maugustosilva
maugustosilva
I believe PR #1325 basically fixed it. I will close it for now, feel free to open in case you believe it still needs more work.
Trying to address most of the (all pertinent) questions: 1) This was originally a request from Red Hat (@ansasaki @mpeters). AFAIK, RHEL 9.1 ships the rust agent, but server side...
1. yup, a typo, `addall` is what I meant :-) 2. No consistency in case of `upgrade` strictly needed, given our `upgrade` is literally a `delete` followed by an `add`...
LGTM, but wanted to get @ansasaki 's input on the question of **introducing** this new `verifier`-specific parameter (`require_allow_list_signatures`). "Technically", shouldn't it be placed on the `2.1` version of templates?
@stefanberger Given that we are about to cut a new release, once you move the template from `2.0` to `2.1`, we could merge this.
What do you see as an alternative in this case? I understand and actually agree with your point DSSE spec resulting in an arrangement which is "a bit odd" (more...
@ansasaki shouldn't it (trusted public keys) be implemented in the broader context of "key management" which @stefanberger proposes then?
Given we are "changing" the column `v` on `verifier`'s database , don't we need an `alembic` migration?
Nice feature. It would be good to include some documentation/examples. Do you plan to add it to `keylime_tenant`?