Verify and validate via cosign and slsa-verifier

Prerequisites

Step 1: Verify GUAC image via Cosign

  1. Based on the latest GUAC release, validate that the GUAC image is signed and verifiable via cosign by running the following command:

    LATEST_VERSION=$(curl https://api.github.com/repos/guacsec/guac/releases/latest | grep tag_name | cut -d : -f2 | tr -d "v\", ")
GUAC_DIGEST=$(crane digest ghcr.io/guacsec/guac:v$LATEST_VERSION)

cosign verify ghcr.io/guacsec/guac@$GUAC_DIGEST \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com  \
  --certificate-identity https://github.com/guacsec/guac/.github/workflows/release.yaml@refs/tags/v$LATEST_VERSION

    You should see an output similar to this:

    Verification for ghcr.io/guacsec/guac@sha256:57cacf2388a3bd9322db99d7acb861ab8aff6964bdbaba910547e9fc268a5480 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates

[{"critical":{"identity":{"docker-reference":"ghcr.io/guacsec/guac"},"image":{"docker-manifest-digest":"sha256:57cacf2388a3bd9322db99d7acb861ab8aff6964bdbaba910547e9fc268a5480"},"type":"cosign container image signature"},"optional":{"1.3.6.1.4.1.57264.1.1":"https://token.actions.githubusercontent.com","1.3.6.1.4.1.57264.1.2":"push","1.3.6.1.4.1.57264.1.3":"7c3b1b9188e868c1ce2c8c21793cd7e6894aa244","1.3.6.1.4.1.57264.1.4":"release","1.3.6.1.4.1.57264.1.5":"guacsec/guac","1.3.6.1.4.1.57264.1.6":"refs/tags/v0.3.0","Bundle":{"SignedEntryTimestamp":"MEQCIAgytT/O/3ZP3gYoKt6wcDl9n3vOjm+tXe+Abjyf2qrKAiBVmrJIsbIy9sa3E/JGNnxgupdiykudfUXDtHeylpptvA==","Payload":{"body":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI3NGViYmE0NjMzYWUzOTAyOGFmMTcxMGJhNjg0MmJjNWEyODk1NDUxZDQzM2JiODliNWYyOGE2MWQwMDdiYjFiIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUREZWlQcEFibkg1SXpEeWZrdVVVV09NUEJmTVZjdTk0c0JGd3VxQnRUUS9BSWdLUkgvUk5UcmdNcUQrQmZrR3BsdG4zZWhmV1dNeU81aTJZcktDcmNkVDdZPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVZHFha05EUW1oUFowRjNTVUpCWjBsVlNsUjNWRU5SWW10bVJqRnhXWEpuV1RSMk1HTmlVa1V5VFVwamQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcE5lRTFFUlhwTmFrRjZUbFJSTUZkb1kwNU5hazE0VFVSRmVrMXFRVEJPVkZFd1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZZWjNWc05rMTJlSGxCUVU0eVJHOWpkemgzUkhoQ1VrTnNXamxHWVhkU09XTnBSREVLUlhJeE9VTkRZV1p5ZGtkdU1rTlRUMkpoU214bk9WUmxNaXRLYjFNMU56UjRORTQ1VWtZM2RVVnlka0kyU0daa1VUWlBRMEpVU1hkbloxVjFUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlV3YVRoTkNuTlFMMk5qWVdGWmFXUjBaMFJxVTNSNWJISmFWbmRyZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDFoUldVUldVakJTUVZGSUwwSkdUWGRWV1ZwUVlVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVERKa01WbFhUbnBhVjAxMldqTldhQXBaZVRoMVdqSnNNR0ZJVm1sTU0yUjJZMjEwYldKSE9UTmplVGw1V2xkNGJGbFlUbXhNYm14b1lsZDRRV050Vm0xamVUa3dXVmRrZWt3eldYZE1hazExQ2sxRVFUVkNaMjl5UW1kRlJVRlpUeTlOUVVWQ1FrTjBiMlJJVW5kamVtOTJURE5TZG1FeVZuVk1iVVpxWkVkc2RtSnVUWFZhTW13d1lVaFdhV1JZVG13S1kyMU9kbUp1VW14aWJsRjFXVEk1ZEUxQ1NVZERhWE5IUVZGUlFtYzNPSGRCVVVsRlFraENNV015WjNkT1oxbExTM2RaUWtKQlIwUjJla0ZDUVhkUmJ3cE9NazE2V1dwR2FVOVVSVFJQUjFVMFRtcG9hazFYVG14TmJVMDBXWHBKZUU1NmEzcFpNbEV6V2xSWk5FOVVVbWhaVkVrd1RrUkJWa0puYjNKQ1owVkZDa0ZaVHk5TlFVVkZRa0ZrZVZwWGVHeFpXRTVzVFVKdlIwTnBjMGRCVVZGQ1p6YzRkMEZSVlVWRVIyUXhXVmRPZWxwWFRYWmFNMVpvV1hwQlpVSm5iM0lLUW1kRlJVRlpUeTlOUVVWSFFrSkNlVnBYV25wTU0xSm9Xak5OZG1ScVFYVk5lVFIzVFVSelIwTnBjMGRCVVZGQ1p6YzRkMEZSWjBWTVVYZHlZVWhTTUFwalNFMDJUSGs1TUdJeWRHeGlhVFZvV1ROU2NHSXlOWHBNYldSd1pFZG9NVmx1Vm5wYVdFcHFZakkxTUZwWE5UQk1iVTUyWWxSQ1prSm5iM0pDWjBWRkNrRlpUeTlOUVVWS1FrWkZUVlF5YURCa1NFSjZUMms0ZGxveWJEQmhTRlpwVEcxT2RtSlRPVzVrVjBacVl6Sldha3d5WkRGWlYwMTJURzFrY0dSSGFERUtXV2s1TTJJelNuSmFiWGgyWkROTmRtTnRWbk5hVjBaNldsTTFOVmxYTVhOUlNFcHNXbTVOZG1SSFJtNWplVGt5VFVNMGVreHFRWGRQUVZsTFMzZFpRZ3BDUVVkRWRucEJRa05uVVhGRVEyY3pXWHBPYVUxWFNUVk5WR2MwV2xSbk1rOUhUWGhaTWxWNVdYcG9hazFxUlROUFZFNXFXa1JrYkU1cVp6Vk9SMFpvQ2sxcVVUQk5RakJIUTJselIwRlJVVUpuTnpoM1FWRnpSVVIzZDA1YU1td3dZVWhXYVV4WGFIWmpNMUpzV2tSQmRrSm5iM0pDWjBWRlFWbFBMMDFCUlUwS1FrTkZUVWd5YURCa1NFSjZUMms0ZGxveWJEQmhTRlpwVEcxT2RtSlRPVzVrVjBacVl6Sldha3d5WkRGWlYwMTNUMEZaUzB0M1dVSkNRVWRFZG5wQlFncEVVVkZ4UkVObk0xbDZUbWxOVjBrMVRWUm5ORnBVWnpKUFIwMTRXVEpWZVZsNmFHcE5ha1V6VDFST2FscEVaR3hPYW1jMVRrZEdhRTFxVVRCTlEwRkhDa05wYzBkQlVWRkNaemM0ZDBGUk5FVkZaM2RSWTIxV2JXTjVPVEJaVjJSNlRETlpkMHhxVFhWTlJFRmFRbWR2Y2tKblJVVkJXVTh2VFVGRlVFSkJjMDBLUTFSVmQwMXFSWGxPZWtVeVRtcEJjVUpuYjNKQ1owVkZRVmxQTDAxQlJWRkNRbmROUjIxb01HUklRbnBQYVRoMldqSnNNR0ZJVm1sTWJVNTJZbE01Ymdwa1YwWnFZekpXYWsxQ2EwZERhWE5IUVZGUlFtYzNPSGRCVWtWRlEzZDNTazFVUlhoTmVtdDZUMFJyZUUxR09FZERhWE5IUVZGUlFtYzNPSGRCVWtsRkNsVlJlRkJoU0ZJd1kwaE5Oa3g1T1c1aFdGSnZaRmRKZFZreU9YUk1NbVF4V1ZkT2VscFhUWFphTTFab1dYazRkVm95YkRCaFNGWnBURE5rZG1OdGRHMEtZa2M1TTJONU9YbGFWM2hzV1ZoT2JFeHViR2hpVjNoQlkyMVdiV041T1RCWlYyUjZURE5aZDB4cVRYVk5SRUUwUW1kdmNrSm5SVVZCV1U4dlRVRkZWQXBDUTI5TlMwUmthazB5U1hoWmFtdDRUMFJvYkU5RVdUUlpla1pxV2xSS2FrOUhUWGxOVkdNMVRUSk9hMDR5VlRKUFJHc3dXVmRGZVU1RVVYZEdRVmxMQ2t0M1dVSkNRVWRFZG5wQlFrWkJVVWRFUVZKM1pGaE9iMDFHU1VkRGFYTkhRVkZSUW1jM09IZEJVbFZGVWtGNFEyRklVakJqU0UwMlRIazVibUZZVW04S1pGZEpkVmt5T1hSTU1tUXhXVmRPZWxwWFRYWmFNMVpvV1hrNWFGa3pVbkJpTWpWNlRETktNV0p1VFhaT2FsVjRUV3BqZWs5RVozbE5RemxvWkVoU2JBcGlXRUl3WTNrNGVFMUNXVWREYVhOSFFWRlJRbWMzT0hkQlVsbEZRMEYzUjJOSVZtbGlSMnhxVFVsSFMwSm5iM0pDWjBWRlFXUmFOVUZuVVVOQ1NIZEZDbVZuUWpSQlNGbEJNMVF3ZDJGellraEZWRXBxUjFJMFkyMVhZek5CY1VwTFdISnFaVkJMTXk5b05IQjVaME00Y0Rkdk5FRkJRVWRNUzNORFQwVm5RVUVLUWtGTlFWSjZRa1pCYVVGVFdIVm9lVzh6ZVRGcGN6RkplRlJ3Um5sSGEyOU5OelJWV21WR1IweDJkWEpVWVRkdUszQnNkVEJuU1doQlMwZHdXa0pFVEFwbEwwOUZkMUZXYkc5SFZXVk5WVkJHU3pSNGRFUXdNbXc1UjAwM1kwaGxNMjVQUVdGTlFXOUhRME54UjFOTk5EbENRVTFFUVRKclFVMUhXVU5OVVVSaENqWmpURTlVU0hOV2QyZHJiR0V5VkZWaFZHZERaM2h2Y1ZaSWFscGtWRzhyTVRaVVYwMW5hMVppTW1GblZ6SnNZamhYWjJjME5tOXJWM1J0YVV0dlkwTUtUVkZFV2t4cU1FSTFkbTk1WjB0S1NHTlFaa2h1Y0VKTGQyVndNa3gxVHpoUFpVRjVXSGM1Vnk5V2RuRXJieTh3TkdoMFVWWnBSazl1Tm5aVE1rWkNid28yY1VFOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19","integratedTime":1697229344,"logIndex":42879042,"logID":"c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"}},"Issuer":"https://token.actions.githubusercontent.com","Subject":"https://github.com/guacsec/guac/.github/workflows/release.yaml@refs/tags/v0.3.0","git_sha":"7c3b1b9188e868c1ce2c8c21793cd7e6894aa244","githubWorkflowName":"release","githubWorkflowRef":"refs/tags/v0.3.0","githubWorkflowRepository":"guacsec/guac","githubWorkflowSha":"7c3b1b9188e868c1ce2c8c21793cd7e6894aa244","githubWorkflowTrigger":"push"}}]

  2. We can also verify the SLSA attestation on the image via:

    cosign verify-attestation ghcr.io/guacsec/guac@$GUAC_DIGEST \
 --certificate-identity https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.9.0 \
 --certificate-oidc-issuer https://token.actions.githubusercontent.com --type 'https://slsa.dev/provenance/v0.2'

    you should see an output similar to this:

    Verification for ghcr.io/guacsec/guac@sha256:57cacf2388a3bd9322db99d7acb861ab8aff6964bdbaba910547e9fc268a5480 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates
Certificate subject: https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.9.0
Certificate issuer URL: https://token.actions.githubusercontent.com
GitHub Workflow Trigger: push
GitHub Workflow SHA: 7c3b1b9188e868c1ce2c8c21793cd7e6894aa244
GitHub Workflow Name: release
GitHub Workflow Repository: guacsec/guac
GitHub Workflow Ref: refs/tags/v0.3.0
{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJnaGNyLmlvL2d1YWNzZWMvZ3VhYyIsImRpZ2VzdCI6eyJzaGEyNTYiOiI1N2NhY2YyMzg4YTNiZDkzMjJkYjk5ZDdhY2I4NjFhYjhhZmY2OTY0YmRiYWJhOTEwNTQ3ZTlmYzI2OGE1NDgwIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9jb250YWluZXJfc2xzYTMueW1sQHJlZnMvdGFncy92MS45LjAifSwiYnVpbGRUeXBlIjoiaHR0cHM6Ly9naXRodWIuY29tL3Nsc2EtZnJhbWV3b3JrL3Nsc2EtZ2l0aHViLWdlbmVyYXRvci9jb250YWluZXJAdjEiLCJpbnZvY2F0aW9uIjp7ImNvbmZpZ1NvdXJjZSI6eyJ1cmkiOiJnaXQraHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhY0ByZWZzL3RhZ3MvdjAuMy4wIiwiZGlnZXN0Ijp7InNoYTEiOiI3YzNiMWI5MTg4ZTg2OGMxY2UyYzhjMjE3OTNjZDdlNjg5NGFhMjQ0In0sImVudHJ5UG9pbnQiOiIuZ2l0aHViL3dvcmtmbG93cy9yZWxlYXNlLnlhbWwifSwicGFyYW1ldGVycyI6e30sImVudmlyb25tZW50Ijp7ImdpdGh1Yl9hY3RvciI6InB4cDkyOCIsImdpdGh1Yl9hY3Rvcl9pZCI6Ijg4MDQ1MjE3IiwiZ2l0aHViX2Jhc2VfcmVmIjoiIiwiZ2l0aHViX2V2ZW50X25hbWUiOiJwdXNoIiwiZ2l0aHViX2V2ZW50X3BheWxvYWQiOnsiYWZ0ZXIiOiI3YzNiMWI5MTg4ZTg2OGMxY2UyYzhjMjE3OTNjZDdlNjg5NGFhMjQ0IiwiYmFzZV9yZWYiOiJyZWZzL2hlYWRzL21haW4iLCJiZWZvcmUiOiIwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwIiwiY29tbWl0cyI6W10sImNvbXBhcmUiOiJodHRwczovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjL2NvbXBhcmUvdjAuMy4wIiwiY3JlYXRlZCI6dHJ1ZSwiZGVsZXRlZCI6ZmFsc2UsImZvcmNlZCI6ZmFsc2UsImhlYWRfY29tbWl0Ijp7ImF1dGhvciI6eyJlbWFpbCI6Im1yaXp6aUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20iLCJuYW1lIjoiTWFyY28gUml6emkiLCJ1c2VybmFtZSI6Im1yaXp6aSJ9LCJjb21taXR0ZXIiOnsiZW1haWwiOiJub3JlcGx5QGdpdGh1Yi5jb20iLCJuYW1lIjoiR2l0SHViIiwidXNlcm5hbWUiOiJ3ZWItZmxvdyJ9LCJkaXN0aW5jdCI6dHJ1ZSwiaWQiOiI3YzNiMWI5MTg4ZTg2OGMxY2UyYzhjMjE3OTNjZDdlNjg5NGFhMjQ0IiwibWVzc2FnZSI6IkNlcnRpZmllciBPU1Y6IGZpeGVkIGVtaXQgZnVuYyB3aGVuIHBvbGxpbmcgKCMxMzk2KVxuXG4qIENlcnRpZmllciBPU1Y6IGZpeGVkIGVtaXQgZnVuYyB3aGVuIHBvbGxpbmdcblxuU2lnbmVkLW9mZi1ieTogbXJpenppIFx1MDAzY21yaXp6aUByZWRoYXQuY29tXHUwMDNlXG5cbiogQ2VydGlmaWVyIE9TVjogZmx1c2ggdGhlIHRvdGFsRG9jc1xuXG5TaWduZWQtb2ZmLWJ5OiBtcml6emkgXHUwMDNjbXJpenppQHJlZGhhdC5jb21cdTAwM2VcblxuKiBDZXJ0aWZpZXIgT1NWOiByZWZhY3RvcmVkIGluZ2VzdGlvbiBnb3JvdXRpbmVcblxuU2lnbmVkLW9mZi1ieTogbXJpenppIFx1MDAzY21yaXp6aUByZWRoYXQuY29tXHUwMDNlXG5cbiogQ2VydGlmaWVyIE9TVjogbGludGVyIGVuaGFuY2VtZW50c1xuXG5TaWduZWQtb2ZmLWJ5OiBtcml6emkgXHUwMDNjbXJpenppQHJlZGhhdC5jb21cdTAwM2VcblxuKiBDZXJ0aWZpZXIgT1NWOiBlbmhhbmNlZCBmb3IgbG9vcFxuXG5TaWduZWQtb2ZmLWJ5OiBtcml6emkgXHUwMDNjbXJpenppQHJlZGhhdC5jb21cdTAwM2VcblxuKiBDZXJ0aWZpZXIgT1NWOiBmaXggYXRvbWljLkxvYWRJbnQzMlxuXG5TaWduZWQtb2ZmLWJ5OiBtcml6emkgXHUwMDNjbXJpenppQHJlZGhhdC5jb21cdTAwM2VcblxuKiBDZXJ0aWZpZXIgT1NWOiByZXN0b3JlZCBmbGFnIGFwcHJvYWNoXG5cblNpZ25lZC1vZmYtYnk6IG1yaXp6aSBcdTAwM2Ntcml6emlAcmVkaGF0LmNvbVx1MDAzZVxuXG4tLS0tLS0tLS1cblxuU2lnbmVkLW9mZi1ieTogbXJpenppIFx1MDAzY21yaXp6aUByZWRoYXQuY29tXHUwMDNlIiwidGltZXN0YW1wIjoiMjAyMy0xMC0xM1QxOTowODo1OFoiLCJ0cmVlX2lkIjoiODFhNjhlNmMyYzQyYmViMWFjY2NkY2Y2MGU4ZTM1ZDUxYzJhNzJiNCIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWMvY29tbWl0LzdjM2IxYjkxODhlODY4YzFjZTJjOGMyMTc5M2NkN2U2ODk0YWEyNDQifSwib3JnYW5pemF0aW9uIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvMTExMzkzODkxP3Y9NCIsImRlc2NyaXB0aW9uIjpudWxsLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvZXZlbnRzIiwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvaG9va3MiLCJpZCI6MTExMzkzODkxLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvaXNzdWVzIiwibG9naW4iOiJndWFjc2VjIiwibWVtYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL29yZ3MvZ3VhY3NlYy9tZW1iZXJzey9tZW1iZXJ9Iiwibm9kZV9pZCI6Ik9fa2dET0JxTzhZdyIsInB1YmxpY19tZW1iZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vb3Jncy9ndWFjc2VjL3B1YmxpY19tZW1iZXJzey9tZW1iZXJ9IiwicmVwb3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvcmVwb3MiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL29yZ3MvZ3VhY3NlYyJ9LCJwdXNoZXIiOnsiZW1haWwiOiI4ODA0NTIxNytweHA5MjhAdXNlcnMubm9yZXBseS5naXRodWIuY29tIiwibmFtZSI6InB4cDkyOCJ9LCJyZWYiOiJyZWZzL3RhZ3MvdjAuMy4wIiwicmVwb3NpdG9yeSI6eyJhbGxvd19mb3JraW5nIjp0cnVlLCJhcmNoaXZlX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL3thcmNoaXZlX2Zvcm1hdH17L3JlZn0iLCJhcmNoaXZlZCI6ZmFsc2UsImFzc2lnbmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9hc3NpZ25lZXN7L3VzZXJ9IiwiYmxvYnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L2Jsb2Jzey9zaGF9IiwiYnJhbmNoZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvYnJhbmNoZXN7L2JyYW5jaH0iLCJjbG9uZV91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjLmdpdCIsImNvbGxhYm9yYXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvY29sbGFib3JhdG9yc3svY29sbGFib3JhdG9yfSIsImNvbW1lbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2NvbW1lbnRzey9udW1iZXJ9IiwiY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9jb21taXRzey9zaGF9IiwiY29tcGFyZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9jb21wYXJlL3tiYXNlfS4uLntoZWFkfSIsImNvbnRlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2NvbnRlbnRzL3srcGF0aH0iLCJjb250cmlidXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvY29udHJpYnV0b3JzIiwiY3JlYXRlZF9hdCI6MTY1NDg4MjA4NywiZGVmYXVsdF9icmFuY2giOiJtYWluIiwiZGVwbG95bWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZGVwbG95bWVudHMiLCJkZXNjcmlwdGlvbiI6IkdVQUMgYWdncmVnYXRlcyBzb2Z0d2FyZSBzZWN1cml0eSBtZXRhZGF0YSBpbnRvIGEgaGlnaCBmaWRlbGl0eSBncmFwaCBkYXRhYmFzZS4iLCJkaXNhYmxlZCI6ZmFsc2UsImRvd25sb2Fkc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9kb3dubG9hZHMiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZXZlbnRzIiwiZm9yayI6ZmFsc2UsImZvcmtzIjoxMjksImZvcmtzX2NvdW50IjoxMjksImZvcmtzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2ZvcmtzIiwiZnVsbF9uYW1lIjoiZ3VhY3NlYy9ndWFjIiwiZ2l0X2NvbW1pdHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L2NvbW1pdHN7L3NoYX0iLCJnaXRfcmVmc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9naXQvcmVmc3svc2hhfSIsImdpdF90YWdzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2dpdC90YWdzey9zaGF9IiwiZ2l0X3VybCI6ImdpdDovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjLmdpdCIsImhhc19kaXNjdXNzaW9ucyI6ZmFsc2UsImhhc19kb3dubG9hZHMiOnRydWUsImhhc19pc3N1ZXMiOnRydWUsImhhc19wYWdlcyI6ZmFsc2UsImhhc19wcm9qZWN0cyI6dHJ1ZSwiaGFzX3dpa2kiOnRydWUsImhvbWVwYWdlIjoiaHR0cHM6Ly9ndWFjLnNoIiwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaG9va3MiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWMiLCJpZCI6NTAyMTI3MTY2LCJpc190ZW1wbGF0ZSI6ZmFsc2UsImlzc3VlX2NvbW1lbnRfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaXNzdWVzL2NvbW1lbnRzey9udW1iZXJ9IiwiaXNzdWVfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2lzc3Vlcy9ldmVudHN7L251bWJlcn0iLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaXNzdWVzey9udW1iZXJ9Iiwia2V5c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9rZXlzey9rZXlfaWR9IiwibGFiZWxzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2xhYmVsc3svbmFtZX0iLCJsYW5ndWFnZSI6IkdvIiwibGFuZ3VhZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2xhbmd1YWdlcyIsImxpY2Vuc2UiOnsia2V5IjoiYXBhY2hlLTIuMCIsIm5hbWUiOiJBcGFjaGUgTGljZW5zZSAyLjAiLCJub2RlX2lkIjoiTURjNlRHbGpaVzV6WlRJPSIsInNwZHhfaWQiOiJBcGFjaGUtMi4wIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9saWNlbnNlcy9hcGFjaGUtMi4wIn0sIm1hc3Rlcl9icmFuY2giOiJtYWluIiwibWVyZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL21lcmdlcyIsIm1pbGVzdG9uZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvbWlsZXN0b25lc3svbnVtYmVyfSIsIm1pcnJvcl91cmwiOm51bGwsIm5hbWUiOiJndWFjIiwibm9kZV9pZCI6IlJfa2dET0hlM2FQZyIsIm5vdGlmaWNhdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvbm90aWZpY2F0aW9uc3s/c2luY2UsYWxsLHBhcnRpY2lwYXRpbmd9Iiwib3Blbl9pc3N1ZXMiOjEyMiwib3Blbl9pc3N1ZXNfY291bnQiOjEyMiwib3JnYW5pemF0aW9uIjoiZ3VhY3NlYyIsIm93bmVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvMTExMzkzODkxP3Y9NCIsImVtYWlsIjpudWxsLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMiLCJpZCI6MTExMzkzODkxLCJsb2dpbiI6Imd1YWNzZWMiLCJuYW1lIjoiZ3VhY3NlYyIsIm5vZGVfaWQiOiJPX2tnRE9CcU84WXciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiT3JnYW5pemF0aW9uIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjIn0sInByaXZhdGUiOmZhbHNlLCJwdWxsc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9wdWxsc3svbnVtYmVyfSIsInB1c2hlZF9hdCI6MTY5NzIyODQwOSwicmVsZWFzZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvcmVsZWFzZXN7L2lkfSIsInNpemUiOjc5NTgsInNzaF91cmwiOiJnaXRAZ2l0aHViLmNvbTpndWFjc2VjL2d1YWMuZ2l0Iiwic3RhcmdhemVycyI6MTA0Miwic3RhcmdhemVyc19jb3VudCI6MTA0Miwic3RhcmdhemVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdGFyZ2F6ZXJzIiwic3RhdHVzZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvc3RhdHVzZXMve3NoYX0iLCJzdWJzY3JpYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdWJzY3JpYmVycyIsInN1YnNjcmlwdGlvbl91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdWJzY3JpcHRpb24iLCJzdm5fdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhYyIsInRhZ3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvdGFncyIsInRlYW1zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL3RlYW1zIiwidG9waWNzIjpbXSwidHJlZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L3RyZWVzey9zaGF9IiwidXBkYXRlZF9hdCI6IjIwMjMtMTAtMTNUMTk6NDM6NTdaIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhYyIsInZpc2liaWxpdHkiOiJwdWJsaWMiLCJ3YXRjaGVycyI6MTA0Miwid2F0Y2hlcnNfY291bnQiOjEwNDIsIndlYl9jb21taXRfc2lnbm9mZl9yZXF1aXJlZCI6ZmFsc2V9LCJzZW5kZXIiOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vYXZhdGFycy5naXRodWJ1c2VyY29udGVudC5jb20vdS84ODA0NTIxNz92PTQiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5MjgvZXZlbnRzey9wcml2YWN5fSIsImZvbGxvd2Vyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5MjgvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L2dpc3Rzey9naXN0X2lkfSIsImdyYXZhdGFyX2lkIjoiIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vcHhwOTI4IiwiaWQiOjg4MDQ1MjE3LCJsb2dpbiI6InB4cDkyOCIsIm5vZGVfaWQiOiJNRFE2VlhObGNqZzRNRFExTWpFMyIsIm9yZ2FuaXphdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5Mjgvb3JncyIsInJlY2VpdmVkX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9yZXBvcyIsInNpdGVfYWRtaW4iOmZhbHNlLCJzdGFycmVkX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L3N0YXJyZWR7L293bmVyfXsvcmVwb30iLCJzdWJzY3JpcHRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4In19LCJnaXRodWJfaGVhZF9yZWYiOiIiLCJnaXRodWJfcmVmIjoicmVmcy90YWdzL3YwLjMuMCIsImdpdGh1Yl9yZWZfdHlwZSI6InRhZyIsImdpdGh1Yl9yZXBvc2l0b3J5X2lkIjoiNTAyMTI3MTY2IiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXIiOiJndWFjc2VjIiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXJfaWQiOiIxMTEzOTM4OTEiLCJnaXRodWJfcnVuX2F0dGVtcHQiOiIxIiwiZ2l0aHViX3J1bl9pZCI6IjY1MTI3Mzg4MjAiLCJnaXRodWJfcnVuX251bWJlciI6IjQwNyIsImdpdGh1Yl9zaGExIjoiN2MzYjFiOTE4OGU4NjhjMWNlMmM4YzIxNzkzY2Q3ZTY4OTRhYTI0NCJ9fSwibWV0YWRhdGEiOnsiYnVpbGRJbnZvY2F0aW9uSUQiOiI2NTEyNzM4ODIwLTEiLCJjb21wbGV0ZW5lc3MiOnsicGFyYW1ldGVycyI6dHJ1ZSwiZW52aXJvbm1lbnQiOmZhbHNlLCJtYXRlcmlhbHMiOmZhbHNlfSwicmVwcm9kdWNpYmxlIjpmYWxzZX0sIm1hdGVyaWFscyI6W3sidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWNAcmVmcy90YWdzL3YwLjMuMCIsImRpZ2VzdCI6eyJzaGExIjoiN2MzYjFiOTE4OGU4NjhjMWNlMmM4YzIxNzkzY2Q3ZTY4OTRhYTI0NCJ9fV19fQ==","signatures":[{"keyid":"","sig":"MEYCIQDjaO9Wv1YgK/26WIJsFoRHD4pKGciqOaYVLthQIu7U/AIhAOdQr2TXXMPMTl3tuwgR50XuPrwEakMEmXBANwEH71Z5"}]}

Step 2: Download GUAC binary and verify

  1. We can also verify the binaries via the checksums associated with each. Download the latest GUAC release guac_checksums.txt file. This contains all the checksums for all artifacts included in the release:

    curl -O -L "https://github.com/guacsec/guac/releases/latest/download/guac_checksums.txt"

    First we will verify signature of this file via:

    LATEST_VERSION=$(curl https://api.github.com/repos/guacsec/guac/releases/latest | grep tag_name | cut -d : -f2 | tr -d "v\", ")
cosign verify-blob --cert https://github.com/guacsec/guac/releases/download/v$LATEST_VERSION/guac_checksums.txt-keyless.pem \
--signature https://github.com/guacsec/guac/releases/download/v$LATEST_VERSION/guac_checksums.txt-keyless.sig \
./guac_checksums.txt \
--certificate-identity https://github.com/guacsec/guac/.github/workflows/release.yaml@refs/tags/v$LATEST_VERSION \
--certificate-oidc-issuer https://token.actions.githubusercontent.com

    The output should be:

    Verified OK

  2. Download the GUAC CLI guacone binary for your machine’s OS and architecture from the latest GUAC release. For example Linux x86_64 is `guacone-linux-amd64’.

  3. Calculate the checksum of the binary. For example:

    shasum -a 256 guacone-linux-amd64

    which will output:

    769040ce66e97a6398e2e697107fbdb02daa2fdeb97784ac70dc38b794c8b02b  guacone-linux-amd64

    compare this against the guac_checksums.txt downloaded above and you should see that they match.

  4. Verify the signature. We generate SLSA 3 provenance using the OpenSSF’s slsa-framework/slsa-github-generator. To verify our release, install the verification tool from slsa-framework/slsa-verifier#installation and verify as follows:

    For example if using `guacone-linux-amd64’ the command would would be as follows:

    LATEST_VERSION=$(curl https://api.github.com/repos/guacsec/guac/releases/latest | grep tag_name | cut -d : -f2 | tr -d "v\", ")
curl -sL https://github.com/guacsec/guac/releases/download/v$LATEST_VERSION/multiple.intoto.jsonl > multiple.intoto.jsonl
slsa-verifier verify-artifact ./guacone-linux-amd64 --provenance-path ./multiple.intoto.jsonl --source-uri github.com/guacsec/guac

    You should see an output similar to this:

    Verified signature against tlog entry index 31541425 at URL: https://rekor.sigstore.dev/api/v1/log/entries/24296fb24b8ad77a020e9997ab4ec1312d9f95e211b528e9a8751f775d78c5542a365cd2bfb82871
Verified build using builder "https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.8.0" at commit 463b8004beebbd413ecf556e4fc5a1bf986534ab
Verifying artifact ./guacone-linux-amd64: PASSED

PASSED: Verified SLSA provenance

Step 3: Verify guac-visualizer image via Cosign

  1. Similar to the above, we can verify the latest guac-visualizer release, by running the following command. As the current guac-visualizer is in pre-release, we cannot fetch the latest version. Replace the LATEST_VERSION with the latest verion for the guac-visualizer:

    LATEST_VERSION=0.1.1
GUAC_DIGEST=$(crane digest ghcr.io/guacsec/guac-visualizer:v$LATEST_VERSION)

cosign verify ghcr.io/guacsec/guac-visualizer@$GUAC_DIGEST \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com  \
  --certificate-identity https://github.com/guacsec/guac-visualizer/.github/workflows/release.yaml@refs/tags/v$LATEST_VERSION

    You should see an output similar to this:

    Verification for ghcr.io/guacsec/guac-visualizer@sha256:d75c71a4ad5cec96d1a453d7aea7e6ae5886af178a6380dececf695fcc7f3ad1 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates

[{"critical":{"identity":{"docker-reference":"ghcr.io/guacsec/guac-visualizer"},"image":{"docker-manifest-digest":"sha256:d75c71a4ad5cec96d1a453d7aea7e6ae5886af178a6380dececf695fcc7f3ad1"},"type":"cosign container image signature"},"optional":{"1.3.6.1.4.1.57264.1.1":"https://token.actions.githubusercontent.com","1.3.6.1.4.1.57264.1.2":"push","1.3.6.1.4.1.57264.1.3":"59751aae96e5290cf2cab9f721a63050bf5db42e","1.3.6.1.4.1.57264.1.4":"release-guac-visualizer-image","1.3.6.1.4.1.57264.1.5":"guacsec/guac-visualizer","1.3.6.1.4.1.57264.1.6":"refs/tags/v0.1.1","Bundle":{"SignedEntryTimestamp":"MEUCIHfbwjJNVK4TPGqjf6Duw9enBO4mPANckvN2PJp2jDtjAiEAkEIpM0I34T3yW6q6SaAsAT+ZDyLc5SOdKjH5USCZZqs=","Payload":{"body":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJmMzcwMTBlN2NhOWI1YjdiNTY3MDA2OGRmN2M3NmViNTNiMzM4ZjU1NGQ1NjRjNzZhODE2Y2Q0MDNiYTQ1ZGY2In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUN5UGZ4S05TaWMycSt6K3U1SEYyQS91WVFBV0pYeUZFeGZpcGd3NW5TNmRnSWdIbStYRUZxUnV3WDF3dEg0TXNpRXVWeEdueWJENTdaVkh5ZUk0SEZuZHQ4PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVYzFha05EUW0xNVowRjNTVUpCWjBsVllVZFJOelpKZVdOQ2IyWjRiWGRyU1hKQ1IxQmpaREZ1WjA5UmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcE5kMDlFUlROTlZHdDRUbFJCZDFkb1kwNU5hazEzVDBSRk0wMVVhM2xPVkVGM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVV2UlVkWU5XdHlZbVJhWW1aU1JVZHFkMDVwYzNkWWJXaHhUR0Y0WTFWVmVuRjNkMjBLTVdKUlpURk9VMlJZUm1Kb1JrdFFjMk5uYjFaVVRqRXlXVTVQVkVGRmVGRXJUbmM0TUU5a01HUnNNM3BKYURKaEwwdFBRMEpaYzNkbloxZElUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZFV0ZONUNuTmlRMGRCYms1NWNURk1TV2x1T0c1RmIyc3JjbkZuZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDJGQldVUldVakJTUVZGSUwwSkdOSGRZU1ZwaFlVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVERKa01WbFhUbnBhVjAxMldqTldhQXBaZVRFeVlWaE9NVmxYZUhCbGJWWjVUSGsxYm1GWVVtOWtWMGwyWkRJNWVXRXlXbk5pTTJSNlRETktiR0pIVm1oak1sVjFaVmRHZEdKRlFubGFWMXA2Q2t3elVtaGFNMDEyWkdwQmRVMVROSGhOUkd0SFEybHpSMEZSVVVKbk56aDNRVkZGUlVzeWFEQmtTRUo2VDJrNGRtUkhPWEphVnpSMVdWZE9NR0ZYT1hVS1kzazFibUZZVW05a1Ywb3hZekpXZVZreU9YVmtSMVoxWkVNMWFtSXlNSGRGWjFsTFMzZFpRa0pCUjBSMmVrRkNRV2RSUldOSVZucGhSRUV5UW1kdmNncENaMFZGUVZsUEwwMUJSVVJDUTJjeFQxUmpNVTFYUm1oYVZHc3lXbFJWZVU5VVFtcGFha3BxV1ZkSk5WcHFZM2xOVjBVeVRYcEJNVTFIU20xT1YxSnBDazVFU214TlEzTkhRMmx6UjBGUlVVSm5OemgzUVZGUlJVaFlTbXhpUjFab1l6SlZkRm96Vm1oWmVURXlZVmhPTVZsWGVIQmxiVlo1VEZkc2RGbFhaR3dLVFVOVlIwTnBjMGRCVVZGQ1p6YzRkMEZSVlVWR01tUXhXVmRPZWxwWFRYWmFNMVpvV1hreE1tRllUakZaVjNod1pXMVdlVTFDTkVkRGFYTkhRVkZSUWdwbk56aDNRVkZaUlVWSVNteGFiazEyWkVkR2JtTjVPVEpOUXpSNFRHcEZkMDkzV1V0TGQxbENRa0ZIUkhaNlFVSkRRVkYwUkVOMGIyUklVbmRqZW05MkNrd3pVblpoTWxaMVRHMUdhbVJIYkhaaWJrMTFXakpzTUdGSVZtbGtXRTVzWTIxT2RtSnVVbXhpYmxGMVdUSTVkRTFIYjBkRGFYTkhRVkZSUW1jM09IY0tRVkZyUlZoQmVHRmhTRkl3WTBoTk5reDVPVzVoV0ZKdlpGZEpkVmt5T1hSTU1tUXhXVmRPZWxwWFRYWmFNMVpvV1hreE1tRllUakZaVjNod1pXMVdlUXBNZVRWdVlWaFNiMlJYU1haa01qbDVZVEphYzJJelpIcE1NMHBzWWtkV2FHTXlWWFZsVjBaMFlrVkNlVnBYV25wTU0xSm9Xak5OZG1ScVFYVk5VelI0Q2sxRVowZERhWE5IUVZGUlFtYzNPSGRCVVc5RlMyZDNiMDVVYXpOT1ZFWm9XVmRWTlU1dFZURk5hbXQzV1RKWmVWa3lSbWxQVjFrelRXcEdhRTVxVFhjS1RsUkNhVnBxVm10WmFsRjVXbFJCWkVKbmIzSkNaMFZGUVZsUEwwMUJSVXhDUVRoTlJGZGtjR1JIYURGWmFURnZZak5PTUZwWFVYZFBaMWxMUzNkWlFncENRVWRFZG5wQlFrUkJVWE5FUTNCdlpFaFNkMk42YjNaTU1tUndaRWRvTVZscE5XcGlNakIyV2pOV2FGa3pUbXhaZVRsdVpGZEdha3hZV25Cak0xWm9DbUpIYkRaYVdFbDNUMEZaUzB0M1dVSkNRVWRFZG5wQlFrUlJVWEZFUTJjeFQxUmpNVTFYUm1oYVZHc3lXbFJWZVU5VVFtcGFha3BxV1ZkSk5WcHFZM2tLVFZkRk1rMTZRVEZOUjBwdFRsZFNhVTVFU214TlEwRkhRMmx6UjBGUlVVSm5OemgzUVZFMFJVVm5kMUZqYlZadFkzazVNRmxYWkhwTU0xbDNUR3BGZFFwTlZFRmFRbWR2Y2tKblJVVkJXVTh2VFVGRlVFSkJjMDFEVkZsM1RXcGpkMDVFVVhkT1JFRnhRbWR2Y2tKblJVVkJXVTh2VFVGRlVVSkNkMDFIYldnd0NtUklRbnBQYVRoMldqSnNNR0ZJVm1sTWJVNTJZbE01Ym1SWFJtcGpNbFpxVFVKclIwTnBjMGRCVVZGQ1p6YzRkMEZTUlVWRGQzZEtUVlJGZUUxNmEzb0tUMFJyZUUxSGIwZERhWE5IUVZGUlFtYzNPSGRCVWtsRldFRjRZV0ZJVWpCalNFMDJUSGs1Ym1GWVVtOWtWMGwxV1RJNWRFd3laREZaVjA1NldsZE5kZ3BhTTFab1dYa3hNbUZZVGpGWlYzaHdaVzFXZVV4NU5XNWhXRkp2WkZkSmRtUXlPWGxoTWxwellqTmtla3d6U214aVIxWm9ZekpWZFdWWFJuUmlSVUo1Q2xwWFducE1NMUpvV2pOTmRtUnFRWFZOVXpSNFRVUm5SME5wYzBkQlVWRkNaemM0ZDBGU1RVVkxaM2R2VGxSck0wNVVSbWhaVjFVMVRtMVZNVTFxYTNjS1dUSlplVmt5Um1sUFYxa3pUV3BHYUU1cVRYZE9WRUpwV21wV2ExbHFVWGxhVkVGVlFtZHZja0puUlVWQldVOHZUVUZGVlVKQldVMUNTRUl4WXpKbmR3cFlVVmxMUzNkWlFrSkJSMFIyZWtGQ1JsRlNVRVJGTVc5a1NGSjNZM3B2ZGt3eVpIQmtSMmd4V1drMWFtSXlNSFphTTFab1dUTk9iRmw1T1c1a1YwWnFDa3hZV25Cak0xWm9Za2RzTmxwWVNYWlpWMDR3WVZjNWRXTjVPWGxrVnpWNlRIcFZORTlVVVRWUFJFVXpUV3BKZGxsWVVqQmFWekYzWkVoTmRrMVVRVmNLUW1kdmNrSm5SVVZCV1U4dlRVRkZWMEpCWjAxQ2JrSXhXVzE0Y0ZsNlEwSnBkMWxMUzNkWlFrSkJTRmRsVVVsRlFXZFNPVUpJYzBGbFVVSXpRVTR3T1FwTlIzSkhlSGhGZVZsNGEyVklTbXh1VG5kTGFWTnNOalF6YW5sMEx6UmxTMk52UVhaTFpUWlBRVUZCUW1sblZITktOVlZCUVVGUlJFRkZaM2RTWjBsb0NrRk1TMngwYW5vd2VGUjBUVkJwY0RBdmNXOWtkM0ZWWlc0M1NHaHdMekZVZDJ4NVJrNWFSM28zWVZNMFFXbEZRWFZYT0RsTmIyZE5VbEpaUVdSUFJWY0tSMW92VVZoMlEycE5jMWRQUVRoU1FVRnBRazV5V2psMk5HcHJkME5uV1VsTGIxcEplbW93UlVGM1RVUmhRVUYzV2xGSmVFRk9hWFpZTWxGR1NrRnFhUW8xUlV4Tk5WRkRlbkJ0ZDBoVVlWTnhhVmxwTTAxelpXMVFaMnM1VVRKdmRsVXpSMEpFYzBGUFlteG5lazE1T0doaWVrcDZlRkZKZDB0TUwzaG9RVWx6Q2tOVlJIVkNVa2xuVjBKT2VVUmpWazUzY3l0VWR5dFFXVEpZWTAxWVIxbGxTREYxUTBjek4zUXJabFpOY0hRNGJVVlNaRU5qZVUxaENpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19","integratedTime":1692299701,"logIndex":31716148,"logID":"c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"}},"Issuer":"https://token.actions.githubusercontent.com","Subject":"https://github.com/guacsec/guac-visualizer/.github/workflows/release.yaml@refs/tags/v0.1.1","git_sha":"59751aae96e5290cf2cab9f721a63050bf5db42e","githubWorkflowName":"release-guac-visualizer-image","githubWorkflowRef":"refs/tags/v0.1.1","githubWorkflowRepository":"guacsec/guac-visualizer","githubWorkflowSha":"59751aae96e5290cf2cab9f721a63050bf5db42e","githubWorkflowTrigger":"push"}}]

  2. SLSA attestation for the guac-visualizer are currently not generated for v0.1.1 as it is pre-release but will be for all following releases. Verification can be done the following command:

    cosign verify-attestation ghcr.io/guacsec/guac-visualizer@$GUAC_DIGEST \
 --certificate-identity https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.9.0 \
 --certificate-oidc-issuer https://token.actions.githubusercontent.com --type 'https://slsa.dev/provenance/v0.2'

    you should see an output similar to this:

    Verification for ghcr.io/guacsec/guac-visualizer@visualizer:d75c71a4ad5cec96d1a453d7aea7e6ae5886af178a6380dececf695fcc7f3ad1 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates
Certificate subject: https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v1.9.0
Certificate issuer URL: https://token.actions.githubusercontent.com
GitHub Workflow Trigger: push
GitHub Workflow SHA: 463b8004beebbd413ecf556e4fc5a1bf986534ab
GitHub Workflow Name: release
GitHub Workflow Repository: guacsec/guac
GitHub Workflow Ref: refs/tags/v0.1.2
{"payloadType":"application/vnd.in-toto+json","payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJnaGNyLmlvL2d1YWNzZWMvZ3VhYyIsImRpZ2VzdCI6eyJzaGEyNTYiOiJkZTUwNTE3YjVhNTI3ZjAzMTM5NWJhMTFkZTU1NzY0NjJiYzRkYjZmYTBlZWY1MDczZjgyZmFiMDUyYzJiMDdlIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9jb250YWluZXJfc2xzYTMueW1sQHJlZnMvdGFncy92MS44LjAifSwiYnVpbGRUeXBlIjoiaHR0cHM6Ly9naXRodWIuY29tL3Nsc2EtZnJhbWV3b3JrL3Nsc2EtZ2l0aHViLWdlbmVyYXRvci9jb250YWluZXJAdjEiLCJpbnZvY2F0aW9uIjp7ImNvbmZpZ1NvdXJjZSI6eyJ1cmkiOiJnaXQraHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhY0ByZWZzL3RhZ3MvdjAuMS4yIiwiZGlnZXN0Ijp7InNoYTEiOiI0NjNiODAwNGJlZWJiZDQxM2VjZjU1NmU0ZmM1YTFiZjk4NjUzNGFiIn0sImVudHJ5UG9pbnQiOiIuZ2l0aHViL3dvcmtmbG93cy9yZWxlYXNlLnlhbWwifSwicGFyYW1ldGVycyI6e30sImVudmlyb25tZW50Ijp7ImdpdGh1Yl9hY3RvciI6InB4cDkyOCIsImdpdGh1Yl9hY3Rvcl9pZCI6Ijg4MDQ1MjE3IiwiZ2l0aHViX2Jhc2VfcmVmIjoiIiwiZ2l0aHViX2V2ZW50X25hbWUiOiJwdXNoIiwiZ2l0aHViX2V2ZW50X3BheWxvYWQiOnsiYWZ0ZXIiOiI0NjNiODAwNGJlZWJiZDQxM2VjZjU1NmU0ZmM1YTFiZjk4NjUzNGFiIiwiYmFzZV9yZWYiOiJyZWZzL2hlYWRzL21haW4iLCJiZWZvcmUiOiIwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwIiwiY29tbWl0cyI6W10sImNvbXBhcmUiOiJodHRwczovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjL2NvbXBhcmUvdjAuMS4yIiwiY3JlYXRlZCI6dHJ1ZSwiZGVsZXRlZCI6ZmFsc2UsImZvcmNlZCI6ZmFsc2UsImhlYWRfY29tbWl0Ijp7ImF1dGhvciI6eyJlbWFpbCI6IjQyMzE5OTQ4K25hdGhhbm5hdmVlbkB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20iLCJuYW1lIjoiTmF0aGFuIE5hdmVlbiIsInVzZXJuYW1lIjoibmF0aGFubmF2ZWVuIn0sImNvbW1pdHRlciI6eyJlbWFpbCI6Im5vcmVwbHlAZ2l0aHViLmNvbSIsIm5hbWUiOiJHaXRIdWIiLCJ1c2VybmFtZSI6IndlYi1mbG93In0sImRpc3RpbmN0Ijp0cnVlLCJpZCI6IjQ2M2I4MDA0YmVlYmJkNDEzZWNmNTU2ZTRmYzVhMWJmOTg2NTM0YWIiLCJtZXNzYWdlIjoiOmJvb2s6IEluY2x1ZGVkIGNvbW1lbnRzIGZvciB0aGUgYmZzIG9uIHBhdGNoUGxhbm5pbmcgKCMxMTMwKVxuXG4qIFtkb2NzXSBJbmNsdWRlZCBjb21tZW50cyBmb3IgdGhlIGJmcyBvbiBwYXRjaFBsYW5uaW5nXG5cbiogSW5jbHVkZWQgY29tbWVudHMgb24gU2VhcmNoRGVwZW5kZW5jaWVzRnJvbVN0YXJ0Tm9kZVxuXG5TaWduZWQtb2ZmLWJ5OiBuYXRoYW5uYXZlZW4gXHUwMDNjNDIzMTk5NDgrbmF0aGFubmF2ZWVuQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbVx1MDAzZVxuXG4qIFVwZGF0ZWQgQmFzZWQgb24gQ29kZSBSZXZpZXdcblxuU2lnbmVkLW9mZi1ieTogbmF0aGFubmF2ZWVuIFx1MDAzYzQyMzE5OTQ4K25hdGhhbm5hdmVlbkB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb21cdTAwM2VcblxuKiBSZW1vdmVkIGV4dHJhIHJldHVybiB2YWx1ZVxuXG5TaWduZWQtb2ZmLWJ5OiBuYXRoYW5uYXZlZW4gXHUwMDNjNDIzMTk5NDgrbmF0aGFubmF2ZWVuQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbVx1MDAzZVxuXG4qIFVwZGF0ZWQgYmFzZWQgb24gY29kZSByZXZpZXdcblxuU2lnbmVkLW9mZi1ieTogbmF0aGFubmF2ZWVuIFx1MDAzYzQyMzE5OTQ4K25hdGhhbm5hdmVlbkB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb21cdTAwM2VcblxuLS0tLS0tLS0tXG5cblNpZ25lZC1vZmYtYnk6IG5hdGhhbm5hdmVlbiBcdTAwM2M0MjMxOTk0OCtuYXRoYW5uYXZlZW5AdXNlcnMubm9yZXBseS5naXRodWIuY29tXHUwMDNlIiwidGltZXN0YW1wIjoiMjAyMy0wOC0xNVQyMToxMToyN1oiLCJ0cmVlX2lkIjoiZmQwNjUzY2EwM2MzYzVhNTViMTAxYjA3MzU4ODQ4NGFmOGZmYzM1ZSIsInVybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWMvY29tbWl0LzQ2M2I4MDA0YmVlYmJkNDEzZWNmNTU2ZTRmYzVhMWJmOTg2NTM0YWIifSwib3JnYW5pemF0aW9uIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvMTExMzkzODkxP3Y9NCIsImRlc2NyaXB0aW9uIjpudWxsLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvZXZlbnRzIiwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvaG9va3MiLCJpZCI6MTExMzkzODkxLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvaXNzdWVzIiwibG9naW4iOiJndWFjc2VjIiwibWVtYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL29yZ3MvZ3VhY3NlYy9tZW1iZXJzey9tZW1iZXJ9Iiwibm9kZV9pZCI6Ik9fa2dET0JxTzhZdyIsInB1YmxpY19tZW1iZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vb3Jncy9ndWFjc2VjL3B1YmxpY19tZW1iZXJzey9tZW1iZXJ9IiwicmVwb3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL2d1YWNzZWMvcmVwb3MiLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL29yZ3MvZ3VhY3NlYyJ9LCJwdXNoZXIiOnsiZW1haWwiOiI4ODA0NTIxNytweHA5MjhAdXNlcnMubm9yZXBseS5naXRodWIuY29tIiwibmFtZSI6InB4cDkyOCJ9LCJyZWYiOiJyZWZzL3RhZ3MvdjAuMS4yIiwicmVwb3NpdG9yeSI6eyJhbGxvd19mb3JraW5nIjp0cnVlLCJhcmNoaXZlX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL3thcmNoaXZlX2Zvcm1hdH17L3JlZn0iLCJhcmNoaXZlZCI6ZmFsc2UsImFzc2lnbmVlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9hc3NpZ25lZXN7L3VzZXJ9IiwiYmxvYnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L2Jsb2Jzey9zaGF9IiwiYnJhbmNoZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvYnJhbmNoZXN7L2JyYW5jaH0iLCJjbG9uZV91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjLmdpdCIsImNvbGxhYm9yYXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvY29sbGFib3JhdG9yc3svY29sbGFib3JhdG9yfSIsImNvbW1lbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2NvbW1lbnRzey9udW1iZXJ9IiwiY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9jb21taXRzey9zaGF9IiwiY29tcGFyZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9jb21wYXJlL3tiYXNlfS4uLntoZWFkfSIsImNvbnRlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2NvbnRlbnRzL3srcGF0aH0iLCJjb250cmlidXRvcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvY29udHJpYnV0b3JzIiwiY3JlYXRlZF9hdCI6MTY1NDg4MjA4NywiZGVmYXVsdF9icmFuY2giOiJtYWluIiwiZGVwbG95bWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZGVwbG95bWVudHMiLCJkZXNjcmlwdGlvbiI6IkdVQUMgYWdncmVnYXRlcyBzb2Z0d2FyZSBzZWN1cml0eSBtZXRhZGF0YSBpbnRvIGEgaGlnaCBmaWRlbGl0eSBncmFwaCBkYXRhYmFzZS4iLCJkaXNhYmxlZCI6ZmFsc2UsImRvd25sb2Fkc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9kb3dubG9hZHMiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZXZlbnRzIiwiZm9yayI6ZmFsc2UsImZvcmtzIjoxMTYsImZvcmtzX2NvdW50IjoxMTYsImZvcmtzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2ZvcmtzIiwiZnVsbF9uYW1lIjoiZ3VhY3NlYy9ndWFjIiwiZ2l0X2NvbW1pdHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L2NvbW1pdHN7L3NoYX0iLCJnaXRfcmVmc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9naXQvcmVmc3svc2hhfSIsImdpdF90YWdzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2dpdC90YWdzey9zaGF9IiwiZ2l0X3VybCI6ImdpdDovL2dpdGh1Yi5jb20vZ3VhY3NlYy9ndWFjLmdpdCIsImhhc19kaXNjdXNzaW9ucyI6ZmFsc2UsImhhc19kb3dubG9hZHMiOnRydWUsImhhc19pc3N1ZXMiOnRydWUsImhhc19wYWdlcyI6ZmFsc2UsImhhc19wcm9qZWN0cyI6dHJ1ZSwiaGFzX3dpa2kiOnRydWUsImhvbWVwYWdlIjoiaHR0cHM6Ly9ndWFjLnNoIiwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaG9va3MiLCJodG1sX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWMiLCJpZCI6NTAyMTI3MTY2LCJpc190ZW1wbGF0ZSI6ZmFsc2UsImlzc3VlX2NvbW1lbnRfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaXNzdWVzL2NvbW1lbnRzey9udW1iZXJ9IiwiaXNzdWVfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2lzc3Vlcy9ldmVudHN7L251bWJlcn0iLCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvaXNzdWVzey9udW1iZXJ9Iiwia2V5c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9rZXlzey9rZXlfaWR9IiwibGFiZWxzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2xhYmVsc3svbmFtZX0iLCJsYW5ndWFnZSI6IkdvIiwibGFuZ3VhZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL2xhbmd1YWdlcyIsImxpY2Vuc2UiOnsia2V5IjoiYXBhY2hlLTIuMCIsIm5hbWUiOiJBcGFjaGUgTGljZW5zZSAyLjAiLCJub2RlX2lkIjoiTURjNlRHbGpaVzV6WlRJPSIsInNwZHhfaWQiOiJBcGFjaGUtMi4wIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9saWNlbnNlcy9hcGFjaGUtMi4wIn0sIm1hc3Rlcl9icmFuY2giOiJtYWluIiwibWVyZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL21lcmdlcyIsIm1pbGVzdG9uZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvbWlsZXN0b25lc3svbnVtYmVyfSIsIm1pcnJvcl91cmwiOm51bGwsIm5hbWUiOiJndWFjIiwibm9kZV9pZCI6IlJfa2dET0hlM2FQZyIsIm5vdGlmaWNhdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvbm90aWZpY2F0aW9uc3s/c2luY2UsYWxsLHBhcnRpY2lwYXRpbmd9Iiwib3Blbl9pc3N1ZXMiOjEwMCwib3Blbl9pc3N1ZXNfY291bnQiOjEwMCwib3JnYW5pemF0aW9uIjoiZ3VhY3NlYyIsIm93bmVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvMTExMzkzODkxP3Y9NCIsImVtYWlsIjpudWxsLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL2V2ZW50c3svcHJpdmFjeX0iLCJmb2xsb3dlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9naXN0c3svZ2lzdF9pZH0iLCJncmF2YXRhcl9pZCI6IiIsImh0bWxfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMiLCJpZCI6MTExMzkzODkxLCJsb2dpbiI6Imd1YWNzZWMiLCJuYW1lIjoiZ3VhY3NlYyIsIm5vZGVfaWQiOiJPX2tnRE9CcU84WXciLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9vcmdzIiwicmVjZWl2ZWRfZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvZ3VhY3NlYy9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL2d1YWNzZWMvc3RhcnJlZHsvb3duZXJ9ey9yZXBvfSIsInN1YnNjcmlwdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjL3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiT3JnYW5pemF0aW9uIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9ndWFjc2VjIn0sInByaXZhdGUiOmZhbHNlLCJwdWxsc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9wdWxsc3svbnVtYmVyfSIsInB1c2hlZF9hdCI6MTY5MjIxMDc4NCwicmVsZWFzZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvcmVsZWFzZXN7L2lkfSIsInNpemUiOjYyOTAsInNzaF91cmwiOiJnaXRAZ2l0aHViLmNvbTpndWFjc2VjL2d1YWMuZ2l0Iiwic3RhcmdhemVycyI6MTAwNCwic3RhcmdhemVyc19jb3VudCI6MTAwNCwic3RhcmdhemVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdGFyZ2F6ZXJzIiwic3RhdHVzZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvc3RhdHVzZXMve3NoYX0iLCJzdWJzY3JpYmVyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdWJzY3JpYmVycyIsInN1YnNjcmlwdGlvbl91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL2d1YWNzZWMvZ3VhYy9zdWJzY3JpcHRpb24iLCJzdm5fdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhYyIsInRhZ3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvdGFncyIsInRlYW1zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3MvZ3VhY3NlYy9ndWFjL3RlYW1zIiwidG9waWNzIjpbXSwidHJlZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9ndWFjc2VjL2d1YWMvZ2l0L3RyZWVzey9zaGF9IiwidXBkYXRlZF9hdCI6IjIwMjMtMDgtMTVUMTU6Mzk6NTlaIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL2d1YWNzZWMvZ3VhYyIsInZpc2liaWxpdHkiOiJwdWJsaWMiLCJ3YXRjaGVycyI6MTAwNCwid2F0Y2hlcnNfY291bnQiOjEwMDQsIndlYl9jb21taXRfc2lnbm9mZl9yZXF1aXJlZCI6ZmFsc2V9LCJzZW5kZXIiOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vYXZhdGFycy5naXRodWJ1c2VyY29udGVudC5jb20vdS84ODA0NTIxNz92PTQiLCJldmVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5MjgvZXZlbnRzey9wcml2YWN5fSIsImZvbGxvd2Vyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9mb2xsb3dlcnMiLCJmb2xsb3dpbmdfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5MjgvZm9sbG93aW5ney9vdGhlcl91c2VyfSIsImdpc3RzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L2dpc3Rzey9naXN0X2lkfSIsImdyYXZhdGFyX2lkIjoiIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vcHhwOTI4IiwiaWQiOjg4MDQ1MjE3LCJsb2dpbiI6InB4cDkyOCIsIm5vZGVfaWQiOiJNRFE2VlhObGNqZzRNRFExTWpFMyIsIm9yZ2FuaXphdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS91c2Vycy9weHA5Mjgvb3JncyIsInJlY2VpdmVkX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9yZWNlaXZlZF9ldmVudHMiLCJyZXBvc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3B4cDkyOC9yZXBvcyIsInNpdGVfYWRtaW4iOmZhbHNlLCJzdGFycmVkX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L3N0YXJyZWR7L293bmVyfXsvcmVwb30iLCJzdWJzY3JpcHRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4L3N1YnNjcmlwdGlvbnMiLCJ0eXBlIjoiVXNlciIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvcHhwOTI4In19LCJnaXRodWJfaGVhZF9yZWYiOiIiLCJnaXRodWJfcmVmIjoicmVmcy90YWdzL3YwLjEuMiIsImdpdGh1Yl9yZWZfdHlwZSI6InRhZyIsImdpdGh1Yl9yZXBvc2l0b3J5X2lkIjoiNTAyMTI3MTY2IiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXIiOiJndWFjc2VjIiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXJfaWQiOiIxMTEzOTM4OTEiLCJnaXRodWJfcnVuX2F0dGVtcHQiOiIxIiwiZ2l0aHViX3J1bl9pZCI6IjU4ODI1NDgyNDAiLCJnaXRodWJfcnVuX251bWJlciI6IjIyNCIsImdpdGh1Yl9zaGExIjoiNDYzYjgwMDRiZWViYmQ0MTNlY2Y1NTZlNGZjNWExYmY5ODY1MzRhYiJ9fSwibWV0YWRhdGEiOnsiYnVpbGRJbnZvY2F0aW9uSUQiOiI1ODgyNTQ4MjQwLTEiLCJjb21wbGV0ZW5lc3MiOnsicGFyYW1ldGVycyI6dHJ1ZSwiZW52aXJvbm1lbnQiOmZhbHNlLCJtYXRlcmlhbHMiOmZhbHNlfSwicmVwcm9kdWNpYmxlIjpmYWxzZX0sIm1hdGVyaWFscyI6W3sidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9ndWFjc2VjL2d1YWNAcmVmcy90YWdzL3YwLjEuMiIsImRpZ2VzdCI6eyJzaGExIjoiNDYzYjgwMDRiZWViYmQ0MTNlY2Y1NTZlNGZjNWExYmY5ODY1MzRhYiJ9fV19fQ==","signatures":[{"keyid":"","sig":"MEQCIGod4j6gQywneGxoMj1WaICGb5T6+mmF3a8G3YfTS1oMAiBuiEup7lmOgLpGQKwWIiXQE+keBWYZSmuLgXTKnLh47g=="}]}

Back to top

Copyright © 2024 GUAC a Series of LF Projects, LLC. For web site terms of use, trademark policy and other project policies please see https://lfprojects.org/