diff --git a/cmd/conformance/main.go b/cmd/conformance/main.go
index f50f11c507b..420e16bd631 100644
--- a/cmd/conformance/main.go
+++ b/cmd/conformance/main.go
@@ -50,7 +50,7 @@ func usage() {
 func parseArgs() {
 	for i := 2; i < len(os.Args); {
 		switch os.Args[i] {
-		// TODO: support staging
+		// TODO: support staging (see https://github.com/sigstore/cosign/issues/2434)
 		//
 		// Today cosign signing does not yet use sigstore-go, and so we would
 		// need to make some clever invocation of `cosign initialize` to
@@ -112,6 +112,7 @@ func main() {
 		args = append(args, "verify-blob")
 
 		// TODO: for now, we handle `verify` by constructing a bundle
+		// (see https://github.com/sigstore/cosign/issues/3700)
 		//
 		// Today cosign only supports `--trusted-root` with the new bundle
 		// format. When cosign supports `--trusted-root` with detached signed
diff --git a/test/e2e_test.go b/test/e2e_test.go
index 58d02658276..f0e36328b6f 100644
--- a/test/e2e_test.go
+++ b/test/e2e_test.go
@@ -1628,12 +1628,6 @@ func TestSignBlobNewBundle(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	trustedRoot := "{\"mediaType\":\"application/vnd.dev.sigstore.trustedroot+json;version=0.1\"}"
-	trustedRootPath := filepath.Join(td1, "trusted_root.json")
-	if err := os.WriteFile(trustedRootPath, []byte(trustedRoot), 0644); err != nil {
-		t.Fatal(err)
-	}
-
 	bundlePath := filepath.Join(td1, "bundle.sigstore.json")
 
 	ctx := context.Background()