add support for tsa signing and verification of images #2460
Conversation
|
@priyawadhwa @haydentherapper I am considering to rename any reference of TSABundle to 3161Timestamp. Any thoughts ?. |
pkg/cosign/verify.go
Outdated
| return false, fmt.Errorf("reading base64signature: %w", err) | ||
| } | ||
|
|
||
| fmt.Println("Verifying TSA Bundle") |
There was a problem hiding this comment.
Perhaps we want to avoid printing this message (it will be printed per validated signature).
There was a problem hiding this comment.
If you have it, it should go to STDERR
Codecov Report
@@ Coverage Diff @@
## main #2460 +/- ##
==========================================
- Coverage 30.96% 30.96% -0.01%
==========================================
Files 138 139 +1
Lines 8473 8635 +162
==========================================
+ Hits 2624 2674 +50
- Misses 5509 5600 +91
- Partials 340 361 +21
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
b8b3fcb to
c5d7f72
Compare
I think it might be more user-friendly to stick with TSABundle since we already have RekorBundle (also since we have user-facing flags like --bundle, something like --tsa-bundle might be more intuitive). |
| if ShouldUploadToTlog(ctx, ko, digest, ko.SkipConfirmation, tlogUpload) { | ||
|
|
||
| // TODO: For the moment you can only use the timestamped service OR the transparency log. | ||
| if ko.TSAServerURL != "" { |
There was a problem hiding this comment.
I would prefer to support both and not have this as a TODO. Timestamps are simply a way to have a third-party provide time, but don't provide transparency. Having this as a TODO risks changing the security model of Sigstore.
Following the existing code, can we have the tsa.NewSigner be wrapped by irekor.NewSigner?
cc @asraa
There was a problem hiding this comment.
@haydentherapper @asraa Could we add support for both as part of a follow-up PR ? Likewise I will advocate for supporting the TSA as an alternative to the tlog. Some users may not want transparency.
There was a problem hiding this comment.
As long as the follow up is before we cut a new release, sure. Is it a large change to support both? I would have thought we could support both by just wrapping the tsa signer in the rekor signer struct.
If a user doesn't want to use the transparency log, that should be controlled via an explicit flag (tlog-upload) rather than the usage of timestamping. I just want to make sure we're clear on the messaging and security model for Sigstore, that timestamping provides an alternative to how to verify expiration of a certificate. Rekor currently plays two roles, transparency and timestamping, so using a TSA only changes the second.
There should be a limited number of reasons to not use Rekor - private artifacts are the main one. Otherwise, you really should be uploading entries to Rekor.
There was a problem hiding this comment.
There should be a limited number of reasons to not use Rekor - private artifacts are the main one. Otherwise, you really should be uploading entries to Rekor.
+1. We should still support this use case though. We can default to using the TSA+Rekor together, and provide an opt-in flag for folks who want to sign private artifacts and verify against the TSA but not Rekor. I think because of this use case it's more logical to have a separate TSA signer/verifier than to wrap it into Rekor.
Could we add support for both as part of a follow-up PR ?
sounds good! as a reviewer I definitely prefer lots of smaller PRs :) there's no plan to cut any releases at the moment so should be fine.
There was a problem hiding this comment.
It looks like the code to support both should be pretty straightforward, since irekor.NewSigner takes a cosign.Signer and tsa.NewSigner implements that already.
There was a problem hiding this comment.
This all sounds good to me: I think everyone laid it out right. We can support TSA+Rekor, with a control knob on removing hte Rekor upload.
For verification, we can start verifying TSA's on conditional requirements, soon always validating them in the long tail. The verification flow will look the same, we still will use a Rekor promise of inclusion offline, but instead use the verified TSA as the time check.
There was a problem hiding this comment.
I extracted the following list of action items as result of this thread:
- Add support for TSA and Rekor together.
- Users could rely on TSA-only whenever they set
--tlog-upload=false. We'll add a warning message and documentation about the limitations of using the timestamp verification instead of the tlog verification. - Add a
--skip-tlog-verifyflag to ourcosign verify*commands to skip the tlog verification done by default.
Signed-off-by: Hector Fernandez <hector@chainguard.dev>
Signed-off-by: Hector Fernandez <hector@chainguard.dev>
Signed-off-by: Hector Fernandez <hector@chainguard.dev>
c5d7f72 to
abc0641
Compare
Signed-off-by: Hector Fernandez <hector@chainguard.dev>
abc0641 to
54543bd
Compare
|
@haydentherapper @priyawadhwa I've addressed all your comments. Please, have a look. On the other hand I have a list of actions items to tackle in a different PR #2460 (comment). |
Signed-off-by: Hector Fernandez <hector@chainguard.dev>
Signed-off-by: Hector Fernandez hector@chainguard.dev
Summary
In relation to #2331, this PR adds support for image signing and verification using a RFC3161 time-stamping server instead of the transparency log.
NOTE: Rekor and TSA cannot be used together for the moment.
For testing purposes, we have integrated using https://github.com/sigstore/timestamp-authority. So we expect you to run a TSA server for testing:
Release Note
Add support for signing images using a RFC3161 time-stamping server
Documentation