SCITT Interim WG meeting (01/23)  
Chairs: Hannes Tschofenig and Jon Geater  
Note takers: Kiran Karunakaran, Brian Knight, Kay Williams

Topics:  
Sigstore Presentation- Joshua Lock and Zachary Newman  
Link:
https://docs.google.com/presentation/d/1h88-zgs7OvwBnJpijN4jYa7-eyPKumAIif1L51azNIM/edit#slide=id.p

Sigstore- sign, verify and protect software  
Easy to use, visible infrastructure  
User (developer,machine) authenticate (OpenID, SPIFFE, DIDs?), Sigstore
(CT log Fulcio) provides a X.509 signing cert which is ephemeral (10
mins)  
Rekor is the artifact log (Signatures and metadata)  
Working together with SCITT- leverage mailing list to iron out technical
differences

Ray: How can you monitor with ephemeral nature? Can someone use the
login and compromise security?  
Zack: We have to balance expiration with validity and longevity.
Timestamp along with signature, artifact will be provided to the user to
make the decision  
Ray: Identity could be a concern here. Bar is lower  
Zack: External policies should figure out if the identity is strong or
not  
Roy: Timestamp model is not enough for notarization. How does it fit?  
Zack: Anything that goes in Sigstore log will have identity and
timestamp. Ownership of identity is delegated to the identity provider
(OIDC).  
Henk: tsa/tst support for cose-
https://www.ietf.org/archive/id/draft-birkholz-cose-tsa-tst-header-parameter-00.html

Roy: Authenticode case, is predicated on standard CA (for money)
certificates. The certificates can be validated for a longer period, but
run into all the problems that Zach\\Joshua mentioned. The problem I see
ahead of us is identity correlation. A bucket of certificates and
associating them based on dn as being == is potentially very weak.  
Authenticode is documented
https://learn.microsoft.com/en-us/windows-hardware/drivers/install/authenticode

Carl: part of the problem with code signing is lack of constrain on use
of a key. Identity verification does not limit how the key is used to
verify code though. It just shows whose key was stolen. The value of a
stolen key would be less if key was less useful in broad sense  
Zack: Log is pluggable (different format, signatures or other content..)

Cedric: Goals for transparency maybe different. SCITT does not require
consolidation with timestamp. Policies are applied beforehand in SCITT
as part of notarization. There are layers to solution and this is a
start  
Zack: Narrow trust- Trust only CAs for signature, Trust only log for
timestamp  
Dick: Does Fulcio have a signing service documentation?   
Zack: No RFC style doc but there are documents that Sigstore will share 

Dick: How do I sign/search signatures? would like to test it out.  
Zack: use the hash to search.   
Olle: https://docs.sigstore.dev/rekor/verify-release/  
Charlie: need to figure out how to be interoperable. SCITT seems more
rigor from a policy standpoint while Sigstore is lightweight easy to use

Hannes: We'll discuss terminology and use case documents next session