archivista icon indicating copy to clipboard operation
archivista copied to clipboard

Published 20 hours ago verified publisher icon in-toto

task: Add logic in API to upload Policies and retrieve by gitoid

Open kairoaraujo opened this issue 1 year ago • 0 comments

While Archivista API receives a JSON body with a DSSE envelope, it can verify and add if it is a policy.

The Policy can be identified by the PaylodType as described in Archivista Policy Schema (https://witness.testifysec.com/policy). It doesn't conflict with [ITE-5] (https://github.com/in-toto/ITE/blob/master/ITE/5/README.adoc#pseudocode-for-in-totos-reference-implementation).

The Policy can be retrieved by the API (/v1/download/<gitoid>)

Parent feature:

  • #158

kairoaraujo avatar Jan 23 '24 08:01 kairoaraujo