Hayden B
Hayden B
In addition to what Facundo said, I'll mention that all other milestones have been completed. We've completed a review of the codebase and completed a number of issues to improve...
Chatted with Zack about this, summary of a few ideas from the chat: * Each prompt should be "pre-answerable" using a unique CLI flag (`--accept-terms`, `--allow-private-container-upload`) * We should have...
We chatted about that too, probably need a different name. The goal is some flag that bypasses all prompts
Agreed that this does not seem critical to address immediately, though if possible it would be nice to distribute updated Yubikeys before the signing event. Should we ping keyholders to...
Hey, I'm not a maintainer on policy-controller, but I think this is intertwined with ongoing work from @codysoyland already.
Another motivation is PQC. While I don't think the TUF spec should be opinionated on PQ signature schemes at this point, having the flexibility to support them long-term would be...
For adding more Sigstore OIDs, we'd want them to be generalizable and reused across providers, eg the OIDs added for CI providers. OIDs should be parsed and verifiable by all...
Just an update, waiting on two open PRs to be merged, then I'll cut a new Fulcio release and get this rolled out.
@mattmoor the bug fix has been rolled out in staging, please give a test
I'll get the release out to prod momentarily!