The Sigsum team is happy to announce the initial release of the Sigsum C Library (aka sigsum-c or libsigsum), version 1.0.0. See NEWS file, appended below, for a summary of features. Library documentation is included in the package and online at https://git.glasklar.is/sigsum/core/sigsum-c/-/blob/main/doc/sigsum-c.md. The release source code can be downloaded using git clone -b v1.0.0 https://git.glasklar.is/sigsum/core/sigsum-c.git The v1.0.0 tag is signed using the key ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/xZ+v5e435605MS4BYE89PLcgk8DT5PvuoM2oASnuko This is the same release key also published for nisse@glasklarteknik.se at https://www.system-transparency.org/keys/allowed-ST-release-signers. /The Sigsum team NEWS for the sigsum-c 1.0.0 release This is the initial release of the sigsum-c library. For API documentation, see doc/sigsum-c.md, for build instructions, see README.md. When building a shared library from this release, the library name is libsigsum.so.0.0, with soname libsigsum.so.0. Main features: * Support for parsing the ASCII representation of Sigsum policy files, Sigsum proofs, and OpenSSH public key files. * Support for verifying Sigsum proofs. The main verification functions are written with constrained embedded systems in mind. They work with a bytecode representation of the policy's quorum rule, and do not require use of the ASCII representation. * A command line tool sigsum-c-verify, intended to be compatible with the sigsum-verify tool from the sigsum-go package (the main missing feature in sigsum-c-verify is support for named policies).