PEP 761: Add notes for Cosign and offline verification (#4055)

Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
This commit is contained in:
Seth Michael Larson 2024-10-15 15:40:15 -05:00 committed by GitHub
parent acf58098a1
commit b0f655b890
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 51 additions and 3 deletions

View File

@ -207,9 +207,57 @@ During the `pre-PEP discussion <https://discuss.python.org/t/pre-pep-discussion-
there was a question of whether offline verification was supported by
Sigstore. Using a Sigstore bundle (:file:`.sigstore`) file, `Sigstore clients
support verifying the artifact completely offline <https://discuss.python.org/t/pre-pep-discussion-stop-providing-gpg-signatures-for-cpython-artifacts/65058/9>`_.
When in offline mode, Sigstore can't verify whether a signature has been
revoked. This is a similar restriction to PGP key revocations not being
detectable during offline verification.
Using offline verification with Sigstore requires disabling root of trust
updates and "pinning" a root of trust in a file to use during verification.
Pinning a root of trust means signatures made after a *new* root of trust
is established would no longer be able to verify using a "pinned" previous
root of trust. New roots of trust are expected to be rare events, such as
when the root of trust is compromised, and in this case verifiers would
want signatures to fail to verify.
Offline verification also makes revocation checks impossible, but this
is similar to PGP's model where revocation of keys requires an online lookup.
Barring rare events like root of trust compromise, using offline verification
with Sigstore doesn't impose additional operations requirements to verifiers.
Support for a pre-compiled executable for verification
------------------------------------------------------
During discussion there were requests for a pre-compiled executable that could
be used for verifying Sigstore bundles without needing to either install
a Go build toolchain to build `sigstore-go <https://github.com/sigstore/sigstore-go>`_
from source or already have a working Python installation for
`sigstore-python <https://github.com/sigstore/sigstore-python/>`_.
`Cosign <https://github.com/sigstore/cosign/>`_ is another Sigstore project
that provides pre-compiled standalone binaries and supports verifying bundles
offline:
.. code-block::
# Download Cosign
wget https://github.com/sigstore/cosign/releases/download/v2.4.1/cosign-linux-amd64
# For offline verification, also need the Root of Trust. Can be grabbed
# from GitHub at: https://github.com/sigstore/root-signing/blob/main/targets/trusted_root.json
wget https://raw.githubusercontent.com/sigstore/root-signing/refs/heads/main/targets/trusted_root.json
# Download CPython artifacts
wget https://www.python.org/ftp/python/3.13.0/Python-3.13.0.tgz
wget https://www.python.org/ftp/python/3.13.0/Python-3.13.0.tgz.sigstore
./cosign-linux-amd64 verify-blob \
--new-bundle-format \
--certificate-oidc-issuer 'https://accounts.google.com' \
--certificate-identity 'thomas@python.org' \
--bundle ./Python-3.13.0.tgz.sigstore \
# --offline and --trust-root optional for offline verification
--offline \
--trust-root ./trusted_root.json \
./Python-3.13.0.tgz
Copyright
=========