The Sigsum team is happy to release a new version of the log-go log
server software, version tag v0.14.1, succeeding the previous release
v0.9.0. The source code for the release can be checked out from the git
repository as
git clone -b v0.14.1 https://git.glasklar.is/sigsum/core/log-go.git
or installed using
go install sigsum.org/log-go/cmd/sigsum-log-primary@v0.14.1
This release updates the log to the version 1 Sigsum protocol. It also
adds back support for witness cosigning, following an interim witness
protocol. See NEWS file for details on changes and how to upgrade,
excerpt below.
If you find any bugs, please report them here on the sigsum-general
mailing list or open an issue on GitLab in the log-go repository:
https://git.glasklar.is/sigsum/core/log-go/
The expectations and intended use of the log server software is
documented in the log-go RELEASES file. You will also find more
information about the overall release process there, see
https://git.glasklar.is/sigsum/core/log-go/-/blob/main/RELEASES.md.
/ The Sigsum team
NEWS for log-go v0.14.1
This release updates the log server to implement the v1 sigsum
protocols [1].
The log protocol, i.e., the protocol for querying a log and
submitting new entries, is now considered stable: there are no
plans for incompatible changes, and future updates will
consider transitions carefully. However, the witness protocol,
used by logs to interact with witnesses, is under
development, and will likely be replaced in later versions.
Upgrading existing log services from the previous release,
v0.9.0, is automatic, see below for the implications of
upgrading. However, downgrading is *NOT* tested nor supported.
Downgrading would require manual replacement of the
signed-tree-head file by restoring it from a backup or
recreating it using sigsum-mktree.
This release has been tested to work together with:
* Command line tools (most importantly sigsum-submit and
sigsum-verify)
https://git.glasklar.is/sigsum/core/sigsum-go, tag v0.6.1.
* The prototype witness,
https://git.glasklar.is/sigsum/core/sigsum-py, tag v0.1.1.
* The litetlog witness,
https://github.com/FiloSottile/litetlog, tag v0.1.1.
New features:
* Implemented a new interim witness protocol [2], where a log
queries witnesses for cosignatures. Witnesses to use are
configured using a sigsum policy file.
Further changes to the log <-> witness protocol are planned.
Incompatible changes:
* Tree head serialization used for signatures and cosignatures
changed to use a checkpoint-compatible [3] text serialization.
* Leaf signatures as well as submit token signatures changed
to no longer use SSH signature format.
Notes on upgrading:
* Existing logs can be upgraded. When loading a log server's
signed-tree-head file, the server accepts either a sigsum v0
tree head signature, as created by log-go v0.9.0, or a v1
signature, as created by the current version.
* An upgraded log will publish tree heads signed according to
the v1 protocol, and accept new leaves signed according to
the v1 protocol.
* Old leaves submitted according to the v0 protocol obviously
stay in the tree, but they will appear invalid to anyone who
has the submitter's public key and attempts to verify the
leaf signature according to the v1 specification.
* Old sigsum proofs can still be verified using old tools
(since verification is purely offline, the log server is not
involved at all). However, attempting to create a new proof
for an old leaf will fail.
Miscellaneous:
* An intermediate version, tagged v0.13.0, included an
explicit "v1" signature version on the cosignature lines.
This protocol change was reverted for v0.14.x. Version
v0.13.0 was never announced or properly released, but in
case anyone is nevertheless running v0.13.0, upgrading to
v0.14.1 is expected to work. The only user-visible change is
the removal of cosignature version, which means that any
client software and witnesses written to interop with log
servers running v0.13.0 will need upgrading as well.
[1] https://git.glasklar.is/sigsum/project/documentation/-/blob/main/log.md
[2] https://git.glasklar.is/sigsum/project/documentation/-/blob/4ee138f1294f9c1…
[3] https://github.com/transparency-dev/formats/blob/main/log/README.md#checkpo…
