Brainstorming: Cosign v3

[haydentherapper]

Description

We've begun brainstorming what changes we'd like to make as part of the next major release of Cosign. We've been working on a number of related issues over the last year, tagged "pre-theseus", to modernize Cosign and bring it into conformance with newer Sigstore SDKs and clients that implement the Sigstore client specification. The next major release of Cosign, Cosign v3, will continue our modernization efforts.

We've copied in the notes from our most recent brainstorm, outlining the changes we'd like to make, to be formalized later on. Please chime in with thoughts or concerns! If you're interested in discussing Cosign v3, come join our bi-weekly discussions on Thursdays at 1pm PST/4pm EST, on the Sigstore community calendar.

---

• Default to using the bundle protobuf specification
  • Drop support for blob / attestations using old format
  • Review tooling to migrate old bundles to new format - issue. There is currently cosign bundle create.
    • https://github.com/sigstore/cosign/blob/main/cmd/cosign/cli/verify/verify_bundle.go#L127-L174
  • Allow containers to use old format with special flag
    • Container "bundle" doesn't have an upgrade CLI tool today
      • This isn't just a format change, it also involves the referrer spec and what we're signing over
      • Representation of Container Image Signature Bundles as OCI Artifacts #3927 for containers with signatures as OCI artifacts
  • Default to using trusted root verification material
    • Drop support for providing verification material any other way
  • Review existing subcommands and eliminate most of them
    • Container manipulation commands should move to crane
    • Things outside of blobs / attestations / container images should be removed
  • Dropping support for online Rekor verification
    • Verification path -> just sigstore-go?
      • Yes please! cosign v2.4.0 has been using sigstore-go for trusted root verifications without any users reporting issues
  • Signing changes
    • Use sigstore-go for signing! This isn't top priority, but it adds features like support for signing config.
    • For container signing we'll have to do some surgery around how cosign handles signing today
    • Add cosign signing-config create
  • cosign as an API?
    • Eh, maybe in v4; use sigstore-go for now
    • Maybe it's not much work and we could squeeze it into v3?
    • cosign has nice container features over sigstore-go that people might want to use as a library
      • We could refactor cosign so that the container parts are a library that other Go projects can easily use
      • Model signing is very similar - it mostly gets the digest from the model, and uses existing tools to do the actual signing
  • Rethinking how cosign behaves with attestations
    • Cosign support for SLSA Source Track · Issue #4210
    • Remove the SBOM and SLSA provenance specific implementation
    • There isn't an easy way to create in-toto attestations in Go today
      • Tiny tools!
      • See things like https://gitlab.com/components/slsa/-/blob/main/templates/provenance-verifier.yml#L106-146
  • What are the cosign v3 user journeys?
    • Why should people adopt it?
    • How are we making people's lives easier?

[cmurphy]

• Drop support for TUF v1 client and disparate key material
• Drop support for verifying detached SCTs