search

sigstore / model-transparency

Supply chain security for ML
Apache License 2.0
105 stars 28 forks source link

Private Sigstore deployment #85

Open laurentsimon opened 9 months ago

laurentsimon commented 9 months ago

The API should support custom roots. For Fulcio and Rekor, we need

  1. tuf root
  2. a URL to update the root (if not already present in the tuf root data of (1))

@haydentherapper please keep me honest

haydentherapper commented 9 months ago

2 is always needed, 1 (the root metadata) does not specify where the TUF repo is hosted.

mihaimaruseac commented 3 weeks ago

This should be after the v1 release