31 lines
1.5 KiB
Markdown
31 lines
1.5 KiB
Markdown
# Mirror DSSE Revision Contract
|
|
|
|
## Module
|
|
AirGap
|
|
|
|
## Status
|
|
PARTIALLY_IMPLEMENTED
|
|
|
|
## Description
|
|
Defines the DSSE signing contract revision for mirror bundles, specifying envelope format, digest algorithm choices, and manifest inclusion rules for air-gapped import verification. Implementation is coordination-level (docs + scripts).
|
|
|
|
## What's Implemented
|
|
- DSSE envelope signing/verification infrastructure: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/DsseEnvelope.cs`, `DsseSignature.cs`
|
|
- DSSE verification step: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/DsseSignatureVerificationStep.cs`
|
|
- Importer DSSE parsing: `src/AirGap/StellaOps.AirGap.Importer/Reconciliation/Parsers/DsseAttestationParser.cs`
|
|
- Bundle library with manifest support: `src/AirGap/__Libraries/StellaOps.AirGap.Bundle/`
|
|
- SPDX3 DSSE signing: `src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/DsseSpdx3Signer.*.cs`
|
|
- Source: SPRINT_0150_0001_0001_mirror_dsse.md
|
|
|
|
## What's Missing
|
|
- The mirror-specific DSSE revision contract (specifying envelope format, digest algorithm choices, manifest inclusion rules for mirror bundles specifically) may need formalization as a versioned contract document
|
|
- Mirror-specific DSSE tests are referenced in TASKS.md files but may not be complete
|
|
|
|
## Implementation Plan
|
|
- Formalize mirror DSSE contract as versioned specification
|
|
- Add mirror-specific DSSE validation tests
|
|
- Verify digest algorithm choices are consistent across mirror pipeline
|
|
|
|
## Related Documentation
|
|
- Source: SPRINT_0150_0001_0001_mirror_dsse.md
|