Behavior of VerifyOptions.MaxSignatureAttempts
patrickzheng200 opened this issue · comments
This issue tracks the behavior of VerifyOptions.MaxSignatureAttempts during notation.Verify(). As of 11//22/2022, we will have the following logics:
- Default of VerifyOptions.MaxSignatureAttempts is 0, when a user decides to use default, notation.Verify() would verify unlimited number of signatures associated with the artifact.
- User gives a positive number to VerifyOptions.MaxSignatureAttempts, notation.Verify() would verify at most VerifyOptions.MaxSignatureAttempts number of signatures associated with the artifact.
- User gives a negative number to VerifyOptions.MaxSignatureAttempts, same behavior as case 1.
@shizhMSFT @yizha1 @priteshbandi @rgnote Please leave your concerns/comments/suggestions if there's any.
Should we use 0 and -ve to default for unlimited or user can pass math.MaxInt64
which is unlimited for all practical purpose?
If we use later, it simplifies our code logic and makes it more readable for caller
Closed this issue since we decided to not make change to current behavior in notation-go. In notation CLI, we will pass in a large number such as math.MaxInt64
as unlimited.