►
From YouTube: SLSA Tooling Meeting (April 28, 2023)
Description
Meeting notes: https://docs.google.com/document/d/15Xp8-0Ff_BPg_LMKr1RIKtwAavXGdrgb1BoX4Cl2bE4/edit#heading=h.yfiy9b23vayj
D
D
Okay,
see
here.
B
Might
be
a
quiet
one
today,
but
I
do
think
that
there's
a
lot
of
things
on
the
1.0
stuff.
D
We
probably
want
to
get
sorted
sorted
out
here.
D
B
Yeah
so
I
mean
I
think
we
could
probably
have
a
chat
because
I
think
you're,
one
of
the
first
Hands-On
keyboard
folks
outside
of
a
handful
of
us
who've
bit.
You
know
who
joined
this
meeting
and
I
know
one
of
the
things
that
we're
looking
to
do.
D
Is
let
me
bring
this
up.
D
D
B
Okay,
so
there's
a
tracking
issue
for
a
bunch
of
projects
that
are
could
potentially
support,
salsa
1.0,
whether
it's
like
the
spec
or
or
as
a
build
system
or
or
whatever
we're
still.
You
know,
looking
to
add
more
stuff
in
there.
B
B
B
Right,
foreign.
D
B
Right
so
there
yeah
there's
a
bunch
of
there's
a
bunch
of
projects
for
salsa
1.0
support.
Some
of
them
are
just
like
the
generators
or
validators
or
verifiers,
and
those
sorts
of
things.
B
Some
of
them
are
for
build
tools
themselves
and
yeah,
so
I
think
there's
some
there's
some
stuff
on
that
end.
I
know
in
Toto,
go
Lang
recently
added
the
1.0
support
for
the
the
Providence
spec,
we're
still
looking
for
for
additional
things.
So,
if
folks
are
aware
of
any
other
tools
that
are
looking
to
support,
salsa
1.0,
like
I,
know
that
that
you
know
build
kit.
Has
you
know,
has
some
salsa
support?
B
I
know
that
you
know
there's
some
of
the
the
generators
and
verifiers
that
are
coming
out
of
some
of
the
work
that
Folks
at
Google
are
doing
and
so
yeah.
If
there's
any
other
tools
that
folks
are
aware
of,
you
know
feel
free
to
sort
of
add
them
in
there.
B
B
Yeah
feel
free
to
to
just
add
a
comment
and
I'll
add
it
to
the
list.
Okay,.
B
And
I
think
in
particular
the
big
ones
that
I
know
that
folks
are
asking
for
are
libraries
in
Toto
golang
I
think
is
a
good
start,
but
I
know
a
lot
of
folks
are
asking
for
like
hey?
Is
there
like
a
python
library?
For
you
know
the
salt
suspect
where
I
can
go
and
you
know
have
a
function
and
I
fill
in
the
blanks
and
it
you
know
it
generates
me
the
the
provenance.
That's
that's
up
to
the
spec.
B
B
One
of
the
big
things
that
folks,
and
so
if
I
take
a
step
back
actually
let
me
talk
about
some
of
the
feedback
I
had
gotten,
while
at
kubecon
about
the
salsa
1.0
stuff.
So
at
kubecon
got
a
lot
of
great
feedback
about
the
salsa
1.0.
B
About
the
salsa
1.0
release
and
and
the
a
lot
of
the
feedback
was
around
hey,
things
are
good,
but
there's
not
a
lot
of
good
examples.
There's
not
a
lot
of
tools
regarding
salsa
1.0.
B
There
was
also
a
lot
of
confusion
that
salsa
1.0
was
purely
a
SAS
kind
of
thing,
because
right
now,
I
think
the
main
thing
that
supports
it
is
GitHub
and
given
that
a
lot
of
folks
are
like
hey,
what
does
it
mean
to
be
a
salsa
compliant
build
build
tool
like
it
looks
like
there's
a
lot
of
support
for
stuff
in
GitHub,
but
there's
not
really
stuff
outside
of
that.
So
there's
some
stuff
on
that
end.
B
That
folks
are
like
asking
around
like
hey:
are
there
plug-ins
for
your
Jenkins
and
some
of
these
other
tools
that
could
help
out
here
and
and
looking
for
for
stuff
on
that
end
as
well?
Some
of
the
other
feedback.
If
I
go
back
to
the
issues
here
and
there's
an
issue
for
this,
that
I
opened
it's
number
850
and
I'll
post
it
in
chat
as
well
as
inside
of
the
meeting
notes
in
a
second.
B
So
this
issue,
based
on
some
of
the
things
so
folks,
are
very
excited
for
salsa.
No
examples
are
not
enough
examples
for
1.0
a
lot
of
folks
who
are
like
hey
I'm,
trying
to
make
my
builds
also
1.0
compliant
conform.
It
that's
missing
there
is.
There
is
still
confusion
around
the
change
to
tracks,
which
is
not
really
much
of
a
tool
issue,
but
it's
more
of
just
a
a
general
issue,
but
I
think
actually
the
change.
B
E
Yeah
I
was
going
to
go
back
to
your
SAS
comment.
There
I've
heard
that
before
from
other
people
and
where
I've
heard
it
from
is
they're
looking
at
the
hosted
requirement
where
it
says
all
bills,
desks
must
be
run
using
a
hosted,
build
platform
and
their
reading
that
to
say
that
must
be
some
kind
of
external
third-party
SAS
offering,
and
not
just
that.
It's
like
a
CI
server
that
you're
running
with
a.
D
B
Yep,
but
that
actually
brings
up
a
good
point,
because
I'm
working
with
Chris
and
and
Andrew
on
a
Blog
to
sort
of
clear
some
of
that
stuff
up
specifically
to
say
that
hosted
just
means
not
running
off
of
your
laptop
like
that.
That's
really
what
what
the
the
key
there
being
that
a
hosted
build
system
is
something
that
is
run
as
a
like
as
a
service.
Even
if
that
service
is
within
your
own
network
boundary,
that's
good
enough!
B
E
And
you've
even
got
examples
in
there
and
it
says
just
not
an
individual
workstation,
so
I
feel
like
we're
trying
to
be
clear,
but
I've
I've
definitely
heard
people
misread
that
statement
there
and
they're
trying
to
imply
that
if
you
don't
use
our
third
party
SAS
solution,
then
you're
not
salsa
and
therefore
that's
our
upsell.
For
you.
B
B
Only
SAS
is
salsa
compliant
you're,
like
actually
that's
not
the
case
and
by
stating
so
you're
being
actually
misleading
and
misrepresenting
the
open,
ssf
there.
So
that's
some
stuff
that
I
know
that
they're
they're,
also
looking
at
and
and
I
think
with
that
said,
I
also
understand
where
some
folks
are
coming
from
from
the
confusion
on
the
end
user
side,
because
they
look
at
sort
of
the
salsa
framework
and
they
look
at
like
what
repos
are
there
and
they
see
a
lot
of
the
GitHub
stuff.
B
B
You
know
like,
could
I
run
a
Jenkins
and
be
salsa
compliant,
and
how
would
I
do
that
or
how
could
I
run
something
else,
because
right
now,
I
believe
the
only
other
one
is
potentially
Fresca,
which
Fresca
I
realized
now
was
based
on.
The
changes
is
salsa
three,
as
long
as
tecton
supports
it's
also
1.0.
D
E
The
other
comment
I
heard
on
that
one
and
they're
saying
that
well,
if
you're,
not
using
some
kind
of
SAS
offering-
and
it's
just
some
person
running
it
on
their
own
CI
server,
how
can
you
verify
if
you
receive
an
artifact
from
that
third
party,
that
they
actually
did
right
on
a
secure,
build
server?
You
know
there
it's
just
their
machine
out
there.
It
might
not
be
their
laptop,
but
it's
a
machine
that
they
control
and
so
some
kind
of
check
in
their
conformance
compliance.
B
Yeah
and
and
Tom
correct
me
if
I'm
wrong,
but
I,
believe
that's
also
still
the
same
issue
anyway.
You
sort
of
look
at
it
right
like
how
do
I
know
that
that
thing
actually
came
from
GitHub.
It's
because
I
trust,
the
GitHub
oidc
and
yeah
yeah,
you
know,
and
so
so
you're
still
there's
still
some
level
of
trust
somewhere,
and
so,
if
somebody's
saying
hey
I'm,
providing
you
this
stuff,
I'm
hosting
it
myself-
and
you
know
you
have
to
trust
me
at
some
level-
that
I'm
I'm
doing
the
right
things.
B
Whether
it's
through
an
audit
or
some
sort
of
conformance
program,
I
think,
is
something
that
that
can
be
sorted
out,
but
I.
Think
at
the
end
of
the
day,
right
somebody's
gonna
say:
I
have
some
sort
of
signed
material
that
signed
material
points
to
some
sort
is
based
on
some
sort
of
identity.
And
it's
up
to
you
whether
or
not
you
you
trust
that
identity
to
be
telling
you
what
it.
You
know,
the
the
truth.
Sorry
streetpod
you've
been
you've
had
your
hand
raised
for
a
bit.
F
Well,
no,
no
way
that
is
good
discussion,
so
I
I
want
to
go
back
to
your
the
feedback
on
1.0
right,
so
you
mentioned
People
Are
People
wants
more
examples
like
give
me
Jenkins
plugins.
In
this
thing,
what
did
Kobe
I
mean
earlier
in
the
salsa?
There
was
a
agreement
that
we
won't
endorse,
any
particular
technology
or
any
particular
tool
right.
So
if
we
say
how
you
use
this
one
tecton,
and
then
you
can
that's
essentially
what
is
giving
you
1.0.
B
Well,
so
I
don't
think
the
the
idea
here
is
not
to
necessarily
endorse
any
one
tool,
but
unlike
the
cncf
which
the
cncf
is
very
like,
we
do
not
talk
about
tools.
We
just
sort
of
talk
about.
B
Open
ssf
can
talk
about
the
tools
and
we
can
say
like
hey
this,
you
know
based
on
you
know
the
community
right,
hey,
here's,
a
tool
that
that
you
know
is
salsa
well.
That
adds
itself
to
the
community
list
of
salsa
tools.
B
Right
yeah
and
with
that
said,
the
salsa
conformance
program
is
supposed
to
help
out
with
the
idea
of
saying:
can
somebody
come
in
and
say,
I'm
officially,
salsa
right
or
I
am
salsa
conformant,
you
know
and
not
just
like
yeah
we
do
salsa
stuff
right
like
that
sort
of
thing
is,
is
something
that
is
still
being
worked
out
and
my
understanding
is
that
the
tools
you
would
have
two
things
one
is
you
have
a
salsa
conformance
program
for
the
tools
and
you
also
potentially
have
a
salsa
conformance
program
for
your,
like
your
Suite
of
builds,
but
the
tool
right
is
something
like
hey.
B
Github
actions
has
some
sort
of
third-party
audit
performed
against
them
or
they
have
some
sort
of
self
attestation
where
they
go
through
and
say
here
are
the
things
we
did
who
make
us
salsa.
You
know
to
be
to
comply
with
salsa
right
to
be
a
salsa
conformant
build
system
right.
You
know
we
are
you
know
we
don't
allow
admins
to
you
know
we
don't
allow
admins
to
access
the
workloads
that
are
running
as
builds
right,
let's
something
like
that:
okay
cool!
B
So
so
you
know,
you're
not
they're,
not
worried
about
these
sorts
of
risks
and
assuming
those
things
are
good,
then
you
know:
hey,
that's
kind
of
a
salsa
conformant
build
system
whatever,
and
then
the
same
thing
goes
with
with.
B
F
I
mean
typically
that's
what
happens
with
the
all
the
federal
and
everything
right
this
when
someone
say
I,
am
this
phone
853
compliant?
They
don't
want
to
tell
it
to
us,
prove
it
to
the
end
user.
They
will
need
to
prove
it
to
the
auditor
and
once
they
get
that
certification
from
there
I
think
they
can
just
say.
Okay,
we
are
compliant.
B
And
I
think
that
sort
of
thing
is
also
something
that
is
potentially
something
interesting
is
just
like.
How
do
you
like?
What
does
that
thing?
Look
like
I
know
that
there's
the
let
me
see
if
I
have
it
and
I
spoke
to
Chris
annexic
from
cncf
about
some
of
this
as
well
there.
So
here
is
the
the
link
to
the
draft
on
the
conformance
program,
and
so
that
conformance
program.
B
The
idea
here
is
to
provide
guidelines
and
recommendations
around
and
right
now,
I
think
the
rules
aren't
actually
super
clear
outside
of
just
the
the
high
level,
like
legalese
of
like
you
can't
claim
your
salsa
compliant.
If
you
haven't
gone
through
the
conformance
program,
because
then
that's
misleading
to
folks
and
can
help
you
know,
would
dilute
the
brand
because
one
of
the
things
that
we've
also
ran
into
and
I
know.
This
is
like
not
really
interesting,
technical
stuff
right
now,
but
I'm
hoping
in
a
few
minutes
we
can
kind
of
get
to.
B
A
lot
of
folks
are,
you
know,
still
claiming
stuff
like
we're:
salsa,
five
plus
compliant
and
you're,
like
what
does
that
even
mean,
and
the
fact
that
you
were
claiming
this
like
is
misleading
folks
who
are
trying
to
adopt
salsa
and
they
go,
and
they
look
at
this
thing
and
say:
hey
they're,
salsa
level,
five,
which
is
better
than
salsa
level,
three
and
you're
like
yeah,
but
there
is
no
salsa
level,
five
they're
just
claiming
that
there
is
this
thing
and
then
also
in
many
cases.
B
A
lot
of
folks
are
saying,
like
yeah
we're
salsa
level
three,
and
then
you
actually
ask
them
questions
and
well
we're
kind
of
like
salsa
level,
two
plus
like
where
we're
almost
also
level
three
like
yeah
but
you're,
not,
and
if
you
tell
people
that
you're
salsa
level
three
and
let's
say
they
get
they
get
hit
by
a
supply
chain.
Attack
that
looks
bad
on
salsa
because,
like
hey,
we
were
salsa
level
three
and
we
were
vulnerable
to
this
attack
and
it's
like
well
because
you
actually
weren't
following
salsa
level.
B
Three
and
I
know
like
just
to
be
clear
here,
like
I
I,
recognize
that
even
if
everybody's
doing
the
right
things
via
sauce
level,
three
that
doesn't
mean
you're
immune
from
certain.
You
know
immune
from
attacks.
But
if
there
are
certain
you
know
it's
still,
you
know,
you
know
what
I
mean,
but
yeah
that
that's
kind
of
where
I
think
a
lot
of
that
is
is
is
starting
to
to
land
and
look
like.
A
I
I
I
just
do
want
to
mention
Michael
that,
like
I
I,
think
regarding
the
like,
tooling
question,
I've
I've,
seen
I've
seen
sort
of
complementary
feedback
here
here
here
internally,
like
teams
teams
that
are
going
in
there
looking
at
the
spec
and
like
they
have
an
individual
project
and
that
and
they're
they're
trying
to
figure
out
how
do
what
do
I
need
to
do
in
my
individual
project
to
like
to
be
able
to
say
that
I'm
salsa
level,
three
and
it's
like
well,
you
know
like
first
of
all,
the
best
step
is
to
like
find
a
builder
that
will
do
this
for
you
and
then
you
just
do
what
they
say
and
that
that's
definitely
an
area
of
of
maybe
not
confusion,
but
I.
A
B
Yes,
and
so
that's
actually
something
that,
from
the
tooling
end,
I
think
we
can
do
a
bit
of
a
a
better
job
at
and
that's
kind
of
where
I
think
some
of
those
libraries
come
into
play
like
for
folks
who
are
you
know
as
an
example
here
right,
I
think,
given
that
you
know
tecton
chains
right
currently
doesn't
support
V
0.2,
but
as
long
as
it
supports
the
in
Toto
goal
line,
and
they
pull
in
that
latest
one,
they
should
be
able
to
just
more
or
less
naturally
be
able
to
do
it.
B
They
just
need
to
maybe
fill
in
some
blanks
and
say,
oh
as
opposed
to
taking
this
internal
value
and
mapping
it
to
this
salsa
field.
It
maps
to
this
new
salsa
field,
whatever
stuff
like
that
I
think
is,
is
probably
is
fine
and
then
yes
for
individual
projects,
yeah
I,
think
the
largely
the
the
the
and
I
think
this
is
also
something
that
is
is
good
for
the
this.
This
document,
you
know
I,
think
describing
the
differences
between
what
tools
versus
end
users
are
responsible
for.
B
Like
I
think
that
I
think
that
thing
you
brought
up
is
is
good
because,
like
in
certain
contexts
it's
like
you
can
have
like
you
could
have
a
salsa.
You
know
you
could
have
a
compliant
build
system
not
generate
salsa
provenance
because
you're
doing
something
weird
in
your
build
or
whatever,
but
generally
I
think
the
thing
that
we've
done
with
and
which
is
also
one
of
the
reasons
why
we
had
kind
of
removed,
salsa
level
four
for
a
while.
B
It's
also
level
four
required
specific
things
to
the
project
like
in
order
to
do
a
hermetic
build.
Your
thing
needs
to
be
doing
all
these
things
before
you're,
ready
and
and
there's
certain
things
you
are
doing
within
your
build.
That
need
to
be
following
certain
rules
compared
to
like
certain
things
that
your
build
system
needs
to.
Do
you
know
you
could
have
like
a
salsa
level,
three
compliant
build.
That
is
broken
right.
B
You
know
like
that
that
is
still
malicious
or
whatever,
whereas
salsa
level,
four,
it
felt
significantly
harder
because
you
were
requiring
the
end
user
to
be
hermetic
and
re,
and
potentially
reproducible
and
yeah
yeah.
That
doesn't
mean
you
know
it
can
still
be
malicious,
but
it's
much
harder
to
say.
Oh
hey,
I
ran
this
across
multiple
things.
It's
either
the
source
code
was
malicious
or
all
of
these
different
build
systems
have
conspired
together
to
to
make
only
malicious
things.
B
So
so
that's
that's
another
thing
that
that's
a
good
point.
So
that's
so
I
guess
that
kind
of
goes
into
like
the
next
thing
here
is.
B
How
do
we
want
to
start
addressing
some
of
these
things
right,
like
do
folks
appeal
like
this
should
be
something
under
like
a
like
a
I
want
to
say
a
separate
spec
by
any
means,
but
like
a
set
of
guidelines
around
like
salsa
tooling,
because
I
some
folks
have
been
asking
like
for
also
stuff
like
that,
like
hey,
what
are
the
sorts
of
things
that
a
build
tool
should
be
doing
to
be
salsa
compliant
conformant,
like
I
know,
we
have
a
couple
of
things
in
the
spec
but
they're
very,
very,
very
high
level.
B
Some
of
it
might
be
like,
given
that,
let's
say
go
is
kind
of
the
most
popular
language
and
what
a
lot
of
folks
are
doing.
Hey.
Here's
how
you
might
do
this
in
this
particular
tool.
You
know
in
this
particular
language
or
or
something
like
that,
or
we
could
go
the
library
route
and
focus
more
on
that.
A
I,
so
I
guess
that
my
initial
thought
is
like
any
like
any
build
system,
any
CI,
CD
system
that,
like
would
like
to
produce
salsa
Providence
like
we
should
like
it,
would
be
great
if
that
were
easy
right
like
you
know,
it
would
be
great
if
there
were
a
Jenkins
plug-in
that
like
could
produce
the
provenance
sort
of
regardless
of
what
level
they
are
and-
and
then
you
know
like
maybe
like.
Why
doesn't
that
exist?
A
Is
it
because
there's
not
like
a
Java
library
that,
like
I,
don't
know
if
jenkins's
job
or
not
but
like
what?
What
what
can
we
do
there
to
make
that
work
and
I
think
once
that's
resolved,
then
like,
then?
How
do
we
move
on
to
these
other
things
like
libraries
to
you
know
like?
How
can
we
help
these
builds?
Show
that
they're
isolated
for
example?
B
So
that's
something
that
and-
and
that
might
be
something
worthwhile
as
as
another
another
blog
article
I,
think
that
one's
gonna
be
a
bit
more
in
depth
of
like
the
high
level
things
of
like
hey
if
you're
gener
like
if
you
were
a
library
that
generates
salsa
provenance
like
let's
say,
let's
separate
out
generating
and
validating
salsa
Providence
from
verifying
salsa,
Providence
right
and
I
I
use
that
as
like
validating,
is
making
sure
that
it's
compliant
with
the
spec
verifying
is
making
sure
by
compliant
with
the
spec
I
mean
the
actual
format
of
the
document
and
verifying
is
like.
B
Okay,
now
go
and
reach
out
to
the
URLs
and
and
make
sure
that
stuff
lines
up
and
hey.
If
you
get
this
back
and
you
know,
does
the
signature
match
and
all
that
good
stuff
I
think
that's
kind
of
where
a
lot
of
that
lands
and
then
separately,
I
think
from
the
build
side.
It's
like
yep
here
are
the
ways
you
might
do
some
of
these
things
and
I
don't
want
to
go
too
deep
down
the
the
rabbit
hole
on
on
a
lot
of
that.
B
I
think
the
well
on
the
you
bring
up
an
interesting
one
about
the
Jenkins
piece
because
I
think
generally,
the
problem
is
Jenkins
itself
is
going
to
be
very
difficult
inside
Jenkins
X,
which
is
based
on
tecton
and
tecton
chains
and
stuff,
like
that.
But
Jenkins
like
normal
Java
Jenkins,
is
going
to
be
difficult
to
do
much
from
the
salsa
end,
because
it's
it's
very
heavily
reliant
on
you
as
the
end
user
would
need
to
implement
this
whole
list
of
security
controls
before
your
Jenkins
could
be
possibly
considered.
B
B
One
of
the
reasons
why
you
have
something
like
salsa
is
that
is
that
you're
restricting
how
these
jobs
can
be
run
and
if
you
sort
of
let
anybody
run
a
job
in
any
way
they
want,
and
that
includes
in
completely
unrestricted,
like
hey
I'm,
running
I'm
running
this
job
on
a
VM
and
I
can
log
into
that
VM.
While
it's
running
that's
probably
bad.
A
Yeah
I
I
I
certainly
agree
with
that,
but
I
do
Wonder
like.
Is
there
Nuance
there,
depending
on
what
salsa
level
you're
trying
to
achieve
like
like?
Would
it
be
like?
Is
it
conceivable
that,
like
we,
that,
like
a
a
classic
Jenkins,
salsa,
II
or
salsa
level,
one
plug-in
could
exist
and
that
that
still
provides
value,
even
though
they're
not
at
the
like,
not
able
to
attain
the
highest
salsa
level.
B
Yeah,
so
the
thing
that's
kind
of
interesting
is
actually
we
do
have
under
the
salsa
framework,
a
I'm,
not
sure.
If
you
saw
we
have
a
Jenkins
plugin
and
it's
so
the
JK's
plugin
was
donated,
contributed
whatever
they
want
to
say
it
to
buy
Samsung,
I,
believe
and
I
believe
at
least
I
will
have
to
double
check
here.
B
It
was
by
donghee
Lee,
who
is
at
Samsung
research
yeah,
so
yeah
Samsung
had
contributed
it.
The
the
problem
is
after
they
had
contributed
it.
It
just
sort
of
is
sitting
there,
but
but
yeah
I
agree
with
you
I
think,
like
generally,
you
know,
Jenkins
could
hit
up
to
salsa
too,
because
the
only
real
requirement
is
that
you're
recording,
essentially
the
provenance
and
then
signing
it.
It
doesn't
matter
if
it's
necessarily
like
not
particularly
secure
so
yeah
that
that
thing
I
think
is.
B
Is
there
I
think
the
the
thing
that
actually
is
kind
of
interesting
is
now
that
this
sort
of
exists
within
our
space
I
do
think
that
either
we
should
keep
it
up
to
date
or
be
like
hey,
we've
decided
to
Archive
it
because
I
think
folks
might
start
saying:
hey
I
included
this
this
plug-in
and
it
doesn't
work.
B
But
it's
a
shame
that,
like
at
some
level
that
that
the
the
Samsung
folks
just
sort
of
dumped
it
in
here
and
went
all
right,
let's
do
a
problem
now.
I
doubt
that's!
Actually
the
case
is
I.
B
Just
think
that
I
know
it's
one
of
the
reasons
why
Ian
I've
been
talking
to
Ian
Lewis
about
starting
up
an
APAC
friendly
time
zone
meeting
for
this
thing,
because
there's
a
couple
of
folks
from
I'm,
not
sure
if
we've
seen
as
well
like
there's
a
tool
from
Oracle
called
macaron
I,
think
it's
called
and
macaron
is
intended
to
be
it's
written
in
Python.
B
It
generates
a
lot
of
like
salsa
reports
and
like
it
it'll
take
a
salsa
document
and
try
and
do
a
bunch
of
the
verification
and
also
in
a
very
I,
would
say
like
an
Enterprise,
friendly
sort
of
way
like
it's.
It's
very
generates
HTML
reports,
that
kind
of
thing,
but
it's
it
looks
really
cool
like
it's
it's.
Actually,
it's
actually
really
cool
I
like
what
they've
done
done
with
it.
Let
me
see
if
I
can
bring
that
up
as
well.
B
B
B
And
so
yes
tries
to
attempts
to
do
salsa,
conformance
and
they're
doing
a
whole
bunch
of
stuff
in
there
and.
B
Cool,
so
that's
that
so
I
think
the
thing
here
if
I
kind
of
go
back
through
is
so,
let
me
make
sure
I
I
have
this
correct
from
what
people
have
said
is.
B
B
D
Or
salsa
G,
generating
governance.
B
So
I
think
that's
another
thing
that
folks
are
are
looking
for
is
like
hey
example:
libraries
for
generating
validating
provenance,
build
isolation,
libraries
et
cetera,
because
I
know
that's
actually
for
parth
right
like
even
though
we
have
in
Toto
go
lying
inside
of
block
I.
Believe
like
the
idea
here
is
like
hey.
B
If
there
was
something
that
we
could
just
well,
yeah
I
guess
in
total
go
lying
is
a
good
example
of
of
that
sort
of
thing,
so
that
folks
can
sort
of
import
in
Toto
golang,
and
now
they
immediately
support
some
level
of
salsa
like
they
have
the
structs
they
need
for
for
salsa
serialization
deserialization,
but
there
might
still
be
like
some
use
and
I'll
show
off
this
tool.
If
we
have
a
little
bit
of
time
like
hey,
can
you
also
have
a
bunch
of
other
stuff
for
verification
like
macaron?
B
B
I
think
those
are
kind
of
the
three
things
like
guidelines,
example,
libraries
and
then
actual
example,
tools,
I,
think
we
have
the
example
tools,
I
just
think
we
need
some
more
that
are
yes.
Policy
management
is
another
good
one.
D
B
I
agree
on
the
tooling
to
make
policies.
That's
that's
another
important
one.
Another
important
one
which
I
have
actually
up
above,
which
is,
is
something
that
folks
have
been
asking
for
is
guidelines
tooling,
etc
for
Distributing
fossil
Providence
so
like
with
oci,
it's
kind
of
easy
just
because
you
can
bake
it
in
to
the
into
the
repo
itself,
so
via
all
the
stuff
like
the
distribution,
spec
and
and
and
all
that
good
stuff.
That
folks,
like
Brandon
Mitchell,
have
been
working
on.
B
B
In
fact,
there's
been
a
couple
of
questions
about
like
between,
like
the
ruby
gems
folks
and
the
Pi
Pi
folks,
and
the
npm
folks
are
like
how
do
we
want
to
actually
like,
if
somebody
downloads,
a
package
alongside
that
package,
if
salsa
Providence
exists,
it
should
be
downloaded
and
in
addition
to
that,
folks
also
want
to
do
stuff
like
hey
before
I
download
this
package,
and
you
see
if
there's
salsa
provenance,
download,
that's
also
provenance,
so
I
can
verify
it
before
downloading
it,
especially
given
that
how
many
of
these
packages
can
run
arbitrary
code
on
your
machine
as
part
of
the
downloading
process
that
you
know
that
that
might
be
useful
for
for
a
lot
of
folks.
B
B
Yep
they
don't
want
an
API,
they
want
more
of
like
a
hey.
Here
is
a
here's,
a
rest
endpoint,
and
so
we
can
cache
that
rest
endpoint
and
just
do
that
which
is
huge
and
then
the
other
thing
is
like
so
some
of
the
conversations
I've
had
is
like
folks
are
asking
for
something
like
something
like
guidelines
on
on
some
of
this,
because
a
lot
of
folks
are,
you
know,
you
talked
getting
folks
across
the
different
tools
to
agree
to.
Here
is
what
the
rest.
B
You
know,
here's
what
this
not
rest,
but
like
here's,
what
the
the
the
the
structure
of
the
URL
is
going
to
look
like.
You
know
something
like
even
just
saying
something
like
it
should
be
package
name,
slash
version
number,
slash
metadata,
slash,
salsa,
slash
you
know
or
whatever
that
kind
of
a
thing
is
even
just
getting
folks
to
sort
of
agree
to.
That
is
going
to
be
potentially
a
very,
very
long
journey,
because
everybody
is
doing
it
slightly
differently.
Some
folks
are
saying
hey.
B
Actually,
our
our
thing
is
not
really
HTTP
based
because
you
know
I
don't
know
like
I
think
the
baven
folks
have
have
kind
of
said.
There's,
like
you
know,
a
couple
of
quirks
as
to
how
they
do
stuff.
B
That
makes
it
very
difficult
to
just
sort
of
say
here
is
a
static
endpoint
with
this
stuff,
but
I
think
that
kind
of
thing
is
something
that
folks
are
really
really
really
looking
for,
and
I
mean
one
of
the
things
we
could
pretty
much
do
right
is
maybe
even
just
write
up
some
either
guidelines,
real,
quick
or
or
even
a
a
simple
like
hey
here's,
an
HTTP
server
that
distributes
this
stuff.
I,
don't
know
I
Tom,.
A
Yeah
yeah,
so
I
like
I,
definitely
agree.
This
is
a
really
important
problem
to
to
solve
I
like
I.
Do
wonder
what
what
people
think
about
this
I?
A
The
way
that
I've
been
thinking
about
it
is
that
there
might
like
we
might
wind
up
needing
two
like
two
ways
to
do
it
like.
There
are
a
lot
of
advantages
for
for
for
Distributing
for
Distributing
the
Providence,
like
sort
of
alongside
the
artifact,
and
the
way
that
the
ecosystem
that,
like
best,
supports
the
ecosystem,
but
then
that
doesn't
work
well
for,
like
I
found
I
found
the
package
on
my
on
my
machine.
I,
don't
know
where
it
came
from.
Please
like.
A
Please
tell
me
about
I
think
this
is
almost
art
arguing
for
a
like.
You
want
it
in
like
guac
or
something
like
that,
and
you
want
it
sort
of
in
a
canonical
location
for
for,
for
that
particular
ecosystem,
and
maybe
the
guac
can
solve
the
like,
like
this
is
the
standard
API.
B
C
You
go
well,
I
was
just
gonna
say
like
like
for
using
guac
I
think
it
makes
more
sense
like
it.
You
don't
have
to
store
the
document
anymore
right.
It's
also
attestation
generated,
because
what
can
regen
recreate
that
document
for
you
with
the
information
that
it
stores
right?
So
it's
like,
even
if
you
lose
like
so
once
it's
in
guac,
you
can
have
be
like
yeah
I
can.
If
you
need
to
recreate
the
document
again
from
right
for
that
specific
package
or
whatever
else
it
is,
then
you
can
do
so.
A
Can
you,
though,
like
can
you
recreate?
Can
you
recreate
the
signed
dizzy
and
have
the
signature
validate.
B
Yeah
yeah,
that's
definitely
something
that
yeah
yeah
yeah,
that's
something
we
are
also
looking
at
actually
alongside
guac
is
to
potentially
pull
down
those
dizzy,
signed
documents
and
have
them
in
like
a
data
store
alongside
whether
it's
just
a
file
system
or
something
else
alongside
the
actual
graph.
B
We
find
that
sometimes
having
the
unsigned
like
we
still
associate
the
information
with
identities
where
possible,
but
if
we
say
hey,
Let's
ignore
some
identities
for
a
second
and
just
say
assume.
Let
me
look
at
all
the
metadata.
What
can
I
start
to
glean
from
it?
Some
of
that
metadata
could
be
untrustworthy.
It
could
be
invalid,
it
could
be
mistaken.
There
was
a
great
kubernetes.
There
was
a
great
talk
at
kubecon
where
they
showed
off
how
s-bombs
can
be
tricked
into
generating
pretty
much
whatever
you
want.
B
S-Bomb
generation
tools
right
where
you
can
say
like
if
you
mess
with
like
the
package
database
or
you
mess
with
Etsy
release,
all
of
a
sudden
like
it
doesn't
have
a
good
way
of
knowing
what
was
actually
there,
and
so
there's
lots
of
ways
to
sort
of
trick.
These
things
and
yeah
I
agree
like
you
can't
reconstruct
the
the
document
per
se,
but
I
think
the
other
thing
that
I
think
is
interesting.
B
That
some
folks
have
begun
to
to
look
at
is
almost
like
a
taking
a
bunch
of
this
information
running
a
query
against
guac
and
then
taking
a
bunch
of
that
information
that
you
assume
is
trusted
from,
like
you
know,
you're
pulling
in
from
canonical
sources,
you're
touching
the
information
out
of
guac
and
then
taking
that
stuff
and
generating
a
new
document
that
says:
hey,
I,
I
ran
three
different
salsa
builds
here.
B
Are
the
signatures
from
those
three
salsa
things
they
all
sort
of
they
all
like
all
of
their
data
has
the
same
nodes
and
edges
right
like
they
also
say
the
same
thing:
great
cool,
I'm
gonna
have
one
more
new
document
that
says:
I
ran
salsa
against
those
three
things
they
all
conform.
Here's
you
know,
here's
the
proof
of
that
and
here's
the
location
of
those
documents
and
yeah
yeah
I.
Think
that's
that's
another
thing,
but
that's
also
I
feel
like
if
we
get
to
that
point,
we've
solved
95
of
the
problems.
B
But
yeah
I
think
I
agree
with
you
on
like
walk
and
having
some
sort
of
discovery
thing,
because
I
think
a
lot
of
folks
are
saying
this
is
where
I
think
if
guac
becomes
a
public
service
is
something
that
it'll
have
to
deal
with
is
really
talking
to
some
of
the
folks
from
ruby
gems
and
some
of
those
things
is
like
hey.
They
get
swamped
with
so
many
different
queries.
B
I
think
guac
is
a
very
specific
sort
of
query
that
you're
going
to
be
asking
it,
which
is
probably
less
complicated
like
it
might
be
like
more
efficient
than
you
know,
running
the
query
against
something:
that's
mostly
intended
to
distribute,
binaries
or
not
binaries,
but
files
and
and
that
sort
of
thing
compared
to
some
queries.
But
I
I
know
that,
like
how?
How
is
that
going
to
scale?
B
Let's
say
if,
like
all
of
a
sudden,
a
new
version
of
a
thing
comes
out
and
everybody
goes
okay,
great,
there's
a
new
version
of
a
thing
that
came
out.
You
know,
let's
just
say
you
know,
react.
For
example,
hey,
let's
see
if
there's
a
known,
salsa
attestation
for
react.
Let
me
check
guac
and
you
have
a
million
people
querying
the
public
clock
all
at
the
same
time
could
lead
to
some
issues,
but
but
we'll
we'll
get
to
that
when
we
get
to
it.
D
B
D
B
If
folks
had
a
few
minutes,
I
did
want
to
show
off
the
open
source
tool
we
I
just
released
on
some
of
the
some
of
the
stuff.
Unless
does
anybody
else?
Have
any
questions
or
comments
about
about
this?.
B
Cool
so
I'm
just
gonna,
because
I
figured
I'll
I'll
share
it
with
some
folks
just
to
to
get
feedback.
It's
very,
very,
very
early
on
and
I
know
for
a
lot
of
folks.
B
They
don't
know
rust,
so
I
I
apologize
if
if
some
of
the
stuff
in
here
is
not
particularly
clear
but
made
a
tool
called
Specter,
which
is
supposed
to
you,
know,
help
with
generating
and
an
open
source
tool
called
Specter,
which
is
intended
to
be
a
tool
for
generating
and
validating
documents
right
now,
salsa
attestations
that
are
in
in
Toto
format,
but
the
the
basic
idea
here
is.
D
Okay,
guess
not
okay,
so
I
just
Corridor
give
me
a
second
I
lost
all
my
history.
B
But
the
idea
behind
cargo
is
to
try
and
to
try
and
be
as
strict
as
humanly
possible
with
some
of
this
stuff
and
I.
Don't
know
why
yeah.
B
Right-
and
this
is
valid-
it's
also
Providence
and
it
just
says,
Hey
valid
in
total
document,
and
it
like
validates
it
quite
strictly.
So,
for
example,
if
URLs
in
the
repository
and
stuff
like
that
are
not
actual
URLs,
it
will
barf
right,
it'll
be
like
hey
this
is
you
gave
me
something
that's
supposed
to
be
a
URL
and
it's
not
a
URL
or
URI.
It's
it's
something
else,
and
if
you
get
something
that
is
supposed
to
be
a
timestamp
and
it's
not
a
timestamp
right,
it's
just
a
string
right.
B
B
Oh,
if
it's
a
string
cool
great,
but
what
we
noticed
is
like
with
especially
with
guac
as
we
start
to
ingest
a
lot
of
these
things
like
the
salsa
documents,
is
well
we're
trying
to
figure
out
if
it's
a
timestamp,
because
we're
adding
that
as
extra
metadata
in
the
guac
data
model,
and
so
if
we
start
to
get
a
ton
of
these
salsa
attestations
that
are
not
actually
valid,
they're,
mostly
valid,
and
a
lot
of
tools
will
actually
verify
that
or
validate
that
yeah
yeah,
it's
valid
because
it's
a
string.
All
of
a
sudden.
B
You
start
to
run
into
all
sorts
of
issues
with
like
okay,
I
can't
actually
parse
this
and
use
it
in
a
meaningful
way
in
a
lot
of
the
tools,
because
the
data
is
mostly
correct
but
not
completely
correct
and
so
like
in,
and
the
thing
that
I'm
looking
to
do
to
this
is
also
supposed
to
help
out
with
folks
who
are,
let's
say:
building
their
own
tools
is,
is
to
come
in
and
do
like
if
I
were
to
give
it
an
invalid
predicate
right,
it
goes
and
says:
hey,
unexpected
predicate
type.
B
You
know
salsa
provenance,
V12
right,
hey,
I,
expected
V1.
You
gave
me
v12.
B
B
Okay,
cool
well
like
the
thing
that
I'm
actually
working
on
now
is
to
try
and
make
that
a
little
bit
more
descriptive
and
so
that
it'll
display
the
document
highlight
specific
areas
like
hey
I'm,
expecting
a
build
type
and
the
build
type
should
look
like
this,
or
you
know
you
gave
me
something
that
should
have
been
a
URL
and
also
show
all
the
areas
where
that
is
right.
Now,
I
can
only
show
one
at
a
time.
B
So
if
I
update,
build
type,
it'll
just
go
to
the
next
error,
but
what
I
would
like
to
do
is
come
in
and
be
able
to
highlight
all
the
different
areas
in
red
or
whatever
of
like
hey.
This
is
missing,
or
this
is
the
wrong
type
cool
and
then,
as
folks,
are
building
out
the
tools
to
do
salsa
or
generate
verify
yayada.
They
can
come
in
and
be
like.
Oh
great,
I'm
missing
this
cool
I
can
do
that
and
then
also
because
this
could
be
easily
be
a
library.
B
Other
folks
who,
let's
say,
are
writing
rust
rules
can
come
in
look
at
the
provenance
strucks
and
be
able
to
say,
okay,
you
know,
salsa
Providence
V1
predicate
consists
of
a
build
definition
of
Run
details
right.
That's
it
right!
That's
those
are
the
two
things
in
the
provenance
spec.
If
we
go
up
a
level
to
the
actual
in
total
spec,
the
in
total
spec,
you
know
expects
a
oh.
Actually.
B
B
Any
num,
which
consists
of
a
social
problem
is
V1,
but
we
can
have
all
sorts
of
other
stuff
in
there
like
VSA
and
Vex,
and-
and
you
know
whatever
else,
that
comes
out
of
a
lot
of
these
things
that
that
are
getting
built
out
and
then
be
able
to
kind
of
help
out
in
generating
that
and
then
of
course,
over
time.
We
could
also
begin
to
add
in
like
verification
as
well.
B
For
this
and
I
think
this
sort
of
thing
is
has
helped
out
a
lot
in.
You
know,
starting
to
also
generate
like
test
data,
for
salsa
attestations
like
I
can
start
to
create
all
sorts
of
fuzz
data
and
be
able
to
start
testing
out
stuff
like
hey
I,
can
ingest
a
ton
of
stuff
and
took
walk
and
see
what
happens
anyway.
That
that's
I
know
it's
it's
very,
very,
very
early
on,
but
that's
kind
of
the
the
general
gist
of
it
and
yeah.
A
I
mean
I
can
just
say
it
like.
This
is
great.
It's
definitely
something
that,
like
we've
seen
some
of
our
users
want.
Is
there
does
it
already
or
are
there
plans
for
it
to
also
be
able
to
like
validate
the
the
The
Dizzy
that
it's
like
signed,
oh
in
a
standardized
way,
Etc
yeah.
B
The
idea
is
to
use
at
least
for
right
now
integrate
with
six
door,
rust,
yep
and
the
other
thing.
That's
kind
of
neat
which
I'm
trying
to
explore
is
apparently
this,
because
I
I've
done
a
lot
of
stuff
with
rusted
wasm
before
this
should
just
support.
Wasm
and
I
know
six
door.
B
Rust
also
supports
Blossom,
mostly
there's
some
a
couple
of
things
that
it
probably
needs
to
still
do,
but
so
I
think
there's
a
lot
of
areas
where
this
could
just
also
just
work
in
a
lot
of
different
environments,
but
yeah
yeah.
The
idea
is,
is
to
also
support
the
Disney
envelope
to
support
potentially
other
attestation
types
and
then
also
be
you
know
when
we
start
to
build
out
that
salsa
like
source
attestation
right
so
you
know
Source
provenance
attestation
or
whatever
you
want
to
call
it.
B
That
kind
of
thing
would
be.
It
would
probably
be
able
to
support
that
as
well
and
then
some
of
the
other
tooling
building
around
it
is
like
probably
go
in
and
verify
right,
hey,
I
know
this
is
actually
a
URL,
treat
it
like
a
URL
and
actually
go
in
and
try
and
resolve
some
of
the
things
in
there
as
well,
and
then,
of
course,
over
time
we
can
kind
of
like
make
it
more
generic
and
and
support
arbitrary
kind
of
things
that
come
in
because
I
know.
B
Another
thing
that
I
think
has
been
brought
up
is
hey.
Could
something
could
something
like
this
pull
in
the
build
definition
at
run
time
like
pull
in
the
build
definition
spec
at
runtime
like
what
you
know?
What
does
you
know
as
an
example
here,
like
the
the
npm,
reusable
workflow
coming
out
of
Google
will
say
here's
what
the
build
definition
should
look
like
great
I,
see
that
this
is
npm
I,
see
that
it
goes
to
this
URL
I,
see
that
you
know.
B
Let
me
pull
in
that
spec,
which
I
know
right
now
is
supposed
to
be
human
readable,
but
like
we
might
be
able
to
have
both
right.
Some
sort
of
human,
readable,
spec
and
a
machine,
readable,
spec
and
then
at
runtime
just
be
able
to
pull
that
in
and
validate
and
then
with
certain
you
know,
you
know
well-known
types
we
can
easily.
You
know,
compile
it
beforehand
and
and
have
a
strict
sort
of
compile
side
typing
and
you
know,
compile
type
typing
and
all
that
good
stuff.
B
B
Being
you
know,
folks
are
asking
for
a
something
akin
to
could
I
run
a
GitHub
action
and
you
can
run
GitHub
actions
locally,
but
can
I
run
some
sort
of
build
where
I
have
some
code
to
run,
let's
say
a
container,
but
the
idea
here
is
I'm,
going
to
run
a
build
container
very,
very
specifically,
right
I'm,
going
to
have
a
build
system
that
can
only
run
containers
that
are
very
secure,
just
just
as
an
example
there
right
and
if
I
could
do
that,
then
and
I
can
sort
of
be.
B
That
should
be
falsa
compliant
right,
like
the
you
know,
so
allowing
folks
who
are
using
Jenkins
to
say
look
I'm
not
going
to
provide
you
salsa
provenance
for
your
entire
pipeline,
but
for
the
compilation
step
you
run
it
here
and
I'll.
Do
it
and
I
think
that
kind
of
thing
is,
is
something
that
you
know
a
lot
of
folks
have
been
asking
for
and
we're
starting
to
take
a
look
at
over
at
kasari
and
plan
to
open
source
as
well.
A
That
that
sounds
like
I,
wonder
if
there's
any
overlap
there
with
what
with
what
project
Oak
is
is,
is
trying.
D
A
Yeah,
let
me
let
me
drop
it
in
the
chat,
so,
if
I
understand
correctly,
which
I
may
not,
the
idea
is
that
it
uses
like
the
Intel
or
AMD
integrated,
TPM
to
say,
I
ran
exactly
this
workload
and
then
your
root
of
trust
winds
up
being
like
Intel,
or
something
like
that,
which
is
already
in
your
which
you
already
have
to
trust
anyways,
and
so
that
seems
it
seems
like
it
might
get
you
to
the
point
where
it's
like
I
did
run
this
on
my
laptop
and
that's
fine.
B
Oh
yeah
yeah,
this
actually
looks
exactly
what
I've
been
trying
to
look
for
and
I
couldn't
find
anything
outside
of
there's
like
a
thing
called
Kata
containers,
which
is
also
looks
really
cool,
but
the
problem
with
Kata
containers
I
found
is
that
the
documentation
is
very
much
like
here's.
Just
this
gigantic
API
now
go
wild
and
it's
like
I
I
just
need
to
have
something
to
potentially
run
a
container
via
like
Yep
this.
B
This
actually
looks
a
lot
of
you
know
like
what
I'm
looking
for
right,
where,
where
you
you
want
to
have
a
couple
of
different
mechanisms.
One
is
you
want
to
have
the
TPM
mechanism
where
you
could
potentially
do
the
instrumentation
to
say:
hey
am
I
running
only
the
approved
workload
and
then
secondarily,
I
think
there's
also
some
interesting
stuff
happening
in
that
trusted
execution,
secure,
Enclave,
whatever
you
want
to
call
it
space.
Where
could
I?
B
B
Look
I
can't
give
you
my
code
in
the
clear,
but
if
you
ran
this
on
my
behalf
in
a
trusted
execution
environment
where
you
know
via
an
audit
or
whatever
you
could,
you
know,
and
then
I
know
that
hey
the
you're
essentially
giving
me
code
that's
encrypted
with
a
key
and
that
key
is
only
stored
inside
the
the
TPM.
You
know
the
other
side
of
the
decision
side
can
only
be
stored
inside
the
TPM,
then
yeah.
That's
that's
awesome
that
you
know.
B
I,
think
that
kind
of
thing
is
is
something
that
folks
are
are
definitely
interested
in
and
yeah.
This
is
I.
Have
it
I
hadn't
heard
of
this
before
today,
I've
been
I
need
to
I.
Think
up
my
Google
food
because
I
did
not
see
see
any
of
this,
but
this
actually
looks
really
really
cool
yeah.
Thanks
for
pointing
be
in
the
right
direction
here,.
A
So
I
I
know
a
lot
of
people
internally
that
are
working
on
this.
If
you
wind
up
needing
like
a
like
a
meeting
or
whatever,
to
see
what
they
have
planned.
Certainly,
certainly
let.
A
Though,
hopefully
they're
they're
they're,
responsive
by
the
public
channels,
yeah.
A
All
right,
I've
I've
got
to
run
this
upgrade.
Oh
yeah.