Brandon Lum

If i understand your statement correctly, I believe those signing technologies ensure the integrity of the image manifest, and the integrity of the layers are ensured as being part of...

>During deployment, do you ensure that the manifest is validly signed and all the layers match their measurements before you decrypt? Or is it possible to decrypt without validating a...

>@lumjjb Do you refuse to decrypt if the manifest is unsigned? That is the choice of the runtime policy, the encryption technology is agnostic to this, depending on the setup

>That seems to me like the wrong choice to preserve the security of the system as a whole. If you enable an encrypted layer, you should prevent decryption whenever integrity...

@npmccallum I don't disagree with your point that confidentiality != integrity. But I think that that is handled on a higher level, the proposal here is just talking about the...

>This ties into #747 as well. I'm not sure if the +enc double-suffix is valid (though I mostly skimmed that RFC and might misunderstand the grammar described). Agreed. It also...

Base on the regexp from https://tools.ietf.org/html/rfc6838#section-4.2, it seems like having multiple "+"s is not illegal but only the last one is considered the structured syntax suffix based on the spec.

>I'd like to see scenarios drawn out for how the +encrypted/encoded layer type suffix would work from build to snapshot for the community at large, before we say yeah let's...

Had a chat with @MarkLodato @TomHennen @wietse-gmail, and here is a summary of our conversations: Having this information as part of SLSA artifact provenance wouldn't be as useful as there...

>Is this a recommendation or a requirement? Do we let consumers decide what is sufficient for them? I am in favor of a recommendation. I think that a lot of...