Skip to content

Commit

Permalink
review: Also exclude trusted intermediate certs
Browse files Browse the repository at this point in the history 
Signed-off-by: Aditya Sirish <[email protected]>
Co-authored-by: Appu Goundan <[email protected]>
  • Loading branch information
@adityasaky @loosebazooka
adityasaky and loosebazooka committed Sep 27, 2023
1 parent 8d01caf commit 22636f9
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion protos/sigstore_bundle.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,8 @@ message VerificationMaterial {
// meant to be used for the `ext` field in a signature extension. The `kind` for
// the Sigstore DSSE extension MUST be
// application/vnd.dev.sigstore.dsse+json;version=0.1. The certificate chain
// included MUST NOT include the Sigstore root certificate.
// included MUST NOT include the Sigstore root or trusted intermediate
// certificates.
message DSSESignatureExtension {
dev.sigstore.common.v1.X509CertificateChain x509_certificate_chain = 1 [(google.api.field_behavior) = REQUIRED];

Expand Down

0 comments on commit 22636f9

Please sign in to comment.