microsoft / scitt-ccf-ledger

Supply Chain Integrity Transparency and Trust ledger application using Confidential Consortium Framework (CCF)
MIT License
35 stars 16 forks source link

[Draft] COSE Receipts #230

Open achamayou opened 1 week ago

achamayou commented 1 week ago

Switch to COSE receipts, embedded in unprotected headers of signed statement, as per SCITT's latest draft.

A lot of testcases need updating as a result of this.

achamayou commented 1 week ago

Draft verification logic: https://github.com/microsoft/CCF/pull/6603