-
we need to refactor cosign calling, it's now generating a warning and will error out in future
- https://github.com/sigstore/cosign/pull/2313
```bash
> cosign sign ghcr.io/containerbase/node:14…
-
Including:
- Use cases
- Payload (as described [here](https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md))
- How to correlate SET with UUID of entry
Basically a post walking…
-
The script is described as
> Finds subdomains of a web server by querying Google's Certificate Transparency logs database (https://crt.sh).
At the moment the script reports all hostname-like ide…
-
The current Installer of WCF allows the usage of an external Database Server, without proofing if the installing user is the owner of this Database Server. This can result in overtaking the webspace (…
-
Hello. Is there an implementation anywhere?
By the way, these might be of use:
- https://www.researchgate.net/publication/334454601_BlockIPFS_-Blockchain-enabled_Interplanetary_File_System_for_F…
-
**Description**
With cosign 2, when verifying a signature in the transparency logs, an OIDC issuer and subject must be matched, but there's very little guidance as to what the options are. The err…
-
### Mozilla Bugzilla Root Inclusion URL
https://ccadb.my.site.com/001o000000HsfpCAAR
### CA CP/CPS Website URL
https://www.izenpe.eus/contenidos/informacion/doc_juridica/en_def/adjuntos/IZNP_CP_Web…
-
I am monitoring the issued certificates with https://developers.facebook.com/docs/certificate-transparency/
Recently I see that certs are reissues almost every day. However there aren't any suspic…
-
**Existing Behaviour**
The dedup was enabled. The checkpoint increased by 1. `LeafHash` and `Signature` returned should be the same when the same certificate is submitted.
**Expected Behaviour**…
-
Add https://issuer.hello.coop as an OIDC Identity Provider for sigstore
For details on Hellō see https://hello.coop/ & https://hello.dev/