slsa-verifier icon indicating copy to clipboard operation
slsa-verifier copied to clipboard

Published 20 hours ago verified publisher icon slsa-framework

Feature: Verify additional pieces (configSource) of the provenance

Open laurentsimon opened this issue 3 years ago • 0 comments

For defense in depth, we should verify these against the signing certificate, print these, and also in the future expose options for clients to create policies to verify these against.

laurentsimon avatar Mar 25 '22 21:03 laurentsimon