-
Hi.
The sha256 signtool.exe timestamp (RFC3161) is not working on W11. But on all W10 everything works fine.
Can you fix the code for w11? Or suggest how to fix the code.
OK: signtool.exe timest…
-
# 💡 Summary #
The purpose of this excurion is to explore the effort and approaches to using Azure Key Vault stored certificate to sign ScubaGear artifacts. This is to support new requirements of H…
-
## Background
Certificate Transparency (CT) ([RFC 6962](https://www.rfc-editor.org/rfc/rfc6962.txt)) defines a "Signed Certificate Timestamp" (SCT), a "promise to incorporate the certificate in the…
-
I'd like to discuss what libraries are authoritative for verification logic throughout the Sigstore stack. I've thought about sigstore-go as glue for services. Ideally, I would like the following (and…
-
# Description
Look at this auto-fetched references:
![Screenshot 2023-10-19 220257](https://github.com/relaton/relaton-ietf/assets/33627611/5db36764-cda7-4886-b5c2-d7367e15bb43)
The "RFC " is d…
-
Currently, a single timeserver url is configured, when this timeserver fails to send a valid response (e.g. 502 error), the signing service will also fail silently and produce this log:
```
2023-1…
-
Firstly thanks so much for the example, cleared up how to use the c# rfc3161 timestamp library. I had to make a small change to get it to work. "hashBytes" when calling timestampToken.VerifySignatureF…
-
I've had some more time to look over the signature format here: https://github.com/notaryproject/nv2/blob/prototype-1/docs/signature/README.md
Here's some initial feedback:
- The self-signed x50…
-
Generated self-sign certificates do not specify a validity period or allow the user to specify a validity period. This causes all verifications using the certificate to fail.
```
# Generate certif…
-
Hi
Is electron-builder able to use services like Digicert Keylocker
https://knowledge.digicert.com/generalinformation/new-private-key-storage-requirement-for-standard-code-signing-certificates-…