-
More recent Yubikey firmwares seem to default to AES instead of 3DES for the PIV management key, which causes the key generation to fail with a nondescript error message `‼️ The default Management Ke…
-
When using `COSIGN_DOCKER_MEDIA_TYPES=1 cosign attest`, the generated manifest contains a nested non-docker entity:
```
$ COSIGN_DOCKER_MEDIA_TYPES=1 cosign -d attest --predicate /tmp/predicate.js…
-
Occasionally, we hit 'error updating to TUF remote mirror' when calling cosign verify.
The error looks like a connection error from our server, but when I try to open the https://tuf-repo-cdn.sigst…
-
**What happened**:
Admission request for pod was canceled and for the next several minutes all following admission requests were rejected because there is no valid signature. However, the image is co…
-
### NuGet Product(s) Involved
Other/NA
### The Elevator Pitch
[sigstore](https://www.sigstore.dev/) is gaining traction as a method of enabling validation of development artifacts across many diffe…
-
**What would you like to be added**:
**Why is this needed**:
We (w/@srenatus @anderseknert) did a [similar effort](https://github.com/withfig/autocomplete/pull/854) in OPA to add autocompletion …
-
[sget change] sget should be able to validate previous policies for consistent proof of previous signers.
[cosign change] signatures will be moved from the policy.json and place into a cosign annot…
-
The artifactType for Cosign signature should be `application/vnd.dev.cosign.simplesigning.v1+json`. However, the [document](https://ratify.dev/docs/1.0/external%20plugins/Verifier/cosign) used `applic…
-
**Description**
Using cosign with Azure KMS results in different behavior for validation with KMS and local pub cert.
```
cosign --insecure-ignore-tlog=true verify -key azurekms://keyvault-x…
-
**Description**
Hi!
We'd like to have an opportunity to pass our own Cosign public key generated with `cosign generate-key-pair` to the provider. To use it the same way as 'cosign verify --k…