CEP XXXX: add recipe source attestation validation

[wolfv]

Adding a CEP to validate the source section against know sigstore providers.

Checklist for submitter

• I am submitting a new CEP: Put your title here.
  • I am using the CEP template by creating a copy cep-0000.md named cep-XXXX.md in the root level.
• I am submitting modifications to CEP XX.
  • The PR title reflects the CEP I'm modifying: CEP XX: Amend XYZ.
  • I updated the "Updated" date.
  • I added the link of this PR to the Discussions row.
  • I added or extended the ## Changelog section right above the final "Copyright" section with an item that uses syntax YYYY-MM-DD: Brief explanation of changes.
• Something else: (add your description here).

Checklist for CEP approvals

• The vote period has ended and the vote has passed the necessary quorum and approval thresholds.
• A new CEP number has been minted. Usually, this is ${greatest-number-in-main} + 1.
• The cep-XXXX.md file has been renamed accordingly.
• The # CEP XXXX - header has been edited accordingly.
• The CEP status in the table has been changed to approved.
• The last modification date in the table has been updated accordingly.
• The table in the README has been updated with the new CEP entry.
• The pre-commit checks are passing.

[jaimergp]

What about using some subset of PURLs here?

[facutuesca]

I think this is too restrictive. For example, on PyPI, packages uploaded with attestations signed by Google Cloud have subjects that are emails, and not owner/repo:

  Subject Alternative Name (critical):
    email:
    - 919436158236-compute@developer.gserviceaccount.com

src

[wolfv]

Do you think something like provider:<identifier> would work where the tool, or the CEP, should define a list of supported provider & identifier pairs? Or should we turn this into a true dictionary supporting all OID fields and match on those? Do you know of any prior art for this?

[facutuesca]

With the upcoming PyPI support for self-hosted GitLab and GitHub instances, there will be attestations that are technically from github and gitlab, but will have different OIDC issuers. Something to keep in mind here, with regards to naming the providers

[facutuesca]

why .io instead of .org?

[facutuesca]

Otherwise, the builders MUST fail

this is in contradiction with the statement below:

Builders MAY recognize additional auto-derived hosts

If builders may recognize additional auto-derived hosts, they will not fail for those hosts, even if the bundle_url is not set in the recipe (1) and the source URL host is not pypi (2).

[facutuesca]

maybe it makes sense to say "builders SHOULD fail" instead?

[facutuesca]

why not lock the predicate type too? The builders don't need to "interpret it", but they could check if it matches the type specified in the lockfile.

My thinking here is that in this CEP (as it's currently written), the verification process checks that a given artifact has a valid signature from an identity specified in the lockfile. But since these signatures have semantics attached (specified by their predicate type), accepting any signature from that identity as valid might be too much.

So, locking the predicate type, we can ensure during veriication that the semantics of the signature have not changed since they were locked, without actually interpreting them.

[facutuesca]

currently, this CEP only allows for one attestation url/sounce per source. One thing to consider is if in the future we might want to have multiple attestations sources (such as PyPI and GitHub) per source