Alan Chung Ma

icon indicating a website link https://alan.chung-ma.com/ icon indicating an email [email protected]

icon company Keytos icon location Boston, Massachusetts icon location Software Engineer @markeytos | Interested in secure systems programming and software engineering.

Results 17 comments of Alan Chung Ma

Provide examples to each major in-toto cli subcommand

@shibumi could you link the documentation you are referring to? I do not understand what you mean by example strings.

Provide examples to each major in-toto cli subcommand

Yeah @shibumi , I can definitely take a look into it! Thank you @developer-guy for pointing me to the right direction :smile:!

Implement Symmetric and Asymmetric APIs

Sorry, I wasn't clear in my question, but if one platform supports only RSA encryption while the other supports many more, should I just implement RSA?

Update user/developer feedback

Is it worth revisiting this now that `slog` has finally reached a maturity I am comfortable with?

ENH:proposals: add in-toto graduation proposal

+1 :heart:

Migrate away from `derp`

Will do! It'll be a significant refactor, so it will take some time :P

SGX demo?

I am not too familiar with CoRIM, but you can collect additional environment attestations in conjunction with SCAI. Let me know if it doesn't make much sense.

Add Alan to the Maintainers list

Lol, blocked by #88

How to Integrate in-toto Verification with Private GitHub Repositories

Hi there! Could you talk more about how you plan to manage your users' identity? Do your users already have existing credentials that are used for signing such as x509...

How to Integrate in-toto Verification with Private GitHub Repositories

I see, I would recommend you to have a look at the software factory from testity sec, they have an example workflow that leverages in-toto to manage the policies of...