Open webvictim opened 1 year ago
S/MIME signing with X.509 certificates is also widely supported now: https://docs.gitlab.com/ee/user/project/repository/signed_commits/x509.html https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification https://github.com/github/smimesign
https://docs.gitlab.com/ee/user/project/repository/signed_commits/x509.html
Reading the GitLab documentation, it looks like they validate a user's email as an email
subjectAlternativeName
field.
I can't find any mention of that behavior in GitHub's documentation, it looks like github.com
is focused only validating certs issued by CAs in Debian ca-certificates
.
What would you like Teleport to do?
Add support for signing Git commits using SSH certificates issued by Teleport's user CA (or alternatively, maybe use another internally-managed Teleport CA which can be rotated independently of others)
What problem does this solve?
GPG signatures are the current standard for signing commits, but distributing GPG trust can be hard without signing parties. Verifiably asserting that the author of a given commit was in possession of an SSH certificate issued by a trusted Teleport CA provides a better way to bootstrap this trust.
If a workaround exists, please include it.
This may be supported already, in which case this issue is related to testing the workflow end to end and creating documentation for users and cluster admins on how to do it reliably.
References
https://sayr.us/git/ssh-sign-ca https://agwa.name/blog/post/ssh_signatures https://github.com/git/git/pull/1041