New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to verify signatures with a user provided certificate #157

Closed

flavio opened this issue Nov 10, 2022 · 1 comment

Assignees

Labels

Member

flavio commented Nov 10, 2022

Description

cosign allows users to sign objects using a certificate that has been issued by a user-managed root CA.

Consider the following scenario:

Company Acme Inc. runs its own PKI. An intermediate CA is used to issue certificates to its employees.
Employees rely on these certificates to sign their container images using cosign.

In this scenario, as a sigstore-rs consumer, I would like to be able to verify a container image by using the following input data:

user certificate
certificate chain
name of the object to be verified

flavio added the enhancement label

flavio self-assigned this

This was referenced Nov 10, 2022

Feature Request: Update policy verify-image-signatures to support certificates kubewarden/verify-image-signatures#39

Closed

Verify images signed with custom certificates kubewarden/policy-server#366

Closed

Verify images signed with custom certificates kubewarden/kwctl#350

Closed

add certificate based verification #159

Merged

Member Author

flavio commented Nov 16, 2022

Implemented

flavio closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment