Adding certificate, key, and signature to security profile #1224
Adding certificate, key, and signature to security profile #1224stevenc-stb wants to merge 25 commits intospdx:developfrom
Conversation
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
| @@ -0,0 +1,17 @@ | |||
| SPDX-License-Identifier: Community-Spec-1.0 | |||
|
|
|||
| # notValidAfter | |||
There was a problem hiding this comment.
Does it possible to use /Core/validUntilTime (verbatim or with revision)?
validUntilTime naming is also aligned with the Schema.org validUntil and avoids negation in the name.
| @@ -0,0 +1,17 @@ | |||
| SPDX-License-Identifier: Community-Spec-1.0 | |||
|
|
|||
| # notValidBefore | |||
There was a problem hiding this comment.
We don't have an equivalent of this yet. So it makes sense to create new one.
But still concerning about negation in the name.
Schema.org uses validFrom, which pairs with validUntil.
As we already have /Core/validUntilTime, would it be possible to create /Core/validFromTime and use it instead?
| @@ -0,0 +1,17 @@ | |||
| SPDX-License-Identifier: Community-Spec-1.0 | |||
|
|
|||
| # parameter | |||
There was a problem hiding this comment.
We can also consider move this to Core, make it a generic /Core/parameter.
We can then use the /Core/parameter here, for cryptographic algorithm documentation.
And we can also deprecate /Build/parameter, let the Build use this new /Core/parameter instead.
| @@ -0,0 +1,17 @@ | |||
| SPDX-License-Identifier: Community-Spec-1.0 | |||
|
|
|||
| # serialNumber | |||
There was a problem hiding this comment.
Would it be possible to share this with Hardware use case?
So instead of having /Security/serialNumber and /Hardware/serialNumber, we can have one /Core/serialNumber that can be used in different context.
| @@ -0,0 +1,17 @@ | |||
| SPDX-License-Identifier: Community-Spec-1.0 | |||
|
|
|||
| # signatureTime | |||
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Co-authored-by: Arthit Suriyawongkul <arthit@gmail.com> Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
Signed-off-by: stevenc-stb <steven@smarttalkbeacon.com>
2 participants
Adding certificate,key and signature to security profile. This is for review.