Add support for ITE-6 semantics and SLSA provenance

in-toto / in-toto-rs

A rust implementation of in-toto

MIT License

32 stars 14 forks source link

Add support for ITE-6 semantics and SLSA provenance #17

Open adityasaky opened 2 years ago

adityasaky commented 2 years ago

Currently, in-toto-rs only supports the generation of link metadata. However, with ITE-6, in-toto is introducing new attestation types, one of which is SLSA provenance. The in-toto-rs library must, therefore, be updated with the capabilities to generate these new attestations.

cutecutecat commented 2 years ago

Hello! I am happy to undertake this work in GSOC 2022. I have posted a proposal in GSOC system. I will be really grateful if you could review it and give some advice! @adityasaky @SantiagoTorres

If you cannot fetch my proposal from GSOC system, I can provide a Google docs substitution: https://docs.google.com/document/d/1j1bdMnkj34PyVA08Zw07g0gL98uOoEsGD19S6OoMAZg/edit?usp=sharing

adityasaky commented 2 years ago

Hi @cutecutecat, have you joined the CNCF slack workspace by any chance? At a high level, I think the proposal is in a good state. cc @SantiagoTorres