Giter Site home page Giter Site logo

Notary Project Specifications

This repository is in active maintenance and contains specifications shared across repositories under Notary Project as well as used by other open source projects and/or vendor tools that want to interoperate with Notary Project tooling.

Please see the Notary Project README file to learn about overall Notary Project.

In this README

Folder Structure

Folder Name Description
media Media files referenced by documents in this repository
requirements Requirements for Notary Project
security Notary Project security related documents and reports
specs Notary Project specifications
status-updates This folder is not in active maintenance and contains status updates report for Notary Project
threatmodels Threat models for repositories under Notary Project

Requirements

File Name Description
definitions-terms.md A collection of definitions and terms used within this repository
key-revocation.md Requirements and proposals for key revocation
keymanagementrequirements.md Requirements for key management
requirements.md A collection of requirements and scenarios for Notary Project
scenarios.md Notary Project signing scenarios
verification-by-reference.md Requirement of verification by reference

Security Documents

File Name Description
ADA-notation-security-audit-23.pdf Security audit report in 2023 covering notation, notation-go, and notation-core-go repositories
ADA-fuzzing-audit-22-23.pdf Fuzz testing audit in 2023 covering notary, notation-go, and notation-core-go repositories

Specifications

File Name Description
plugin-extensibility.md Notation Plugin specification
signature-envelope-cose.md Notary Project OCI COSE signature envelope
signature-envelope-jws.md Notary Project OCI JWS signature envelope
signature-specification.md Notary Project OCI signature specification
signing-and-verification-workflow.md Notary Project OCI signing and verification workflow
signing-scheme.md Notary Project signing scheme
trust-store-trust-policy.md Notary Project Trust Store and Trust Policy

Threat Models

File Name Description
notation-threatmodel.md Threat models for Notation CLI

Community

If you have any questions about Notary Project or contributing, do not hesitate to file an issue on relevant repository or contact the Notary Project maintainers and community members via the following channels:

Notary Project's Projects

.github icon .github

Organization-wide repository for common governance documents.

meeting-notes icon meeting-notes

An archive of notes captured at https://hackmd.io/_vrqBGAOSUC_VWvFzWruZw?view

notary icon notary

Notary is a project that allows anyone to have trust over arbitrary collections of data

notation icon notation

A CLI tool to sign and verify artifacts

notation-core-go icon notation-core-go

Contains support for Notary Project signature envelope, and format specific implementation

notation-go icon notation-go

A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.

tspclient-go icon tspclient-go

Golang implementation of the Time-Stamp Protocol (TSP) client as specified in RFC3161

tuf icon tuf

The Update Framework for OCI Registries

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.