@@ -18,19 +18,25 @@ SIGNATURE = Sign(PAE(UTF8(PAYLOAD_TYPE), SERIALIZED_BODY))
1818
1919Parameters:
2020
21- * SERIALIZED_BODY is the byte sequence to be signed.
22-
23- * PAYLOAD_TYPE is an authenticated URI indicating how to interpret
24- SERIALIZED_BODY. It encompasses the content type (JSON, Canonical-JSON,
25- CBOR, etc.), the purpose, and the schema version of the payload. This
26- obviates the need for the ` _type ` field within [ in-toto] /[ TUF] payloads.
27- This URI does not need to be resolved to a remote resource, nor does such a
28- resource need to be fetched. Examples: ` https://in-toto.io/Link/v1.0 ` ,
21+ Name | Type | Required | Authenticated
22+ --------------- | ------ | -------- | -------------
23+ SERIALIZED_BODY | bytes | Yes | Yes
24+ PAYLOAD_TYPE | string | Yes | Yes
25+ KEYID | string | No | No
26+
27+ * SERIALIZED_BODY: Byte sequence to be signed.
28+
29+ * PAYLOAD_TYPE: Authenticated URI indicating how to interpret SERIALIZED_BODY.
30+ It encompasses the content type (JSON, Canonical-JSON, CBOR, etc.), the
31+ purpose, and the schema version of the payload. This obviates the need for
32+ the ` _type ` field within [ in-toto] /[ TUF] payloads. This URI does not need to
33+ be resolved to a remote resource, nor does such a resource need to be
34+ fetched. Examples: ` https://in-toto.io/Link/v1.0 ` ,
2935 ` https://in-toto.io/Layout/v1.0 ` ,
3036 ` https://theupdateframework.com/Root/v1.0.5 ` .
3137
32- * KEYID is an optional , unauthenticated hint indicating what key and algorithm
33- was used to sign the message. As with Sign(), details are agreed upon
38+ * KEYID: Optional , unauthenticated hint indicating what key and algorithm was
39+ used to sign the message. As with Sign(), details are agreed upon
3440 out-of-band by the signer and verifier. It ** MUST NOT** be used for security
3541 decisions; it may only be used to narrow the selection of possible keys to
3642 try.
0 commit comments