Description
As an OCM Integrator that wants to support a new Signing / Verification Technology,
I want to be able to integrate new technology support via the established OCM plugin system. For this I want to use a fully designed Plugin Contract that is described via API.
In Scope:
- Creation and Submission of a new Architecture Decision Record (ADR)
- Approval of the Concept by the OCM Maintainer Group
- Initial Design Suggestion for Plugin-focused API for
- Creation of a new Signature for an already normalized Component Descriptor Hash
- Verification of an existing Signature for an already signed Component Version
- Initialize a warroom
Out of Scope:
- Dedicated Signing Handler implementations
- Continous Revisit of the ADR (this will be done once we get to implement signing handlers)
Done Criteria
Description
As an OCM Integrator that wants to support a new Signing / Verification Technology,
I want to be able to integrate new technology support via the established OCM plugin system. For this I want to use a fully designed Plugin Contract that is described via API.
In Scope:
Out of Scope:
Done Criteria