Steve Lasker
Steve Lasker
Thanks @shizhMSFT, @dtzar David is capturing the heart of the issue. What is the proper "secure by default", starting point? Then, what could someone with admin privileges change, to enable...
A secure by default scenario would suggest system is the default and the user must have admin privileges to enable the less secure user config. As a security tool, seems...
Thanks @shizhMSFT, @dtzar The thing I’m most concerned with is a build redirecting the signing or verification to bypass the intended secure scenario. Can we say: If the notation cli...
The goal is to avoid a bad actor to override a system configuration. If the admin scenario is configured, wouldn’t there be a config, or trust store/policy in an admin...
Thanks @nelson-wu. @shizhMSFT, what do you think? Any PRs are welcome to fix
> how do the clients know the org.cncf.notary.v2.signature.subject value in advance to do filtering? This will be part of the notary v2 spec, to state that signatures must set the...
Keeping active to surface key information in the manifest, without having to read into the blobs. The information should human readable content to understand which key should be pulled.
As we're moving doc to the notaryproject.dev repo and site, just flagging this one to be redone and moved over.
Just noting this will move to the https://github.com/notaryproject/notaryproject.dev repo
The multi-file thing is a good issue. Perhaps we can pass in a file, or a directory. This behavior did previously exist, but it was single-file based. It's another good...