SigStore KMIP integration #776
daveroche-digi
started this conversation in
Ideas
Replies: 1 comment 2 replies
-
I'd be supportive of adding a new provider for this, though at first I'd target it to be additive instead of replacing the existing implementations. |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
I would like to enquire if SigStore has any plans to facilitiate integrating technology partners to act as KMS service providers via the the KMIP standard.
I note Sigstore has integrations in custom way with KMS providers for key storage using proprietary vender specific integrations which are tightly coupled to Sigstore e.g. Azure Key Vault, Hashicorp Vault, AWS KMS, and GCP KMS. We would like to enquire and discover if Sigstore intend to support a more general integration for KMS providers by leveraging an open standard like KMIP to facilitate other providers instead of integrating new partners individually in bespoke way.
We feel it may be mutually beneficial as this opens up the possibility for more KMS services to connect with Sigstore service(s) using KMIP for services that store keys in a KMS service provider and are KMIP ready.
Thanks,
Dave
Beta Was this translation helpful? Give feedback.
All reactions