Description

Sigstore's TUF layout historically has used a collection of target files, along with custom metadata to represent the valid key material for Fulcio, Rekor, and the CT Log. More recently, a new specification has been accepted, the TrustedRoot data structure, which combines these keys into a single message/filetype, independent of TUF, and available as a target in the Sigstore root TUF: trusted_root.json.

This helps with simplicity and portability, and adds explicit date ranges so that keys may be rotated. This format is in broad use across language-specific Sigstore clients, such as sigstore-js, sigstore-go, and sigstore-python (et al.).

As part of an effort to modernize the Policy Controller, I propose that SigstoreKeys be replaced with the TrustedRoot type. This is not my idea: the comments indicate that @vaikas intended to follow up with this.

This will pave the way for integration with sigstore-go to verify the Sigstore Bundle, as part of a broader initiative to use Sigstore Bundles as the common format for encapsulating attestations, signatures, and related key/transparency material, as described in Sigstore Bundle as OCI Artifact.