Ville Aikas
Ville Aikas
Re: separate database, if we do that, then we'll basically have 1:1 of Fulcio - CTLog - Trillian - mysql So all four get operated as a "single entity"? If...
Yeah, I remember that code :) That's part of the reason I was asking. In particular if we have the 1:1 stack that gets operated as a single entity, then...
Yeah, I was looking at: https://letsencrypt.org/2019/11/20/how-le-runs-ct-logs.html Which had links to here: https://www.venafi.com/blog/how-temporal-sharding-helps-ease-challenge-growing-log-scale https://www.digicert.com/blog/scaling-certificate-transparency-logs-temporal-sharding For some prior art as well.
Sounds good to me, I'll tackle next week, getting late hereš¤£ On Fri, Aug 12, 2022, 17:19 Hayden B ***@***.***> wrote: > So, I think the question really is: If...
zomg :) I just hit this myself and went to create an issue and found this :)
Looks like there's a few folks that have been hitting this issue, and I personally don't have enough confidence / knowledge on what all kinds of other formats might break...
@zregvart and @lcarva thanks much. My plan is to: * Convert scaffolding to be used as an action so it's easier to grok what's happening. Also hoping that it will...
I'm sure it's a hugely unpopular opinion, but I'm curious if we might want to revisit having sbom as a separate entity from a regular attestation? We have signatures, attestations,...
Just an FYI, looks like maybe there's just not an sbom for that tag. Looks like when you fetch the sbom using a sha that does exist, it works (using...
In lock step with this, we should make sure that policy-controller also behaves identically. For example here: https://github.com/sigstore/cosign/blob/main/pkg/apis/policy/v1beta1/clusterimagepolicy_types.go#L182 We should then enforce that you must specify both Issuer and Subject.