Pushing to enable custom root CAs for orgs with such PKI in place

sigstore / gitsign

Keyless Git signing using Sigstore

Other

915 stars 60 forks source link

Pushing to enable custom root CAs for orgs with such PKI in place #155

Open anoncam opened 1 year ago

anoncam commented 1 year ago

https://github.com/sigstore/gitsign/blob/e8d1ed2fa3a5bf861af91dd9f507f1633c7c03f2/README.md?plain=1#L150

@DODTeam1 - the roots from cyber.mil has this bundle, which would extend a great deal of signing support using existing PKI for a moderately sized vertical...interested if it is more desirable to have this user configurable, or baked in.

dlorenc commented 1 year ago

Can you clarify the question a bit? Are you asking us to add a root, or for github/Gitlab/etc to add it?

anoncam commented 1 year ago

Can you clarify the question a bit? Are you asking us to add a root, or for github/Gitlab/etc to add it?

yeah this is not an ask of sigstore, it's a capability request of @github

anoncam commented 1 year ago

https://github.com/sigstore/gitsign/blob/e8d1ed2fa3a5bf861af91dd9f507f1633c7c03f2/README.md?plain=1#L150

@DODTeam1 - the roots from cyber.mil has this bundle, which would extend a great deal of signing support using existing PKI for a moderately sized vertical...interested if it is more desirable to have this user configurable, or baked in.

my ambiguity was grotesque, apologies