validate functions, specifically key validations #68
Labels
enhancement
New feature or request
Comments
|
Some discussion around validation functions took place in #56 (comment) and #56 (comment), and in inline comments of #56 (review). There is also to be learned from the issues with the type/format validation facility of the in-toto reference implementation: secure-systems-lab/securesystemslib#183 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of issue or feature request:
Right now, most or even all of our validate functions in the
model.gofile are unexported.It needs to be discussed, if we want to export these functions or if we only want to use them internally.
Furthermore the validateKeyVal function is not being used right now, because most of the functionality
is already being covered by internal code in the GenerateSignature, ValidateSignature and LoadKey functions.
We also might want to talk about key validation in general. Are we happy with the current approach? Should
we do it differently? What requirements do we have on a valid key actually? What kind of mistakes are forgivable?
When is a key definitely invalid?
I would also like to use this issue to highlight a small nit: Right now, we are mixing the words validation and verification
in many places. Might make sense to use these words in different situations and keep the wording consistent.
The text was updated successfully, but these errors were encountered: