►
From YouTube: SLSA Tooling Meeting (April 28, 2023)
Description
Meeting notes: https://docs.google.com/document/d/15Xp8-0Ff_BPg_LMKr1RIKtwAavXGdrgb1BoX4Cl2bE4/edit#heading=h.yfiy9b23vayj
D
D
B
D
D
B
B
D
D
B
B
Some
of
them
are
for
build
tools
themselves
and
yeah,
so
I
think
there's
some
there's
some
stuff
on
that
end.
I
know
in
Toto,
go
Lang
recently
added
the
1.0
support
for
the
the
Providence
spec,
we're
still
looking
for
for
additional
things.
So,
if
folks
are
aware
of
any
other
tools
that
are
looking
to
support,
salsa
1.0,
like
I,
know
that
that
you
know
build
kit.
Has
you
know,
has
some
salsa
support?
B
D
B
And
I
think
in
particular
the
big
ones
that
I
know
that
folks
are
asking
for
are
libraries
in
Toto
golang
I
think
is
a
good
start,
but
I
know
a
lot
of
folks
are
asking
for
like
hey?
Is
there
like
a
python
library?
For
you
know
the
salt
suspect
where
I
can
go
and
you
know
have
a
function
and
I
fill
in
the
blanks
and
it
you
know
it
generates
me
the
the
provenance.
That's
that's
up
to
the
spec.
B
B
B
There
was
also
a
lot
of
confusion
that
salsa
1.0
was
purely
a
SAS
kind
of
thing,
because
right
now,
I
think
the
main
thing
that
supports
it
is
GitHub
and
given
that
a
lot
of
folks
are
like
hey,
what
does
it
mean
to
be
a
salsa
compliant
build
build
tool
like
it
looks
like
there's
a
lot
of
support
for
stuff
in
GitHub,
but
there's
not
really
stuff
outside
of
that.
So
there's
some
stuff
on
that
end.
B
That
folks
are
like
asking
around
like
hey:
are
there
plug-ins
for
your
Jenkins
and
some
of
these
other
tools
that
could
help
out
here
and
and
looking
for
for
stuff
on
that
end
as
well?
Some
of
the
other
feedback.
If
I
go
back
to
the
issues
here
and
there's
an
issue
for
this,
that
I
opened
it's
number
850
and
I'll
post
it
in
chat
as
well
as
inside
of
the
meeting
notes
in
a
second.
B
So
this
issue,
based
on
some
of
the
things
so
folks,
are
very
excited
for
salsa.
No
examples
are
not
enough
examples
for
1.0
a
lot
of
folks
who
are
like
hey
I'm,
trying
to
make
my
builds
also
1.0
compliant
conform.
It
that's
missing
there
is.
There
is
still
confusion
around
the
change
to
tracks,
which
is
not
really
much
of
a
tool
issue,
but
it's
more
of
just
a
a
general
issue,
but
I
think
actually
the
change.
B
E
Yeah
I
was
going
to
go
back
to
your
SAS
comment.
There
I've
heard
that
before
from
other
people
and
where
I've
heard
it
from
is
they're
looking
at
the
hosted
requirement
where
it
says
all
bills,
desks
must
be
run
using
a
hosted,
build
platform
and
their
reading
that
to
say
that
must
be
some
kind
of
external
third-party
SAS
offering,
and
not
just
that.
It's
like
a
CI
server
that
you're
running
with
a.
D
B
Yep,
but
that
actually
brings
up
a
good
point,
because
I'm
working
with
Chris
and
and
Andrew
on
a
Blog
to
sort
of
clear
some
of
that
stuff
up
specifically
to
say
that
hosted
just
means
not
running
off
of
your
laptop
like
that.
That's
really
what
what
the
the
key
there
being
that
a
hosted
build
system
is
something
that
is
run
as
a
like
as
a
service.
Even
if
that
service
is
within
your
own
network
boundary,
that's
good
enough!
B
E
And
you've
even
got
examples
in
there
and
it
says
just
not
an
individual
workstation,
so
I
feel
like
we're
trying
to
be
clear,
but
I've
I've
definitely
heard
people
misread
that
statement
there
and
they're
trying
to
imply
that
if
you
don't
use
our
third
party
SAS
solution,
then
you're
not
salsa
and
therefore
that's
our
upsell.
For
you.
B
B
Only
SAS
is
salsa
compliant
you're,
like
actually
that's
not
the
case
and
by
stating
so
you're
being
actually
misleading
and
misrepresenting
the
open,
ssf
there.
So
that's
some
stuff
that
I
know
that
they're
they're,
also
looking
at
and
and
I
think
with
that
said,
I
also
understand
where
some
folks
are
coming
from
from
the
confusion
on
the
end
user
side,
because
they
look
at
sort
of
the
salsa
framework
and
they
look
at
like
what
repos
are
there
and
they
see
a
lot
of
the
GitHub
stuff.
B
B
You
know
like,
could
I
run
a
Jenkins
and
be
salsa
compliant,
and
how
would
I
do
that
or
how
could
I
run
something
else,
because
right
now,
I
believe
the
only
other
one
is
potentially
Fresca,
which
Fresca
I
realized
now
was
based
on.
The
changes
is
salsa
three,
as
long
as
tecton
supports
it's
also
1.0.
D
E
The
other
comment
I
heard
on
that
one
and
they're
saying
that
well,
if
you're,
not
using
some
kind
of
SAS
offering-
and
it's
just
some
person
running
it
on
their
own
CI
server,
how
can
you
verify
if
you
receive
an
artifact
from
that
third
party,
that
they
actually
did
right
on
a
secure,
build
server?
You
know
there
it's
just
their
machine
out
there.
It
might
not
be
their
laptop,
but
it's
a
machine
that
they
control
and
so
some
kind
of
check
in
their
conformance
compliance.
B
Yeah
and
and
Tom
correct
me
if
I'm
wrong,
but
I,
believe
that's
also
still
the
same
issue
anyway.
You
sort
of
look
at
it
right
like
how
do
I
know
that
that
thing
actually
came
from
GitHub.
It's
because
I
trust,
the
GitHub
oidc
and
yeah
yeah,
you
know,
and
so
so
you're
still
there's
still
some
level
of
trust
somewhere,
and
so,
if
somebody's
saying
hey
I'm,
providing
you
this
stuff,
I'm
hosting
it
myself-
and
you
know
you
have
to
trust
me
at
some
level-
that
I'm
I'm
doing
the
right
things.
B
Whether
it's
through
an
audit
or
some
sort
of
conformance
program,
I
think,
is
something
that
that
can
be
sorted
out,
but
I.
Think
at
the
end
of
the
day,
right
somebody's
gonna
say:
I
have
some
sort
of
signed
material
that
signed
material
points
to
some
sort
is
based
on
some
sort
of
identity.
And
it's
up
to
you
whether
or
not
you
you
trust
that
identity
to
be
telling
you
what
it.
You
know,
the
the
truth.
Sorry
streetpod
you've
been
you've
had
your
hand
raised
for
a
bit.
F
Well,
no,
no
way
that
is
good
discussion,
so
I
I
want
to
go
back
to
your
the
feedback
on
1.0
right,
so
you
mentioned
People
Are
People
wants
more
examples
like
give
me
Jenkins
plugins.
In
this
thing,
what
did
Kobe
I
mean
earlier
in
the
salsa?
There
was
a
agreement
that
we
won't
endorse,
any
particular
technology
or
any
particular
tool
right.
So
if
we
say
how
you
use
this
one
tecton,
and
then
you
can
that's
essentially
what
is
giving
you
1.0.
B
B
B
Github
actions
has
some
sort
of
third-party
audit
performed
against
them
or
they
have
some
sort
of
self
attestation
where
they
go
through
and
say
here
are
the
things
we
did
who
make
us
salsa.
You
know
to
be
to
comply
with
salsa
right
to
be
a
salsa
conformant
build
system
right.
You
know
we
are
you
know
we
don't
allow
admins
to
you
know
we
don't
allow
admins
to
access
the
workloads
that
are
running
as
builds
right,
let's
something
like
that:
okay
cool!
B
F
I
mean
typically
that's
what
happens
with
the
all
the
federal
and
everything
right
this
when
someone
say
I,
am
this
phone
853
compliant?
They
don't
want
to
tell
it
to
us,
prove
it
to
the
end
user.
They
will
need
to
prove
it
to
the
auditor
and
once
they
get
that
certification
from
there
I
think
they
can
just
say.
Okay,
we
are
compliant.
B
And
I
think
that
sort
of
thing
is
also
something
that
is
potentially
something
interesting
is
just
like.
How
do
you
like?
What
does
that
thing?
Look
like
I
know
that
there's
the
let
me
see
if
I
have
it
and
I
spoke
to
Chris
annexic
from
cncf
about
some
of
this
as
well
there.
So
here
is
the
the
link
to
the
draft
on
the
conformance
program,
and
so
that
conformance
program.
B
The
idea
here
is
to
provide
guidelines
and
recommendations
around
and
right
now,
I
think
the
rules
aren't
actually
super
clear
outside
of
just
the
the
high
level,
like
legalese
of
like
you
can't
claim
your
salsa
compliant.
If
you
haven't
gone
through
the
conformance
program,
because
then
that's
misleading
to
folks
and
can
help
you
know,
would
dilute
the
brand
because
one
of
the
things
that
we've
also
ran
into
and
I
know.
This
is
like
not
really
interesting,
technical
stuff
right
now,
but
I'm
hoping
in
a
few
minutes
we
can
kind
of
get
to.
B
A
lot
of
folks
are
saying,
like
yeah
we're
salsa
level
three,
and
then
you
actually
ask
them
questions
and
well
we're
kind
of
like
salsa
level,
two
plus
like
where
we're
almost
also
level
three
like
yeah
but
you're,
not,
and
if
you
tell
people
that
you're
salsa
level
three
and
let's
say
they
get
they
get
hit
by
a
supply
chain.
Attack
that
looks
bad
on
salsa
because,
like
hey,
we
were
salsa
level
three
and
we
were
vulnerable
to
this
attack
and
it's
like
well
because
you
actually
weren't
following
salsa
level.
B
Three
and
I
know
like
just
to
be
clear
here,
like
I
I,
recognize
that
even
if
everybody's
doing
the
right
things
via
sauce
level,
three
that
doesn't
mean
you're
immune
from
certain.
You
know
immune
from
attacks.
But
if
there
are
certain
you
know
it's
still,
you
know,
you
know
what
I
mean,
but
yeah
that
that's
kind
of
where
I
think
a
lot
of
that
is
is
is
starting
to
to
land
and
look
like.
D
A
B
They
just
need
to
maybe
fill
in
some
blanks
and
say,
oh
as
opposed
to
taking
this
internal
value
and
mapping
it
to
this
salsa
field.
It
maps
to
this
new
salsa
field,
whatever
stuff
like
that
I
think
is,
is
probably
is
fine
and
then
yes
for
individual
projects,
yeah
I,
think
the
largely
the
the
the
and
I
think
this
is
also
something
that
is
is
good
for
the
this.
This
document,
you
know
I,
think
describing
the
differences
between
what
tools
versus
end
users
are
responsible
for.
B
Like
I
think
that
I
think
that
thing
you
brought
up
is
is
good
because,
like
in
certain
contexts
it's
like
you
can
have
like
you
could
have
a
salsa.
You
know
you
could
have
a
compliant
build
system
not
generate
salsa
provenance
because
you're
doing
something
weird
in
your
build
or
whatever,
but
generally
I
think
the
thing
that
we've
done
with
and
which
is
also
one
of
the
reasons
why
we
had
kind
of
removed,
salsa
level
four
for
a
while.
B
It's
also
level
four
required
specific
things
to
the
project
like
in
order
to
do
a
hermetic
build.
Your
thing
needs
to
be
doing
all
these
things
before
you're,
ready
and
and
there's
certain
things
you
are
doing
within
your
build.
That
need
to
be
following
certain
rules
compared
to
like
certain
things
that
your
build
system
needs
to.
Do
you
know
you
could
have
like
a
salsa
level,
three
compliant
build.
That
is
broken
right.
B
You
know
like
that
that
is
still
malicious
or
whatever,
whereas
salsa
level,
four,
it
felt
significantly
harder
because
you
were
requiring
the
end
user
to
be
hermetic
and
re,
and
potentially
reproducible
and
yeah
yeah.
That
doesn't
mean
you
know
it
can
still
be
malicious,
but
it's
much
harder
to
say.
Oh
hey,
I
ran
this
across
multiple
things.
It's
either
the
source
code
was
malicious
or
all
of
these
different
build
systems
have
conspired
together
to
to
make
only
malicious
things.
B
B
Some
of
it
might
be
like,
given
that,
let's
say
go
is
kind
of
the
most
popular
language
and
what
a
lot
of
folks
are
doing.
Hey.
Here's
how
you
might
do
this
in
this
particular
tool.
You
know
in
this
particular
language
or
or
something
like
that,
or
we
could
go
the
library
route
and
focus
more
on
that.
A
I,
so
I
guess
that
my
initial
thought
is
like
any
like
any
build
system,
any
CI,
CD
system
that,
like
would
like
to
produce
salsa
Providence
like
we
should
like
it,
would
be
great
if
that
were
easy
right
like
you
know,
it
would
be
great
if
there
were
a
Jenkins
plug-in
that
like
could
produce
the
provenance
sort
of
regardless
of
what
level
they
are
and-
and
then
you
know
like
maybe
like.
Why
doesn't
that
exist?
A
Is
it
because
there's
not
like
a
Java
library
that,
like
I,
don't
know
if
jenkins's
job
or
not
but
like
what?
What
what
can
we
do
there
to
make
that
work
and
I
think
once
that's
resolved,
then
like,
then?
How
do
we
move
on
to
these
other
things
like
libraries
to
you
know
like?
How
can
we
help
these
builds?
Show
that
they're
isolated
for
example?
B
Okay,
now
go
and
reach
out
to
the
URLs
and
and
make
sure
that
stuff
lines
up
and
hey.
If
you
get
this
back
and
you
know,
does
the
signature
match
and
all
that
good
stuff
I
think
that's
kind
of
where
a
lot
of
that
lands
and
then
separately,
I
think
from
the
build
side.
It's
like
yep
here
are
the
ways
you
might
do
some
of
these
things
and
I
don't
want
to
go
too
deep
down
the
the
rabbit
hole
on
on
a
lot
of
that.
B
I
think
the
well
on
the
you
bring
up
an
interesting
one
about
the
Jenkins
piece
because
I
think
generally,
the
problem
is
Jenkins
itself
is
going
to
be
very
difficult
inside
Jenkins
X,
which
is
based
on
tecton
and
tecton
chains
and
stuff,
like
that.
But
Jenkins
like
normal
Java
Jenkins,
is
going
to
be
difficult
to
do
much
from
the
salsa
end,
because
it's
it's
very
heavily
reliant
on
you
as
the
end
user
would
need
to
implement
this
whole
list
of
security
controls
before
your
Jenkins
could
be
possibly
considered.
B
B
One
of
the
reasons
why
you
have
something
like
salsa
is
that
is
that
you're
restricting
how
these
jobs
can
be
run
and
if
you
sort
of
let
anybody
run
a
job
in
any
way
they
want,
and
that
includes
in
completely
unrestricted,
like
hey
I'm,
running
I'm
running
this
job
on
a
VM
and
I
can
log
into
that
VM.
While
it's
running
that's
probably
bad.
A
Yeah
I
I
I
certainly
agree
with
that,
but
I
do
Wonder
like.
Is
there
Nuance
there,
depending
on
what
salsa
level
you're
trying
to
achieve
like
like?
Would
it
be
like?
Is
it
conceivable
that,
like
we,
that,
like
a
a
classic
Jenkins,
salsa,
II
or
salsa
level,
one
plug-in
could
exist
and
that
that
still
provides
value,
even
though
they're
not
at
the
like,
not
able
to
attain
the
highest
salsa
level.
B
Yeah,
so
the
thing
that's
kind
of
interesting
is
actually
we
do
have
under
the
salsa
framework,
a
I'm,
not
sure.
If
you
saw
we
have
a
Jenkins
plugin
and
it's
so
the
JK's
plugin
was
donated,
contributed
whatever
they
want
to
say
it
to
buy
Samsung,
I,
believe
and
I
believe
at
least
I
will
have
to
double
check
here.
B
It
was
by
donghee
Lee,
who
is
at
Samsung
research
yeah,
so
yeah
Samsung
had
contributed
it.
The
the
problem
is
after
they
had
contributed
it.
It
just
sort
of
is
sitting
there,
but
but
yeah
I
agree
with
you
I
think,
like
generally,
you
know,
Jenkins
could
hit
up
to
salsa
too,
because
the
only
real
requirement
is
that
you're
recording,
essentially
the
provenance
and
then
signing
it.
It
doesn't
matter
if
it's
necessarily
like
not
particularly
secure
so
yeah
that
that
thing
I
think
is.
B
B
It
generates
a
lot
of
like
salsa
reports
and
like
it
it'll
take
a
salsa
document
and
try
and
do
a
bunch
of
the
verification
and
also
in
a
very
I,
would
say
like
an
Enterprise,
friendly
sort
of
way
like
it's.
It's
very
generates
HTML
reports,
that
kind
of
thing,
but
it's
it
looks
really
cool
like
it's
it's.
Actually,
it's
actually
really
cool
I
like
what
they've
done
done
with
it.
Let
me
see
if
I
can
bring
that
up
as
well.
B
B
B
B
So
I
think
that's
another
thing
that
folks
are
are
looking
for
is
like
hey
example:
libraries
for
generating
validating
provenance,
build
isolation,
libraries
et
cetera,
because
I
know
that's
actually
for
parth
right
like
even
though
we
have
in
Toto
go
lying
inside
of
block
I.
Believe
like
the
idea
here
is
like
hey.
B
If
there
was
something
that
we
could
just
well,
yeah
I
guess
in
total
go
lying
is
a
good
example
of
of
that
sort
of
thing,
so
that
folks
can
sort
of
import
in
Toto
golang,
and
now
they
immediately
support
some
level
of
salsa
like
they
have
the
structs
they
need
for
for
salsa
serialization
deserialization,
but
there
might
still
be
like
some
use
and
I'll
show
off
this
tool.
If
we
have
a
little
bit
of
time
like
hey,
can
you
also
have
a
bunch
of
other
stuff
for
verification
like
macaron?
B
B
D
B
I
agree
on
the
tooling
to
make
policies.
That's
that's
another
important
one.
Another
important
one
which
I
have
actually
up
above,
which
is,
is
something
that
folks
have
been
asking
for
is
guidelines
tooling,
etc
for
Distributing
fossil
Providence
so
like
with
oci,
it's
kind
of
easy
just
because
you
can
bake
it
in
to
the
into
the
repo
itself,
so
via
all
the
stuff
like
the
distribution,
spec
and
and
and
all
that
good
stuff.
That
folks,
like
Brandon
Mitchell,
have
been
working
on.
B
B
Yep
they
don't
want
an
API,
they
want
more
of
like
a
hey.
Here
is
a
here's,
a
rest
endpoint,
and
so
we
can
cache
that
rest
endpoint
and
just
do
that
which
is
huge
and
then
the
other
thing
is
like
so
some
of
the
conversations
I've
had
is
like
folks
are
asking
for
something
like
something
like
guidelines
on
on
some
of
this,
because
a
lot
of
folks
are,
you
know,
you
talked
getting
folks
across
the
different
tools
to
agree
to.
Here
is
what
the
rest.
B
You
know,
here's
what
this
not
rest,
but
like
here's,
what
the
the
the
the
structure
of
the
URL
is
going
to
look
like.
You
know
something
like
even
just
saying
something
like
it
should
be
package
name,
slash
version
number,
slash
metadata,
slash,
salsa,
slash
you
know
or
whatever
that
kind
of
a
thing
is
even
just
getting
folks
to
sort
of
agree
to.
That
is
going
to
be
potentially
a
very,
very
long
journey,
because
everybody
is
doing
it
slightly
differently.
Some
folks
are
saying
hey.
B
B
That
makes
it
very
difficult
to
just
sort
of
say
here
is
a
static
endpoint
with
this
stuff,
but
I
think
that
kind
of
thing
is
something
that
folks
are
really
really
really
looking
for,
and
I
mean
one
of
the
things
we
could
pretty
much
do
right
is
maybe
even
just
write
up
some
either
guidelines,
real,
quick
or
or
even
a
a
simple
like
hey
here's,
an
HTTP
server
that
distributes
this
stuff.
I,
don't
know
I
Tom,.
A
A
The
way
that
I've
been
thinking
about
it
is
that
there
might
like
we
might
wind
up
needing
two
like
two
ways
to
do
it
like.
There
are
a
lot
of
advantages
for
for
for
Distributing
for
Distributing
the
Providence,
like
sort
of
alongside
the
artifact,
and
the
way
that
the
ecosystem
that,
like
best,
supports
the
ecosystem,
but
then
that
doesn't
work
well
for,
like
I
found
I
found
the
package
on
my
on
my
machine.
I,
don't
know
where
it
came
from.
Please
like.
A
C
You
go
well,
I
was
just
gonna
say
like
like
for
using
guac
I
think
it
makes
more
sense
like
it.
You
don't
have
to
store
the
document
anymore
right.
It's
also
attestation
generated,
because
what
can
regen
recreate
that
document
for
you
with
the
information
that
it
stores
right?
So
it's
like,
even
if
you
lose
like
so
once
it's
in
guac,
you
can
have
be
like
yeah
I
can.
If
you
need
to
recreate
the
document
again
from
right
for
that
specific
package
or
whatever
else
it
is,
then
you
can
do
so.
A
B
We
find
that
sometimes
having
the
unsigned
like
we
still
associate
the
information
with
identities
where
possible,
but
if
we
say
hey,
Let's
ignore
some
identities
for
a
second
and
just
say
assume.
Let
me
look
at
all
the
metadata.
What
can
I
start
to
glean
from
it?
Some
of
that
metadata
could
be
untrustworthy.
It
could
be
invalid,
it
could
be
mistaken.
There
was
a
great
kubernetes.
There
was
a
great
talk
at
kubecon
where
they
showed
off
how
s-bombs
can
be
tricked
into
generating
pretty
much
whatever
you
want.
B
S-Bomb
generation
tools
right
where
you
can
say
like
if
you
mess
with
like
the
package
database
or
you
mess
with
Etsy
release,
all
of
a
sudden
like
it
doesn't
have
a
good
way
of
knowing
what
was
actually
there,
and
so
there's
lots
of
ways
to
sort
of
trick.
These
things
and
yeah
I
agree
like
you
can't
reconstruct
the
the
document
per
se,
but
I
think
the
other
thing
that
I
think
is
interesting.
B
Are
the
signatures
from
those
three
salsa
things
they
all
sort
of
they
all
like
all
of
their
data
has
the
same
nodes
and
edges
right
like
they
also
say
the
same
thing:
great
cool,
I'm
gonna
have
one
more
new
document
that
says:
I
ran
salsa
against
those
three
things
they
all
conform.
Here's
you
know,
here's
the
proof
of
that
and
here's
the
location
of
those
documents
and
yeah
yeah
I.
Think
that's
that's
another
thing,
but
that's
also
I
feel
like
if
we
get
to
that
point,
we've
solved
95
of
the
problems.
B
But
yeah
I
think
I
agree
with
you
on
like
walk
and
having
some
sort
of
discovery
thing,
because
I
think
a
lot
of
folks
are
saying
this
is
where
I
think
if
guac
becomes
a
public
service
is
something
that
it'll
have
to
deal
with
is
really
talking
to
some
of
the
folks
from
ruby
gems
and
some
of
those
things
is
like
hey.
They
get
swamped
with
so
many
different
queries.
B
I
think
guac
is
a
very
specific
sort
of
query
that
you're
going
to
be
asking
it,
which
is
probably
less
complicated
like
it
might
be
like
more
efficient
than
you
know,
running
the
query
against
something:
that's
mostly
intended
to
distribute,
binaries
or
not
binaries,
but
files
and
and
that
sort
of
thing
compared
to
some
queries.
But
I
I
know
that,
like
how?
How
is
that
going
to
scale?
B
Let's
say
if,
like
all
of
a
sudden,
a
new
version
of
a
thing
comes
out
and
everybody
goes
okay,
great,
there's
a
new
version
of
a
thing
that
came
out.
You
know,
let's
just
say
you
know,
react.
For
example,
hey,
let's
see
if
there's
a
known,
salsa
attestation
for
react.
Let
me
check
guac
and
you
have
a
million
people
querying
the
public
clock
all
at
the
same
time
could
lead
to
some
issues,
but
but
we'll
we'll
get
to
that
when
we
get
to
it.
D
B
D
B
B
B
B
Right-
and
this
is
valid-
it's
also
Providence
and
it
just
says,
Hey
valid
in
total
document,
and
it
like
validates
it
quite
strictly.
So,
for
example,
if
URLs
in
the
repository
and
stuff
like
that
are
not
actual
URLs,
it
will
barf
right,
it'll
be
like
hey
this
is
you
gave
me
something
that's
supposed
to
be
a
URL
and
it's
not
a
URL
or
URI.
It's
it's
something
else,
and
if
you
get
something
that
is
supposed
to
be
a
timestamp
and
it's
not
a
timestamp
right,
it's
just
a
string
right.
B
B
Oh,
if
it's
a
string
cool
great,
but
what
we
noticed
is
like
with
especially
with
guac
as
we
start
to
ingest
a
lot
of
these
things
like
the
salsa
documents,
is
well
we're
trying
to
figure
out
if
it's
a
timestamp,
because
we're
adding
that
as
extra
metadata
in
the
guac
data
model,
and
so
if
we
start
to
get
a
ton
of
these
salsa
attestations
that
are
not
actually
valid,
they're,
mostly
valid,
and
a
lot
of
tools
will
actually
verify
that
or
validate
that
yeah
yeah,
it's
valid
because
it's
a
string.
All
of
a
sudden.
B
Okay,
cool
well
like
the
thing
that
I'm
actually
working
on
now
is
to
try
and
make
that
a
little
bit
more
descriptive
and
so
that
it'll
display
the
document
highlight
specific
areas
like
hey
I'm,
expecting
a
build
type
and
the
build
type
should
look
like
this,
or
you
know
you
gave
me
something
that
should
have
been
a
URL
and
also
show
all
the
areas
where
that
is
right.
Now,
I
can
only
show
one
at
a
time.
B
So
if
I
update,
build
type,
it'll
just
go
to
the
next
error,
but
what
I
would
like
to
do
is
come
in
and
be
able
to
highlight
all
the
different
areas
in
red
or
whatever
of
like
hey.
This
is
missing,
or
this
is
the
wrong
type
cool
and
then,
as
folks,
are
building
out
the
tools
to
do
salsa
or
generate
verify
yayada.
They
can
come
in
and
be
like.
Oh
great,
I'm
missing
this
cool
I
can
do
that
and
then
also
because
this
could
be
easily
be
a
library.
B
Other
folks
who,
let's
say,
are
writing
rust
rules
can
come
in
look
at
the
provenance
strucks
and
be
able
to
say,
okay,
you
know,
salsa
Providence
V1
predicate
consists
of
a
build
definition
of
Run
details
right.
That's
it
right!
That's
those
are
the
two
things
in
the
provenance
spec.
If
we
go
up
a
level
to
the
actual
in
total
spec,
the
in
total
spec,
you
know
expects
a
oh.
Actually.
B
B
Any
num,
which
consists
of
a
social
problem
is
V1,
but
we
can
have
all
sorts
of
other
stuff
in
there
like
VSA
and
Vex,
and-
and
you
know
whatever
else,
that
comes
out
of
a
lot
of
these
things
that
that
are
getting
built
out
and
then
be
able
to
kind
of
help
out
in
generating
that
and
then
of
course,
over
time.
We
could
also
begin
to
add
in
like
verification
as
well.
B
For
this
and
I
think
this
sort
of
thing
is
has
helped
out
a
lot
in.
You
know,
starting
to
also
generate
like
test
data,
for
salsa
attestations
like
I
can
start
to
create
all
sorts
of
fuzz
data
and
be
able
to
start
testing
out
stuff
like
hey
I,
can
ingest
a
ton
of
stuff
and
took
walk
and
see
what
happens
anyway.
That
that's
I
know
it's
it's
very,
very,
very
early
on,
but
that's
kind
of
the
the
general
gist
of
it
and
yeah.
A
B
B
Rust
also
supports
Blossom,
mostly
there's
some
a
couple
of
things
that
it
probably
needs
to
still
do,
but
so
I
think
there's
a
lot
of
areas
where
this
could
just
also
just
work
in
a
lot
of
different
environments,
but
yeah
yeah.
The
idea
is,
is
to
also
support
the
Disney
envelope
to
support
potentially
other
attestation
types
and
then
also
be
you
know
when
we
start
to
build
out
that
salsa
like
source
attestation
right
so
you
know
Source
provenance
attestation
or
whatever
you
want
to
call
it.
B
That
kind
of
thing
would
be.
It
would
probably
be
able
to
support
that
as
well
and
then
some
of
the
other
tooling
building
around
it
is
like
probably
go
in
and
verify
right,
hey,
I
know
this
is
actually
a
URL,
treat
it
like
a
URL
and
actually
go
in
and
try
and
resolve
some
of
the
things
in
there
as
well,
and
then,
of
course,
over
time
we
can
kind
of
like
make
it
more
generic
and
and
support
arbitrary
kind
of
things
that
come
in
because
I
know.
B
Another
thing
that
I
think
has
been
brought
up
is
hey.
Could
something
could
something
like
this
pull
in
the
build
definition
at
run
time
like
pull
in
the
build
definition
spec
at
runtime
like
what
you
know?
What
does
you
know
as
an
example
here,
like
the
the
npm,
reusable
workflow
coming
out
of
Google
will
say
here's
what
the
build
definition
should
look
like
great
I,
see
that
this
is
npm
I,
see
that
it
goes
to
this
URL
I,
see
that
you
know.
B
Let
me
pull
in
that
spec,
which
I
know
right
now
is
supposed
to
be
human
readable,
but
like
we
might
be
able
to
have
both
right.
Some
sort
of
human,
readable,
spec
and
a
machine,
readable,
spec
and
then
at
runtime
just
be
able
to
pull
that
in
and
validate
and
then
with
certain
you
know,
you
know
well-known
types
we
can
easily.
You
know,
compile
it
beforehand
and
and
have
a
strict
sort
of
compile
side
typing
and
you
know,
compile
type
typing
and
all
that
good
stuff.
B
B
That
should
be
falsa
compliant
right,
like
the
you
know,
so
allowing
folks
who
are
using
Jenkins
to
say
look
I'm
not
going
to
provide
you
salsa
provenance
for
your
entire
pipeline,
but
for
the
compilation
step
you
run
it
here
and
I'll.
Do
it
and
I
think
that
kind
of
thing
is,
is
something
that
you
know
a
lot
of
folks
have
been
asking
for
and
we're
starting
to
take
a
look
at
over
at
kasari
and
plan
to
open
source
as
well.
D
B
Oh
yeah
yeah,
this
actually
looks
exactly
what
I've
been
trying
to
look
for
and
I
couldn't
find
anything
outside
of
there's
like
a
thing
called
Kata
containers,
which
is
also
looks
really
cool,
but
the
problem
with
Kata
containers
I
found
is
that
the
documentation
is
very
much
like
here's.
Just
this
gigantic
API
now
go
wild
and
it's
like
I
I
just
need
to
have
something
to
potentially
run
a
container
via
like
Yep
this.
B
This
actually
looks
a
lot
of
you
know
like
what
I'm
looking
for
right,
where,
where
you
you
want
to
have
a
couple
of
different
mechanisms.
One
is
you
want
to
have
the
TPM
mechanism
where
you
could
potentially
do
the
instrumentation
to
say:
hey
am
I
running
only
the
approved
workload
and
then
secondarily,
I
think
there's
also
some
interesting
stuff
happening
in
that
trusted
execution,
secure,
Enclave,
whatever
you
want
to
call
it
space.
Where
could
I?
B
Look
I
can't
give
you
my
code
in
the
clear,
but
if
you
ran
this
on
my
behalf
in
a
trusted
execution
environment
where
you
know
via
an
audit
or
whatever
you
could,
you
know,
and
then
I
know
that
hey
the
you're
essentially
giving
me
code
that's
encrypted
with
a
key
and
that
key
is
only
stored
inside
the
the
TPM.
You
know
the
other
side
of
the
decision
side
can
only
be
stored
inside
the
TPM,
then
yeah.
That's
that's
awesome
that
you
know.
B
I,
think
that
kind
of
thing
is
is
something
that
folks
are
are
definitely
interested
in
and
yeah.
This
is
I.
Have
it
I
hadn't
heard
of
this
before
today,
I've
been
I
need
to
I.
Think
up
my
Google
food
because
I
did
not
see
see
any
of
this,
but
this
actually
looks
really
really
cool
yeah.
Thanks
for
pointing
be
in
the
right
direction
here,.