Allow for Regex in CertSubjectEmailVerifier #299
Labels
enhancement
New feature or request
Comments
dave-tucker
added a commit
to dave-tucker/sigstore-rs
that referenced
this issue
Sep 18, 2023
This allows for either an exact match (via StringVerifier) or it allows for a regular expression match (via RegexVerifier). This supports the use case of trusting signatures from a collection of email addresses e.g .*@redhat.com and or from a collection of issuers. Fixes: sigstore#299 Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
dave-tucker
added a commit
to dave-tucker/sigstore-rs
that referenced
this issue
Sep 18, 2023
This allows for either an exact match (via StringVerifier) or it allows for a regular expression match (via RegexVerifier). This supports the use case of trusting signatures from a collection of email addresses e.g .*@redhat.com and or from a collection of issuers. Fixes: sigstore#299 Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
dave-tucker
added a commit
to dave-tucker/sigstore-rs
that referenced
this issue
Sep 20, 2023
This allows for either an exact match [StringVerifier::ExactMatch] or it allows for a regular expression [StringVerifier::Regex] This supports the use case of trusting signatures from a collection of email addresses e.g .*@redhat.com and or from a collection of issuers. Fixes: sigstore#299 Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
In the
cosignbinary you can use--certificate-identity-regexpand--certifcate-oidc-issuer-regexto provide a regular expression for identity (email) or issuer. It would be great if we can do this from sigstore-rs also.The text was updated successfully, but these errors were encountered: