The Sigsum team is happy to release a new version of the log-go log server software, version tag v0.14.1, succeeding the previous release v0.9.0. The source code for the release can be checked out from the git repository as
git clone -b v0.14.1 https://git.glasklar.is/sigsum/core/log-go.git
or installed using
go install sigsum.org/log-go/cmd/sigsum-log-primary@v0.14.1
This release updates the log to the version 1 Sigsum protocol. It also adds back support for witness cosigning, following an interim witness protocol. See NEWS file for details on changes and how to upgrade, excerpt below.
If you find any bugs, please report them here on the sigsum-general mailing list or open an issue on GitLab in the log-go repository:
https://git.glasklar.is/sigsum/core/log-go/
The expectations and intended use of the log server software is documented in the log-go RELEASES file. You will also find more information about the overall release process there, see https://git.glasklar.is/sigsum/core/log-go/-/blob/main/RELEASES.md.
/ The Sigsum team
NEWS for log-go v0.14.1
This release updates the log server to implement the v1 sigsum protocols [1].
The log protocol, i.e., the protocol for querying a log and submitting new entries, is now considered stable: there are no plans for incompatible changes, and future updates will consider transitions carefully. However, the witness protocol, used by logs to interact with witnesses, is under development, and will likely be replaced in later versions.
Upgrading existing log services from the previous release, v0.9.0, is automatic, see below for the implications of upgrading. However, downgrading is *NOT* tested nor supported. Downgrading would require manual replacement of the signed-tree-head file by restoring it from a backup or recreating it using sigsum-mktree.
This release has been tested to work together with:
* Command line tools (most importantly sigsum-submit and sigsum-verify) https://git.glasklar.is/sigsum/core/sigsum-go, tag v0.6.1.
* The prototype witness, https://git.glasklar.is/sigsum/core/sigsum-py, tag v0.1.1.
* The litetlog witness, https://github.com/FiloSottile/litetlog, tag v0.1.1.
New features:
* Implemented a new interim witness protocol [2], where a log queries witnesses for cosignatures. Witnesses to use are configured using a sigsum policy file.
Further changes to the log <-> witness protocol are planned.
Incompatible changes:
* Tree head serialization used for signatures and cosignatures changed to use a checkpoint-compatible [3] text serialization.
* Leaf signatures as well as submit token signatures changed to no longer use SSH signature format.
Notes on upgrading:
* Existing logs can be upgraded. When loading a log server's signed-tree-head file, the server accepts either a sigsum v0 tree head signature, as created by log-go v0.9.0, or a v1 signature, as created by the current version.
* An upgraded log will publish tree heads signed according to the v1 protocol, and accept new leaves signed according to the v1 protocol.
* Old leaves submitted according to the v0 protocol obviously stay in the tree, but they will appear invalid to anyone who has the submitter's public key and attempts to verify the leaf signature according to the v1 specification.
* Old sigsum proofs can still be verified using old tools (since verification is purely offline, the log server is not involved at all). However, attempting to create a new proof for an old leaf will fail.
Miscellaneous:
* An intermediate version, tagged v0.13.0, included an explicit "v1" signature version on the cosignature lines. This protocol change was reverted for v0.14.x. Version v0.13.0 was never announced or properly released, but in case anyone is nevertheless running v0.13.0, upgrading to v0.14.1 is expected to work. The only user-visible change is the removal of cosignature version, which means that any client software and witnesses written to interop with log servers running v0.13.0 will need upgrading as well.
[1] https://git.glasklar.is/sigsum/project/documentation/-/blob/main/log.md [2] https://git.glasklar.is/sigsum/project/documentation/-/blob/4ee138f1294f9c17... [3] https://github.com/transparency-dev/formats/blob/main/log/README.md#checkpoi...
Clarification: log-go v0.14.1 implements a _release candidate_ of the Sigsum version 1 protocol. The decision to consider it final has been pending for quite some time now and is scheduled for our next weekly.
/ The Sigsum team
On Thu, Oct 26, 2023 at 03:36:25PM +0200, Sigsum General wrote:
The Sigsum team is happy to release a new version of the log-go log server software, version tag v0.14.1, succeeding the previous release v0.9.0. The source code for the release can be checked out from the git repository as
git clone -b v0.14.1 https://git.glasklar.is/sigsum/core/log-go.git
or installed using
go install sigsum.org/log-go/cmd/sigsum-log-primary@v0.14.1
This release updates the log to the version 1 Sigsum protocol. It also adds back support for witness cosigning, following an interim witness protocol. See NEWS file for details on changes and how to upgrade, excerpt below.
If you find any bugs, please report them here on the sigsum-general mailing list or open an issue on GitLab in the log-go repository:
https://git.glasklar.is/sigsum/core/log-go/
The expectations and intended use of the log server software is documented in the log-go RELEASES file. You will also find more information about the overall release process there, see https://git.glasklar.is/sigsum/core/log-go/-/blob/main/RELEASES.md.
/ The Sigsum team
NEWS for log-go v0.14.1
This release updates the log server to implement the v1 sigsum protocols [1].
The log protocol, i.e., the protocol for querying a log and submitting new entries, is now considered stable: there are no plans for incompatible changes, and future updates will consider transitions carefully. However, the witness protocol, used by logs to interact with witnesses, is under development, and will likely be replaced in later versions.
Upgrading existing log services from the previous release, v0.9.0, is automatic, see below for the implications of upgrading. However, downgrading is *NOT* tested nor supported. Downgrading would require manual replacement of the signed-tree-head file by restoring it from a backup or recreating it using sigsum-mktree.
This release has been tested to work together with:
* Command line tools (most importantly sigsum-submit and sigsum-verify) https://git.glasklar.is/sigsum/core/sigsum-go, tag v0.6.1.
The prototype witness, https://git.glasklar.is/sigsum/core/sigsum-py, tag v0.1.1.
The litetlog witness, https://github.com/FiloSottile/litetlog, tag v0.1.1.
New features:
Implemented a new interim witness protocol [2], where a log queries witnesses for cosignatures. Witnesses to use are configured using a sigsum policy file.
Further changes to the log <-> witness protocol are planned.
Incompatible changes:
Tree head serialization used for signatures and cosignatures changed to use a checkpoint-compatible [3] text serialization.
Leaf signatures as well as submit token signatures changed to no longer use SSH signature format.
Notes on upgrading:
Existing logs can be upgraded. When loading a log server's signed-tree-head file, the server accepts either a sigsum v0 tree head signature, as created by log-go v0.9.0, or a v1 signature, as created by the current version.
An upgraded log will publish tree heads signed according to the v1 protocol, and accept new leaves signed according to the v1 protocol.
Old leaves submitted according to the v0 protocol obviously stay in the tree, but they will appear invalid to anyone who has the submitter's public key and attempts to verify the leaf signature according to the v1 specification.
Old sigsum proofs can still be verified using old tools (since verification is purely offline, the log server is not involved at all). However, attempting to create a new proof for an old leaf will fail.
Miscellaneous:
- An intermediate version, tagged v0.13.0, included an explicit "v1" signature version on the cosignature lines. This protocol change was reverted for v0.14.x. Version v0.13.0 was never announced or properly released, but in case anyone is nevertheless running v0.13.0, upgrading to v0.14.1 is expected to work. The only user-visible change is the removal of cosignature version, which means that any client software and witnesses written to interop with log servers running v0.13.0 will need upgrading as well.
[1] https://git.glasklar.is/sigsum/project/documentation/-/blob/main/log.md [2] https://git.glasklar.is/sigsum/project/documentation/-/blob/4ee138f1294f9c17... [3] https://github.com/transparency-dev/formats/blob/main/log/README.md#checkpoi...
Sigsum-general mailing list -- sigsum-general@lists.sigsum.org To unsubscribe send an email to sigsum-general-leave@lists.sigsum.org
Brief follow-up: the decision to transition from release candidate to final version was accepted on yesterday's weekly. We will shoot a separate email about this here on sigsum-general sometime soon.
-Rasmus
On Thu, Oct 26, 2023 at 08:39:03PM +0200, Sigsum General wrote:
Clarification: log-go v0.14.1 implements a _release candidate_ of the Sigsum version 1 protocol. The decision to consider it final has been pending for quite some time now and is scheduled for our next weekly.
/ The Sigsum team
On Thu, Oct 26, 2023 at 03:36:25PM +0200, Sigsum General wrote:
The Sigsum team is happy to release a new version of the log-go log server software, version tag v0.14.1, succeeding the previous release v0.9.0. The source code for the release can be checked out from the git repository as
git clone -b v0.14.1 https://git.glasklar.is/sigsum/core/log-go.git
or installed using
go install sigsum.org/log-go/cmd/sigsum-log-primary@v0.14.1
This release updates the log to the version 1 Sigsum protocol. It also adds back support for witness cosigning, following an interim witness protocol. See NEWS file for details on changes and how to upgrade, excerpt below.
If you find any bugs, please report them here on the sigsum-general mailing list or open an issue on GitLab in the log-go repository:
https://git.glasklar.is/sigsum/core/log-go/
The expectations and intended use of the log server software is documented in the log-go RELEASES file. You will also find more information about the overall release process there, see https://git.glasklar.is/sigsum/core/log-go/-/blob/main/RELEASES.md.
/ The Sigsum team
NEWS for log-go v0.14.1
This release updates the log server to implement the v1 sigsum protocols [1].
The log protocol, i.e., the protocol for querying a log and submitting new entries, is now considered stable: there are no plans for incompatible changes, and future updates will consider transitions carefully. However, the witness protocol, used by logs to interact with witnesses, is under development, and will likely be replaced in later versions.
Upgrading existing log services from the previous release, v0.9.0, is automatic, see below for the implications of upgrading. However, downgrading is *NOT* tested nor supported. Downgrading would require manual replacement of the signed-tree-head file by restoring it from a backup or recreating it using sigsum-mktree.
This release has been tested to work together with:
* Command line tools (most importantly sigsum-submit and sigsum-verify) https://git.glasklar.is/sigsum/core/sigsum-go, tag v0.6.1.
The prototype witness, https://git.glasklar.is/sigsum/core/sigsum-py, tag v0.1.1.
The litetlog witness, https://github.com/FiloSottile/litetlog, tag v0.1.1.
New features:
Implemented a new interim witness protocol [2], where a log queries witnesses for cosignatures. Witnesses to use are configured using a sigsum policy file.
Further changes to the log <-> witness protocol are planned.
Incompatible changes:
Tree head serialization used for signatures and cosignatures changed to use a checkpoint-compatible [3] text serialization.
Leaf signatures as well as submit token signatures changed to no longer use SSH signature format.
Notes on upgrading:
Existing logs can be upgraded. When loading a log server's signed-tree-head file, the server accepts either a sigsum v0 tree head signature, as created by log-go v0.9.0, or a v1 signature, as created by the current version.
An upgraded log will publish tree heads signed according to the v1 protocol, and accept new leaves signed according to the v1 protocol.
Old leaves submitted according to the v0 protocol obviously stay in the tree, but they will appear invalid to anyone who has the submitter's public key and attempts to verify the leaf signature according to the v1 specification.
Old sigsum proofs can still be verified using old tools (since verification is purely offline, the log server is not involved at all). However, attempting to create a new proof for an old leaf will fail.
Miscellaneous:
- An intermediate version, tagged v0.13.0, included an explicit "v1" signature version on the cosignature lines. This protocol change was reverted for v0.14.x. Version v0.13.0 was never announced or properly released, but in case anyone is nevertheless running v0.13.0, upgrading to v0.14.1 is expected to work. The only user-visible change is the removal of cosignature version, which means that any client software and witnesses written to interop with log servers running v0.13.0 will need upgrading as well.
[1] https://git.glasklar.is/sigsum/project/documentation/-/blob/main/log.md [2] https://git.glasklar.is/sigsum/project/documentation/-/blob/4ee138f1294f9c17... [3] https://github.com/transparency-dev/formats/blob/main/log/README.md#checkpoi...
Sigsum-general mailing list -- sigsum-general@lists.sigsum.org To unsubscribe send an email to sigsum-general-leave@lists.sigsum.org
Sigsum-general mailing list -- sigsum-general@lists.sigsum.org To unsubscribe send an email to sigsum-general-leave@lists.sigsum.org
sigsum-general@lists.sigsum.org
-
Niels Möller -
Rasmus Dahlberg