Construct a real-world example that contains supply chain metadata

cnabio / signy

Go implementation for CNAB content trust verification using TUF, Notary, and in-toto

MIT License

31 stars 11 forks source link

Construct a real-world example that contains supply chain metadata #54

Open radu-matei opened 4 years ago

radu-matei commented 4 years ago

So far we've been testing signy with the default "hello world" in-toto project layout, which is not necessarily representative of a real-world scenario.

I'd also like to show how to use delegations for the in-toto root layout key.

cc @squillace, @trishankatdatadog

radu-matei commented 4 years ago

I can't officially assign @squillace, but I unofficially also assign @squillace.

squillace commented 4 years ago

You feel free