-
Hi,
I'm wanting to validate the attestations provided by GitHub for artifacts built in a private repository. I would like to do this validation as part of a Rust program.
I came across https://g…
-
I tried to upload the sigstore files to the [GitHub attestation endpoint](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-an-attestation) using [a custom Gradle task](https://…
-
A user (dev) should be able to declare that a particular version of any app is reproducible _(or not)_ from a particular commit or release tag. Show warnings when a dev in your WoT says they have fail…
-
### User Story:
As a qualified developer,
I want to mint my badges onchain,
So that my credentials are recorded on the blockchain.
### Acceptance Criteria
GIVEN a user is qualified,
WHEN the user cli…
-
1.
**Section link:**
- https://learn.microsoft.com/en-us/python/api/overview/azure/security-attestation-readme?view=azure-python
![image](https://github.com/user-attachments/assets/2c86890a-149…
-
In https://c2pa.org/specifications/specifications/1.4/attestations/attestation.html#_attestation_overview
![image](https://github.com/user-attachments/assets/65d9982a-256b-4306-a45a-8e82c5cbe7ed)
…
-
As part of our `tofino` design, the entropy threshold signature server is going to be run in a trusted execution environment. This is a proposed feature for attestation that validators have correctly…
-
Re PRT Replay, looks like we can attest that the keys are in fact inside TPM
Ref: https://joostgelijsteen.com/windows-attestation/
-
Hi, is this type of attestation supported on the platform? I see only documentation por EPID based. I could not find any configuration file to set up, for example, PCCS address.
-
We should provide guidance on where source attestations are stored.
We may not want to be too prescriptive but should provide an allowance for how a source control system (#1128) should do so.
N…