stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

license switch agpl -> busl1, sprints work, new product advisories

Browse Source
This commit is contained in:
master
2026-01-20 15:32:20 +02:00
parent 4903395618
commit c32fff8f86
1835 changed files with 38630 additions and 4359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/modules/attestor/rekor-verification-design.md
View File

@@ -432,25 +432,22 @@ In tile-based logs, the Merkle tree is stored in fixed-size chunks (tiles) of 25
#### 3.4.2 Log Version Configuration
StellaOps supports automatic version detection and explicit version selection:
StellaOps supports automatic selection and explicit version selection:
```csharp
public enum RekorLogVersion
{
Auto = 0, // Auto-detect based on endpoint availability
V1 = 1, // Traditional Trillian-based Rekor (API proofs)
Auto = 0, // Auto-selects v2 tiles
V2 = 2 // Tile-based Sunlight format
}
```
**Version Selection Logic:**
| Version | PreferTileProofs | Result |
|---------|------------------|--------|
| V2 | (any) | Always use tile proofs |
| V1 | (any) | Always use API proofs |
| Auto | true | Prefer tile proofs if available |
| Auto | false | Use API proofs (default) |
| Version | Result |
|---------|--------|
| V2 | Always use tile proofs |
| Auto | Always use tile proofs |
#### 3.4.3 Checkpoint Format
@@ -577,14 +574,12 @@ attestor:
rekor:
primary:
url: https://rekor.sigstore.dev
# Version: Auto, V1, or V2
# Version: Auto or V2
version: Auto
# Custom tile base URL (optional, defaults to {url}/tile/)
tile_base_url: ""
# Log ID for multi-log environments (hex-encoded SHA-256)
log_id: "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"
# Prefer tile proofs when version is Auto
prefer_tile_proofs: false
```
**Environment Variables:**
@@ -592,10 +587,9 @@ attestor:
```bash
# Rekor v2 Configuration
REKOR_SERVER_URL=https://rekor.sigstore.dev
REKOR_VERSION=Auto # Auto, V1, or V2
REKOR_VERSION=Auto # Auto or V2
REKOR_TILE_BASE_URL= # Optional custom tile endpoint
REKOR_LOG_ID=c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d
REKOR_PREFER_TILE_PROOFS=false
```
#### 3.4.8 Offline Verification Benefits