Skip to content

Support storing hardware keys attestations files from team members #2501

Description

@ubiratansoares

Storing hardware keys attestations

As an outcome of a 2026 all-hands session, Project members with infra access were granted two Yubico YubiKeys. As a follow-up, we should have a way to allow people to share attestation files related to authentication ans signing keys stored inside a YubiKey through the PIV support, since those should play a role in future projects.

This repo is a good canditate to store such attestation files, since we can correlate these files with (actual) team members and
eventually expose them (or some derivative information) using the team static API if needed.

Discussion points / design decisions:

  • which folder or covention should we use to store these files?
  • which TOML schema changes are needed (if any)?
  • which additional tooling do we need to support these attestation files (if any)?

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions