Clarified that verification using DSSE. (#39)

* Clarified that verification using DSSE. * Payload must be an in-toto statement * Verifier must ensure the artifact's digest is present as a subject Signed-off-by: Fredrik Skogman <[email protected]> * Update client-spec.md Co-authored-by: Zach Steindler <[email protected]> Signed-off-by: Fredrik Skogman <[email protected]> * Added link to in-toto statements and envelope specification Signed-off-by: Fredrik Skogman <[email protected]> --------- Signed-off-by: Fredrik Skogman <[email protected]> Co-authored-by: Zach Steindler <[email protected]>
sigstore · Jan 9, 2025 · 4f68142 · 4f68142
1 parent 6aaf220
commit 4f68142
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/client-spec.md b/client-spec.md
@@ -231,7 +231,11 @@ The Verifier now constructs the payload to be signed from the artifact and the a
 
 * Using the raw bytes of the artifact as the payload.
 * Hashing the artifact, then using the resultant digest as the payload.
-* Using [DSSE](https://github.com/secure-systems-lab/dsse/blob/master/protocol.md) as an envelope for the payload with a known DSSE payload type.
+* Using [DSSE](https://github.com/secure-systems-lab/dsse/blob/master/protocol.md) as an envelope for the payload.
+    * The DSSE `payloadType` must be `application/vnd.in-toto+json` per the [in-toto Envelope layer specification](https://github.com/in-toto/attestation/blob/main/spec/v1/envelope.md).
+    * The payload MUST be an [in-toto statement](https://github.com/in-toto/attestation/blob/main/spec/v1/statement.md).
+    * Verifier MUST ensure that the artifact's digest/algorithm tuple is present in the list of subjects in the in-toto statement.
+    * Verifier SHOULD accept the raw artifact and compute the message digest to minimize any risk for confusion attacks.
 
 The Verifier MUST verify the provided signature for the constructed payload against the key in the leaf of the certificate chain.