search

oasis-tcs / csaf

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code
https://github.com/oasis-tcs/csaf
Other
148 stars 39 forks source link

Signature file layout definition? #370

Closed productcert closed 2 years ago

productcert commented 3 years ago

Hi,

The rolie documentation does not specify the format of the signature files.

Shall the signature file only contain the signature or also the content?

Thanks

tschmidtb51 commented 3 years ago

The signature files should only contain the signature:

Example (not valid due to invalid line breaks and [...] but gives the idea):

-----BEGIN PGP SIGNATURE-----

iEIzBAABCgAdFiEEKIBqh4rkI6KDcnku11iZuackk3oFAmFU2ZoACgkQ11iZuack
k3oKpQ/+MJRdBCjfOte+Fn8CI9F1ORi0Qu7vxe0nZuAggC2Ns0+6yDAXXD65ek3v

[...]

Rn27cIk5mCAH30R9rt1z3TG9i0wpqRxuy1N55UT0mPD+HjtFgCM=
=D7iA
-----END PGP SIGNATURE-----

@productcert Does that answer your question?

tschmidtb51 commented 3 years ago

@santosomar, @sthagen: We should find a place to provide such examples... Maybe a directory structure for each of them?

sthagen commented 3 years ago

As long as these paths do neither introduce another csaf term, nor spaces, nor upper case letters I think this is good :wink:

productcert commented 3 years ago

Thanks a lot! Now it is clear

productcert commented 3 years ago

If you want to keep this issue open for the above mentioned examples keep it open. Otherwise, it could be closed my point of view.

tschmidtb51 commented 2 years ago

@productcert We are tracking the progress of examples now in #374. Therefore, I close the issue.