Hayden B
Hayden B
@steiza Good to close?
We might also want to split out parsing errors from verification errors. For example, for timestamp verification, we will skip a timestamp either if it is an invalid RFC3161 structure...
At the sigstore-go meeting, we discussed that `VerificationResult` currently contains metadata that is verified. @phillmv pointed out that this struct could be passed to a policy controller for further evaluation....
I agree that an empty VerificationMaterials should cause a test failure as at least a key hint or certificate should be required. Could this be because we need to add...
Will not be doing this for v1.0. Follow up is to look into [protovalidate](https://github.com/bufbuild/protovalidate/).
That's a good point, I would say that this issue is blocked until Rekor adds a method on the Entries interface for both `Validate()` and `Signature()` (also needed [here](https://github.com/sigstore/sigstore-go/blob/f7518a68b37b7887b69e1607b9ddb668ddec117d/pkg/tlog/entry.go#L177-L190)). I'll...
Rekor v1's libraries are no longer actively developed. What we have here is sufficient.
Closing - This is an overall goal for all projects within sigstore.
Thanks for getting this implemented! I'll take a look shortly.
> At the moment (at least as far I understand / have seen) entries which match ANY constraint will be added to matchedEntries []IdentityEntry which seems somewhat questionable, rather than...