Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revisit 'reliable' language for L3 #1137

Open
TomHennen opened this issue Sep 19, 2024 · 2 comments · May be fixed by #1143
Open

Revisit 'reliable' language for L3 #1137

TomHennen opened this issue Sep 19, 2024 · 2 comments · May be fixed by #1143
Labels
source-track

Comments

@TomHennen
Copy link
Contributor

"Reliable" may be too strong a qualifier here. It's still up to the consumer to decide if they deem the information as such, so we might want to instead use a term like "auditable" or "verifiable" here.

Originally posted by @marcelamelara in #1094 (comment)
@TomHennen
Copy link
Contributor Author

@zachariahcox

yeah, like "as reliable as the issuer?"
I doubt if they will always be auditable or verifiable in anyway. It would feel more or less like "SCP says X with no real way to prove it. Trust it or don't."

@TomHennen TomHennen mentioned this issue Sep 19, 2024
Open
@zachariahcox
Copy link
Collaborator

yeah, are issuers "reliable?" I guess the answer is "hopefully!"

I'd support cutting this word if it's confusing things.

@TomHennen TomHennen linked a pull request Sep 20, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
source-track
Projects
Issue triage
Status: 🆕 New
SLSA Source Track
Status: No status
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

content: draft: reliable -> verifiable TomHennen/slsa
2 participants
@TomHennen @zachariahcox