Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Simple signing scheme: Now only support get signatures from local files. #9

Open
jialez0 opened this issue Feb 18, 2022 · 8 comments
Open

Simple signing scheme: Now only support get signatures from local files. #9

jialez0 opened this issue Feb 18, 2022 · 8 comments

Comments

@jialez0
Copy link
Member

jialez0 commented Feb 18, 2022

No description provided.

@jialez0 jialez0 changed the title Signature: Now only support get signatures from local files. Simple signing scheme: Now only support get signatures from local files. Feb 18, 2022
@jialez0 jialez0 mentioned this issue Feb 18, 2022
Closed
@Xynnn007 Xynnn007 mentioned this issue Aug 19, 2022
Closed
@Xynnn007
Copy link
Member

Xynnn007 commented Oct 1, 2022

FYI, the most recent OCI registry spec introduced a new API named
referrers, which can be used to store the signature in the image registry.

https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-referrers
https://github.com/opencontainers/wg-reference-types/blob/main/docs/proposals/PROPOSAL_E.md#image-spec

However, for the spec is very new, no registries support this API now. Just record this for future use.

@ariel-adam
Copy link
Member

@jialez0 is this issue still relevant or can be closed?
If it's still relevant to what release do you think we should map it to (mid-November, end-December, mid-February etc...)?

@xbkaishui
Copy link

hi how about this issue? is there a plan to fix ?

@Xynnn007
Copy link
Member

Xynnn007 commented Mar 9, 2023

hi how about this issue? is there a plan to fix ?

Hi @xbkaishui Now we can use cosign as signing scheme, and this scheme will avoid reading signatures from the local filesystem but reading from the image registry instead.

Please refer to this guide for more information. https://github.com/confidential-containers/image-rs/blob/main/docs/quickstart/image_signing.md

@xbkaishui
Copy link

hi how about this issue? is there a plan to fix ?

Hi @xbkaishui Now we can use cosign as signing scheme, and this scheme will avoid reading signatures from the local filesystem but reading from the image registry instead.

Please refer to this guide for more information. https://github.com/confidential-containers/image-rs/blob/main/docs/quickstart/image_signing.md

ok, thanks, will try and let you know. by the way is there any wechat groups for communication?

@Xynnn007
Copy link
Member

Xynnn007 commented Mar 9, 2023

ok, thanks, will try and let you know. by the way is there any wechat groups for communication?

Sorry we do not have we-chat group. We have a slack channel for confidential-containers https://cloud-native.slack.com/archives/C039JSH0807 . You can join this slack channel for discussion

@xbkaishui
Copy link

https://cloud-native.slack.com/archives/C039JSH0807

hi, can't join the slack channel, can you invite me ? [email protected]

@Xynnn007
Copy link
Member

Xynnn007 commented Mar 9, 2023

https://cloud-native.slack.com/archives/C039JSH0807

hi, can't join the slack channel, can you invite me ? [email protected]

Yea I've sent you the mail.

dcmiddle pushed a commit to dcmiddle/guest-components that referenced this issue Jun 5, 2023
@fitzthum
Merge pull request confidential-containers#9 from voidC1326/kbc_guide
ad01d3f 
Add KBC Module Development Guide
eldios added a commit to switchboard-xyz/guest-components that referenced this issue Jan 26, 2025
@eldios
get-derived-key: fix URL + add to KBS confidential-containers#9
a4e35e3
eldios added a commit to switchboard-xyz/guest-components that referenced this issue Jan 27, 2025
@eldios
derive_key: change key id to be correctly used confidential-containers#9
4acd936
eldios added a commit to switchboard-xyz/guest-components that referenced this issue Jan 27, 2025
@eldios
devired_key: cleaning pass confidential-containers#9
4c99015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xbkaishui @Xynnn007 @jialez0 @ariel-adam