cosign
cosign copied to clipboard
sigstore
Add support for multiple PIV tokens
Right now, Cosign doesn't allow to sign when multiple PIV tokens are connected: it errors out and no signatures re generated:
signing digest: getting keypair and token: getting signer: open key: found 2 cards, please attach only one
This can be problematic in scenarios where you are using a machine in which you don't have physical access.
Having a way to filter the PIV tokens by specifying a --piv-uuid flag would be a way to solve this.
What do you think? Would such a contribution welcome?
