in-toto/specification

Issues

• key format specification is inconsistent

  #33 opened 2 years ago by shibumi
  7

• documentation examples

  #95 opened 7 months ago by pennywisdom
  3

• Add Vale Linter for Documentation Quality Checks

  #94 opened 8 months ago by Ayush9026
  1

• Discuss the overlap and comparison with IETF's RATS framework

  #83 opened a year ago by deeglaze
  6

• Potential grammatical error

  #81 opened a year ago by ChaosInTheCRD
  4

• Tag v1.0 of the spec

  #46 opened 2 years ago by MarkLodato
  1

• Address remaining review comments from @trishankkarthik

  #14 opened 2 years ago by lukpueh
  4

• JSON parsing differences can make the same signature verify for different payloads

  #74 opened 2 years ago by lukpueh
  1

• expiration date might prevent installation

  #73 opened 2 years ago by lukpueh
  3

• missing key management

  #72 opened 2 years ago by lukpueh
  2

• pattern matching syntax for artifact rules is undefined

  #71 opened 2 years ago by lukpueh
  3

• expected python in-toto to consume 'REQUIRE' layout item.

  #45 opened 2 years ago by cokieffebah
  8

• "other_headers" field in "signatures" field in reference implementation is not part of the spec

  #55 opened 2 years ago by nmiyake
  10

• Differences between the in-toto implementations and the specification

  #53 opened 2 years ago by shibumi
  3

• Pseudocode for MATCH rule indicates that source and destination patterns can be distinct

  #19 opened 2 years ago by adityasaky
  1

• Change expiration check to match TUF

  #42 opened 2 years ago by joshuagl
  4

• Ambiguous rule set: `ALLOW foo` while `DISALLOW *` is also a rule

  #7 opened 2 years ago by vladimir-v-diaz
  1

• Document media/MIME type of in-toto payloads

  #61 opened 2 years ago by SantiagoTorres
  2

• Diagrams that show up in various places are not viewable in darkmode.

  #52 opened 2 years ago by Alos
  1

• PDF Generation Instructions

  #64 opened 2 years ago by bagnaram
  1

• Broken Hyperlinks in in-toto-spec.pdf

  #63 opened 2 years ago by lakshya8066
  1

• would be nice to point to live website docs from README

  #15 opened 2 years ago by ultrasaurus
  7

• in-toto-spec.md: missing table of contents

  #3 opened 2 years ago by SantiagoTorres
  0

• Support ecdsa key-type for commands

  #67 opened 2 years ago by danbev
  1

• "keys" JSON format described in spec does not match reference implementation output

  #56 opened 3 years ago by nmiyake
  1

• Update provided PDF

  #30 opened 4 years ago by aparcar
  1

• in-toto-spec.md: Missing product in 5.3.2 example

  #8 opened 4 years ago by CameronLonsdale
  1

• Document "artifact rule" rationale

  #4 opened 7 years ago by lukpueh
  7

• What's an SCC?

  #38 opened 4 years ago by TBBle
  6

• Problem with conflicting rules

  #41 opened 4 years ago by SolidifiedRay
  0

• Revisit artifact rule path patterns

  #32 opened 7 years ago by lukpueh
  0

• Inconsitencies between the in-toto specification and reference implementations: to `_name` or to `name`, that is the question

  #24 opened 5 years ago by adityasaky
  4

• Resolve documentation inconsistency in number of signing methods supported.

  #21 opened 5 years ago by kestewart
  0

• Verify target files of final product without inspection

  #27 opened 6 years ago by lukpueh
  12