Hayden B

Support is definitely something to consider for both of these. This is another reason to split timestamping services out, because we'll want a high SLO for these with a high...

I've begun this work, moving the old code into a new repo.

Yes, I'd like it to live in the sigstore org. I'll file!

@dlorenc, would you prefer I start this now even with an incomplete repo, or wait until I've finished moving all of the code?

Want to add this as a blocker? I’m working on it now, I do think this will be done by GA (will make the transfer request once the service is...

Agreed that we shouldn’t offer an SLO for a fresh service. We could scope it such that the TSA is complete but as a beta offering.

I’ve mentioned it before, but I would like a way to prioritize GA blockers. There are some that are absolutely musts, like defining an SLO. There are some that we...

Available at https://github.com/sigstore/timestamp-authority

One issue with this is we move away from truly keyless to having users maintain a key. What happens when a key is lost? Do we no longer trust any...

Are we concerned with breaking existing clients that may rely on this now? Hopefully folks are using TUF and not relying on the environment variables, but those were added for...