Alex Cameron

icon indicating a website link https://tetsuo.sh icon indicating an email [email protected]

icon company @FabricCryptography icon location Melbourne, Australia icon location Systems programmer and compiler hacker, software @FabricCryptography

Results 90 comments of Alex Cameron

Create Algorithm Registry API

I'm working on some unit tests now.

Create Algorithm Registry API

CC: @ret2libc @woodruffw @haydentherapper

Create Algorithm Registry API

> The only differences I see is the naming, and that PublicKeyDetails also indicates the encoding of the public key material, but I would think that it wouldn't really matter,...

Create Algorithm Registry API

> Yeah, adding the new values missing in PublicKeyDetails is preferable IMHO. The old RSA values can be marked as [deprecated = true]. I believe RSA are the only ones...

Create Algorithm Registry API

> My gut feeling is that this will be quite disruptive for the community, as this field is being used in quite a few places. And it would also require...

Create Algorithm Registry API

> See [sigstore/protobuf-specs#212](https://github.com/sigstore/protobuf-specs/pull/212) for PR on merge of `PublicKeyDetails` and `KnownSignatureAlgorithms`. Nice work, thanks for that. Once a release is cut, I'll get this PR up to date.

Allow configurable client signing algorithms

Awesome, thanks for the details @haydentherapper. Since we're supporting configurable client signing algorithms only as a first pass, I believe that we can kick the can down the road and...

Proposal: Make SLEIGH a standalone library

@ryanmkurtz That repo was created by my colleagues and I, and is what lead me to file this issue to begin with. It's been useful to us but, in my...

Support ambient credential detection

Working on this now.

Support ambient credential detection

Looks like GitLab OIDC is on its way too: https://github.com/sigstore/fulcio/pull/983