Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Task: discuss the future of the rstuf key commands prior 1.0.0 #547

Open
1 task done
MVrachev opened this issue Apr 3, 2024 · 1 comment
Open
1 task done

Task: discuss the future of the rstuf key commands prior 1.0.0 #547

MVrachev opened this issue Apr 3, 2024 · 1 comment

Comments

@MVrachev
Copy link
Member

MVrachev commented Apr 3, 2024

What is the task about?

After @lukpueh refactoring in #523 and all other related issues regarding improvements are resolved we need to discuss the future of the rstuf key info and rstuf key generate commands.

When we drop support for our current bootstrap ceremony, signing and metadata update we will no longer use the old format of securesystemslib keys meaning we need to drop support for rstuf key generate as we don't want to confuse our users.
New keys can be generated with openssl and pypy/cryptography.
Have a look at this issue:
in-toto/in-toto#662

I believe it's not worth it to update our current rstuf key generate as this will require future maintenance.

Same for rstuf key info: after we drop support for the old bootstrap ceremony, update and sign we will no longer need to manually describe keys with keyid, keytype and scheme. We will require users to load their public keys. Also, the current import of keys won't work with our new format and needs an update which I am not sure it makes sense to do.

Code of Conduct

  • I agree to follow this project's Code of Conduct
@kairoaraujo
Copy link
Member

I'm in favor of removing rstuf key

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants