically about...