Skip to content

Commit

Permalink
Addressed feedback from Feynman
Browse files Browse the repository at this point in the history
Signed-off-by: Roseline <[email protected]>
  • Loading branch information
Roseline-Bassey committed Sep 11, 2023
1 parent 139b720 commit 981e278
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 8 deletions.
8 changes: 4 additions & 4 deletions content/en/docs/faq.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ The following registries are compatible with Notation for artifact signing and v

**Q: Why JWT `exp` and `iat` claims are not used?**

**A:** Unlike JWT which always contains a JSON payload, Notation envelope can support payloads other than JSON, like binary. Reusing the JWT payload structure and claims, limits the Notation JWS envelope to only support JSON payload, which is undesirable. Also, reusing JWT claims requires following same claim semantics as defined in JWT specifications. The [`exp`](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4) claim requires that verifier MUST reject the signature if current time equals or is greater than `exp`, where as Notation allows verification policy to define how expiry is handled.
**A:** Unlike JWT which always contains a JSON payload, the Notary Project signature envelope can support payloads other than JSON, like binary. Reusing the JWT payload structure and claims, limits the Notary Project signature JWS envelope to only support JSON payload, which is undesirable. Also, reusing JWT claims requires following the same claim semantics as defined in JWT specifications. The [`exp`](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4) claim requires that the verifier MUST reject the signature if the current time equals or is greater than `exp`, where as Notation allows verification policy to define how expiry is handled.

## Signature specification

Expand Down Expand Up @@ -56,12 +56,12 @@ This has implication such as an end user with CA issued certificate can masquera

## Trust store and trust policy

**Q: Does Notation Specification supports `n` out of `m` signatures verification requirement?**
**Q: Does Notation supports `n` out of `m` signatures verification requirement?**

**A:** Notation Specification doesn't support `n` out of `m` signature requirement verification scheme.
**A:** Notation doesn't support `n` out of `m` signature requirement verification scheme.
Signature verification workflow succeeds if verification succeeds for at least one signature.

**Q: Does Notation Specification support overriding of revocation endpoints to support signature verification in disconnected environments?**
**Q: Does Notation support overriding of revocation endpoints to support signature verification in disconnected environments?**

**A:** TODO: Update after verification extensibility spec is ready.
Not natively supported but a user can configure `revocationValidations` to `skip` and then use extended validations to check for revocation.
Expand Down
6 changes: 3 additions & 3 deletions content/en/docs/notary-specification.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
---
title: "Notary project specifications and requirements"
description: "Notary project specifications and requirements"
title: "Notary Project specifications and requirements"
description: "Notary Project specifications and requirements"
type: docs
weight: 6
---

More information on the specifications, requirements, and other details about the Notary project can be found in the [Specification repository](https://github.com/notaryproject/specifications/tree/main).
More information on the Specifications, requirements, and other details about the Notary Project can be found in the [Specification repository](https://github.com/notaryproject/specifications/tree/main).
2 changes: 1 addition & 1 deletion content/en/docs/user-guides/_index.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
title: User-guides
title: User guides
description: The collection of guides for Notation users
weight: 4
---

0 comments on commit 981e278

Please sign in to comment.