Clarified that verification using DSSE.

* Payload must be an in-toto statement * Verifier must ensure the artifact's digest is present as a subject Signed-off-by: Fredrik Skogman <[email protected]>
sigstore · Jan 8, 2025 · c5011fd · c5011fd
1 parent 6aaf220
commit c5011fd
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/client-spec.md b/client-spec.md
@@ -231,7 +231,9 @@ The Verifier now constructs the payload to be signed from the artifact and the a
 
 * Using the raw bytes of the artifact as the payload.
 * Hashing the artifact, then using the resultant digest as the payload.
-* Using [DSSE](https://github.com/secure-systems-lab/dsse/blob/master/protocol.md) as an envelope for the payload with a known DSSE payload type.
+* Using [DSSE](https://github.com/secure-systems-lab/dsse/blob/master/protocol.md) as an envelope for the payload which MUST be an in-toto statement.
+    * Verifier MUST ensure that the artifact's digest/alg tuple is present in the list of subject in the in-toto statement.
+    * Verifier SHOULD accept the raw artifact and compute the message digest to minimize any risk for confusion attacks.
 
 The Verifier MUST verify the provided signature for the constructed payload against the key in the leaf of the certificate chain.