- root-signing-staging is trying to add a ed25519 key into trusted root
- sigstore-python main branch already supports this key type
- current sigstore-python release unfortunately fails hard: if the trusted root contains an unrecognised keytype the verification fails even if the key is not needed to verify
The specific failure is easy to fix and I think I'd like to fix this is as a point release from a 3.6.x branch: There are a lot of changes in main since last release that are not really useful before rekor v2 support is fully integrated.
The specific failure is easy to fix and I think I'd like to fix this is as a point release from a 3.6.x branch: There are a lot of changes in main since last release that are not really useful before rekor v2 support is fully integrated.