notary
This document defines the requirements of the signature format and discusses the candidates for Notary V2.
A complete signature is a tuple of
where stands for signing key.
A signature envelope is a compact form of signatures signing the same payload . It can be expanded to .
A complete signature can be viewed as a signature envelope .
Since payload is about the metadata of the artifact manifest to be signed and it is not specific to any signature scheme, the payload requirements are discussed separately.
mediaType
, digest
, size
fields.annotations
field.artifactType
field for artifact manifests, or the config.mediaType
for oci.image
based manifests.Notary v2 version <= prototype-2
defines a JWT-variant signature format.
Particularly, this JWT-variant is serialized in JWS Compact Serialization as defined by RFC7515 Section 7.1.
Pros:
Cons:
Example:
If parsed,
General JWS JSON serialization syntax is defined in RFC7515 Section 7.2.1.
Pros:
Cons:
Here is an example:
Payload:
Signed signature metadata:
Complete JWS JSON Serialization:
If a JWS contains only one signature as above, the JWS can be flattened as
in-toto enhancement (ITE-5) introduces a SSL signing spec. This spec is inspired by PASETO, which is too opinionated. Later, this spec is evolved to Dead Simple Signature Envelope (DSSE) with its PAE() function updated.
Pros:
Cons:
Example:
Red Hat's simple signing format is intended for payloads. The payload format is adapted by atomic
and later by cosign.
It is a payload format not a signature format.
PKCS #7: CMS is defined in RFC2315 and updated by RFC5652. The CMS is widely used for general digital signatures. For instances, RFC8551, NuGet.org.
The signature is stored in asn.1 DER binary format and optionally wrapped in PEM blocks.
Go Library: https://pkg.go.dev/go.mozilla.org/pkcs7
Pros:
Cons:
It is recommended to reuse existing signature format according the requirements. If there is no suitable candidate, extend the existing signature format for minimum viable product. If non of above meet the requirements, we may consider to design a new signature format.
JWS JSON serialization meets our requirements.
Golang implementation is possible by combining
The format is proposed by extending DSSE.
Payload:
Signed signature metadata:
Signature envelope:
The format is proposed using JWS JSON Serialization.
Payload:
Payload contain the subject manifest and other attributes that has to be integrity protected.
notary.v2
: Top level node and private claim, encapsulating the notary v2 data.iat
, exp
as top level nodes.subjectManifest
: The image manifest that needs to be integrity protected.signedAttrs
: The additional metadata that needs to be signed.
reserved
: The signed attributes reserved for notary v2 use such as issuedAt(iat), expiration Time(exp), artifact revocation list(arl), etc.custom
: The user defined signed attributes such as buildId, imageScanned, etc.ProtectedHeader:
cty
: Content type used to declare the media type of the secured content(the payload)SignatureEnvelope:
protected
: Base64Url encoded JSON object that contains the header parameters that are integrityheader
: JOSE Header containing the parameters describing the cryptographictimestamp
: Base64Url encoded timestamp token generated by TSA.kid
Hint indicating which key was used to generate the signature.x5c
contains the X.509 public key certificate or certificate chain corresponding to the key used to used to generate the signature. If signature was generated by x509 certificate signature envelop must contain x5cx5c
the leaf certificate's signing algorithm(with some additional conventions [TODO: add convention]) will be used for signature and this algorithm will be value of alg
header. The verifier will make sure that the value of alg
is same as that of leaf certificate's signing algorithm.The format is proposed using extended version of DSSE.
Payload:
SignatureEnvelope:
In SignatureEnvelope's signatures
node user can either specify keyid or x5c. Currently DSSE doesn't support timestamp and x5c fields.
subjectManifest#annotations
? As we have already defined signedAttrs#custom
node for user specific metadata?