Oops. That second email had the correct tarball but with the wrong
forwarded email.
https://marc.info/?l=openbsd-ports&m=166012227330190&w=2
Again, here's sthen@'s email and his tarball attached.
g
On 8/8/22 11:41, George Rosamond wrote:
> ping
>
>
> -------- Forwarded Message --------
> Subject: [NEW] security/py-in-toto
> Date: Tue, 2 Aug 2022 17:50:24 -0400
> From: George Rosamond <george@ceetonetechnology.com>
> To: OpenBSD Ports <ports@openbsd.org>
>
> in-toto (https://in-toto.io/) is from NYU's Secure Systems Lab
> (https://ssl.engineering.nyu.edu/) and NJIT's Cybersecurity Research
> Center (https://research.njit.edu/cybersecurity/) looking to mitigate
> 'supply chain' issues for package management systems.
>
> from pkg/DESCR:
>
> in-toto provides a framework to protect the integrity of the software
> supply chain. It does so by verifying that each task in the chain
> is carried out as planned, by authorized personnel only, and that
> the product is not tampered with in transit.
>
> Haven't tinkered around with building 'layouts' yet, but thought I would
> submit to ports@ to see if there's any interest.
>
> There's one currently unported RUN_DEPEND security/py-securesystemslib
> which I'll send after this email.
>
> g
No comments:
Post a Comment