Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support arbitrary blob signing #283

Merged
merged 26 commits into from
Feb 26, 2024
Merged

Support arbitrary blob signing #283

merged 26 commits into from
Feb 26, 2024

Conversation

rgnote
Copy link
Contributor

@rgnote rgnote commented Nov 8, 2023
edited
Loading

Spec updates for Arbitrary blob signing. Proposal https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec

Issue : #281

Signed-off-by: rgnote [email protected]

@rgnote rgnote changed the title Blob Support arbitrary blob signing Nov 8, 2023
yizha1
yizha1 reviewed Nov 9, 2023
View reviewed changes
Copy link
Contributor

@yizha1 yizha1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @rgnote

specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
media/detached-signature-specification.svg Outdated Show resolved Hide resolved
shizhMSFT
shizhMSFT reviewed Nov 9, 2023
View reviewed changes
media/detached-signature-specification.svg Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
Two-Hearts
Two-Hearts reviewed Nov 14, 2023
View reviewed changes
specs/signature-envelope-jws.md Outdated Show resolved Hide resolved
specs/signature-envelope-jws.md Outdated Show resolved Hide resolved
Two-Hearts
Two-Hearts reviewed Nov 14, 2023
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like changes related to trust policy version 1.1 is not included in this PR?
/cc: @yizha1 @priteshbandi

Nvm, just notice that there will be other PRs.

Two-Hearts
Two-Hearts approved these changes Nov 15, 2023
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

yizha1
yizha1 reviewed Nov 15, 2023
View reviewed changes
Copy link
Contributor

@yizha1 yizha1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @rgnote just one comment. Overall looks good.

specs/signature-specification.md Show resolved Hide resolved
priteshbandi
priteshbandi reviewed Nov 18, 2023
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM, added some nits

specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
specs/signature-specification.md Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
@yizha1
Copy link
Contributor

yizha1 commented Nov 22, 2023

@rgnote maybe we missed the updates on the following documents

@rgnote
Copy link
Contributor Author

rgnote commented Nov 22, 2023
edited
Loading

@yizha1 I'm raising a separate PR for them. I'm fine if we want to hold off until we have that PR ready.

yizha1
yizha1 previously approved these changes Nov 23, 2023
View reviewed changes
Copy link
Contributor

@yizha1 yizha1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. We can open PRs for other specifications.

@rgnote
Copy link
Contributor Author

rgnote commented Nov 23, 2023

@yizha1 Actually, made changes to rest of the specs in this PR itself. Please review when you get a chance.

https://github.com/notaryproject/specifications/blob/main/specs/signing-and-verification-workflow.md
https://github.com/notaryproject/specifications/blob/main/specs/trust-store-trust-policy.md

@rgnote rgnote mentioned this pull request Nov 24, 2023
Merged
Two-Hearts
Two-Hearts reviewed Nov 27, 2023
View reviewed changes
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
gokarnm
gokarnm requested changes Nov 30, 2023
View reviewed changes
Copy link
Contributor

@gokarnm gokarnm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed signature spec and signing/verification workflow. Yet to review trust store and policy.

specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
gokarnm
gokarnm requested changes Nov 30, 2023
View reviewed changes
Copy link
Contributor

@gokarnm gokarnm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done reviewing all changes.

specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
specs/signature-envelope-jws.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
@yizha1 yizha1 requested a review from gokarnm December 12, 2023 06:29
shizhMSFT
shizhMSFT reviewed Dec 12, 2023
View reviewed changes
specs/signature-specification.md Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
gokarnm
gokarnm previously approved these changes Dec 13, 2023
View reviewed changes
Copy link
Contributor

@gokarnm gokarnm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Added minor comments.

media/detached-signature-specification.svg Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
priteshbandi
priteshbandi reviewed Dec 13, 2023
View reviewed changes
media/detached-signature-specification.svg Outdated Show resolved Hide resolved
specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
specs/signature-envelope-cose.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signature-specification.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/signing-and-verification-workflow.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
specs/trust-store-trust-policy.md Outdated Show resolved Hide resolved
rgnote and others added 22 commits February 26, 2024 14:44
@rgnote
add blob payload example
815b3a0 
Signed-off-by: rgnote <[email protected]>
@rgnote
address comments
4e1014c 
Signed-off-by: rgnote <[email protected]>
@rgnote
Policy and workflow updates
372c287 
Signed-off-by: rgnote <[email protected]>
@priteshbandi @rgnote
Update threat model to include rollback attack (notaryproject#285)
a517f89 
* Update threat model to add rollback attack

Signed-off-by: Pritesh Bandi <[email protected]>
@rgnote
address milind's comments
6cd1b87 
Signed-off-by: rgnote <[email protected]>
@toddysm @rgnote
Updated the MAINTAINERS file (notaryproject#291)
8f9528b 
Signed-off-by: Toddy Mladenov <[email protected]>
@rgnote
addressing some comments
2c58d89 
Signed-off-by: rgnote <[email protected]>
@rgnote
minor update to oci and blob verification workflows
3eadd40 
Signed-off-by: rgnote <[email protected]>
@rgnote
update trust policy spec
2a25436 
Signed-off-by: rgnote <[email protected]>
@rgnote
fix a typo
9e8000e 
Signed-off-by: rgnote <[email protected]>
@rgnote @Two-Hearts
Update specs/trust-store-trust-policy.md
77e1832 
Co-authored-by: Patrick Zheng <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
@rgnote
minor update
b32f154 
Signed-off-by: rgnote <[email protected]>
@rgnote @priteshbandi
Update specs/signature-envelope-jws.md
ef3b208 
Co-authored-by: Pritesh Bandi <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
@rgnote @priteshbandi
Update specs/signing-and-verification-workflow.md
c7acbf3 
Co-authored-by: Pritesh Bandi <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
@rgnote @priteshbandi
Update specs/signature-specification.md
2185244 
Co-authored-by: Pritesh Bandi <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
@rgnote @priteshbandi
Update specs/trust-store-trust-policy.md
f6e4901 
Co-authored-by: Pritesh Bandi <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
@rgnote
address comments
467b386 
Signed-off-by: rgnote <[email protected]>
@rgnote
minor changes
70ad7c3 
Signed-off-by: rgnote <[email protected]>
@rgnote
nit
4dab6d5 
Signed-off-by: rgnote <[email protected]>
@rgnote
fixing formatting
51272d4 
Signed-off-by: rgnote <[email protected]>
@rgnote
fix targetArtifact references
16383fe 
Signed-off-by: rgnote <[email protected]>
@rgnote
workflow update
1931726 
Signed-off-by: rgnote <[email protected]>
@priteshbandi priteshbandi merged commit f2d8f8f into notaryproject:main Feb 26, 2024
1 check passed
gokarnm
gokarnm reviewed Feb 27, 2024
View reviewed changes
Copy link
Contributor

@gokarnm gokarnm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks @rgnote for working through iterations and getting a final version out!

This was referenced Mar 5, 2024
Closed
Closed
rgnote added a commit to notaryproject/notation that referenced this pull request Mar 8, 2024
@rgnote @Two-Hearts
@dependabot @FeynmanZhou @rcrozean @yizha1 @shizhMSFT @gokarnm @JeyJeyGao @toddysm @priteshbandi
docs: spec updates for arbitrary blob signing (#811)
ba28208 
CLI Spec updated for Arbitrary blob signing. Proposal
https://hackmd.io/ewbJr2ZnT4a8U1ObDVXcSw?view#CLI-Spec and
https://hackmd.io/@-KPyDkW6QfGA-pldFa13pA/ByuHffALa

Signing Scheme and trust policy updates :
notaryproject/specifications#283

Signed-off-by: rgnote <[email protected]>

---------

Signed-off-by: rgnote <[email protected]>
Signed-off-by: Patrick Zheng <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Cameron Rozean <[email protected]>
Signed-off-by: Yi Zha <[email protected]>
Signed-off-by: Rakesh Gariganti <[email protected]>
Signed-off-by: Junjie Gao <[email protected]>
Signed-off-by: Toddy Mladenov <[email protected]>
Co-authored-by: Patrick Zheng <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Feynman Zhou <[email protected]>
Co-authored-by: Cameron Rozean <[email protected]>
Co-authored-by: Yi Zha <[email protected]>
Co-authored-by: Shiwei Zhang <[email protected]>
Co-authored-by: Milind Gokarn <[email protected]>
Co-authored-by: Junjie Gao <[email protected]>
Co-authored-by: Toddy Mladenov <[email protected]>
Co-authored-by: Pritesh Bandi <[email protected]>
@priteshbandi priteshbandi mentioned this pull request Oct 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gokarnm gokarnm gokarnm left review comments

@Two-Hearts Two-Hearts Two-Hearts approved these changes

@yizha1 yizha1 yizha1 approved these changes

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@priteshbandi priteshbandi priteshbandi approved these changes

@vaninrao10 vaninrao10 vaninrao10 left review comments

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@rgnote @yizha1 @gokarnm @priteshbandi @shizhMSFT @vaninrao10 @Two-Hearts @toddysm