Sigstore, Spx: Add notes about metadata format stability

Both of these metadata formats (e.g. the data encoding and field names) are bsaically invented in securesystemslib: there is no community consensus on them yet.
secure-systems-lab · Sep 1, 2023 · 6b34803 · 6b34803
1 parent 357f4d9
commit 6b34803
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/securesystemslib/signer/_sigstore_signer.py b/securesystemslib/signer/_sigstore_signer.py
@@ -28,7 +28,10 @@
 class SigstoreKey(Key):
     """Sigstore verifier.
 
-    NOTE: unstable API - routines and metadata formats may change!
+    NOTE: The Sigstore key and signature metadata formats are not part of the
+    TUF specification and are not considered stable in securesystemslib. They
+    may change in future releases and may not be supported by other
+    implementations.
     """
 
     DEFAULT_KEY_TYPE = "sigstore-oidc"
@@ -87,7 +90,10 @@ def verify_signature(self, signature: Signature, data: bytes) -> None:
 class SigstoreSigner(Signer):
     """Sigstore signer.
 
-    NOTE: unstable API - routines and metadata formats may change!
+    NOTE: The Sigstore key and signature metadata formats are not part of the
+    TUF specification and are not considered stable in securesystemslib. They
+    may change in future releases and may not be supported by other
+    implementations.
 
     All signers should be instantiated with ``Signer.from_priv_key_uri()``.
     Unstable ``SigstoreSigner`` currently requires opt-in via

diff --git a/securesystemslib/signer/_spx_signer.py b/securesystemslib/signer/_spx_signer.py
@@ -38,7 +38,13 @@ def generate_spx_key_pair() -> Tuple[bytes, bytes]:
 
 
 class SpxKey(Key):
-    """SPHINCS+ verifier."""
+    """SPHINCS+ verifier.
+
+    NOTE: The SPHINCS+ key and signature metadata formats are not part of the
+    TUF specification and are not considered stable in securesystemslib. They
+    may change in future releases and may not be supported by other
+    implementations.
+    """
 
     DEFAULT_KEY_TYPE = "sphincs"
     DEFAULT_SCHEME = "sphincs-shake-128s"
@@ -89,6 +95,11 @@ def verify_signature(self, signature: Signature, data: bytes) -> None:
 class SpxSigner(Signer):
     """SPHINCS+ signer.
 
+    NOTE: The SPHINCS+ key and signature metadata formats are not part of the
+    TUF specification and are not considered stable in securesystemslib. They
+    may change in future releases and may not be supported by other
+    implementations.
+
     Usage::
 
         public_bytes, private_bytes = generate_spx_key_pair()