From 1ea9e4b68a1aa0fb1f1c4b3894a068ad9cb2156b Mon Sep 17 00:00:00 2001 From: Fredrik Skogman Date: Wed, 8 Jan 2025 15:30:05 +0100 Subject: [PATCH] Update client-spec.md Co-authored-by: Zach Steindler Signed-off-by: Fredrik Skogman --- client-spec.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client-spec.md b/client-spec.md index d8ea2c6..0e52a0d 100644 --- a/client-spec.md +++ b/client-spec.md @@ -232,7 +232,7 @@ The Verifier now constructs the payload to be signed from the artifact and the a * Using the raw bytes of the artifact as the payload. * Hashing the artifact, then using the resultant digest as the payload. * Using [DSSE](https://github.com/secure-systems-lab/dsse/blob/master/protocol.md) as an envelope for the payload which MUST be an in-toto statement. - * Verifier MUST ensure that the artifact's digest/alg tuple is present in the list of subject in the in-toto statement. + * Verifier MUST ensure that the artifact's digest/algorithm tuple is present in the list of subjects in the in-toto statement. * Verifier SHOULD accept the raw artifact and compute the message digest to minimize any risk for confusion attacks. The Verifier MUST verify the provided signature for the constructed payload against the key in the leaf of the certificate chain.