Skip to content

docs: Add how-to guide for verifying with Sigstore #1061

Closed
Closed
docs: Add how-to guide for verifying with Sigstore#1061
Labels
area/documentationDocumentation relatedarea/ipceiImportant Project of Common European Interestkind/tasksmall task, normally part of feature or epic
Milestone
2026-Q2
@morri-son

Description

@morri-son
morri-son
opened on May 7, 2026

Description

Add a how-to guide to the OCM website for verifying OCM component versions signed with Sigstore.

Scope:

  • content/docs/how-to/verify-with-sigstore.md (NEW)
    • Online verification with public key
    • Offline/air-gapped verification via trusted_root_json
    • Identity verification (issuer + SAN)

Done Criteria

  • How-to exists on the website
  • Covers online and offline verification
  • Code reviewed by other team members

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/documentationDocumentation relatedarea/ipceiImportant Project of Common European Interestkind/tasksmall task, normally part of feature or epic

    Type

    No type

    Projects

    OCM Backlog Board

    Status

    🔍 Review

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions