Olle E. Johansson

icon indicating a website link https://www.linkedin.com/in/ollejohansson/ icon indicating an email [email protected]

icon company Edvina AB - @edvinanet icon location Sollentuna, Sweden icon location Working with realtime communication, software supply chain security, PKI and more. Active in IETF, OWASP and in the kamailio.org Open Source SIP server project

Results 151 comments of Olle E. Johansson

Define terminology

This is the output from our last meeting and the brainstorm meeting

Allow nesting Products

In an old slide I have a product pointing to a TEI for another product. Maybe that's still a valid solution for this.

Allow nesting Products

I think many products have one "product" and a single "component". We knew that and it's the way to provide for the flexibility of having bundles.

Allow nesting Products

For product to product relations we had TEI before. Maybe we need to add it again, so a product can consist of a set of (products and components)

Allow nesting Products

Using a TEI makes it possible to include a product from another TEA service, maybe another vendor

Allow nesting Products

> That's an interesting feature—can a TEI reference a TEA Component instead of a TEA Product? Not directly, but just create a separate TEA product with just one component and...

Draft: Adding a first early draft on handling of digital signatures

Supporting GPG signatures is good for backwards compatibility but do we want to put that implementation burden on new implementations, which this will be? Food for thought. Being able to...

Draft: Adding a first early draft on handling of digital signatures

Moved discussions on PGP to a separate issue

Draft: Adding a first early draft on handling of digital signatures

Added a clarification that digital signatures are optional. It may not be in future versions of the API, but we have to start somewhere.

Create a Taxonomy

Starting point to steal is here: https://github.com/CycloneDX/transparency-exchange-api/blob/main/api-flow/consumer.md