File tree 1 file changed +6
-3
lines changed
1 file changed +6
-3
lines changed Original file line number Diff line number Diff line change @@ -368,9 +368,12 @@ Requirements on the contents of the provenance:
368368<td >Identifies Artifact
369369<td >
370370
371- The provenance identifies the output artifact via a cryptographic hash. The
372- RECOMMENDED algorithm is SHA-256 for cross-system compatibility. If another
373- algorithm is used, it SHOULD be resistant to collisions and second preimages.
371+ The provenance MUST identify the output artifact via at least one
372+ cryptographic hash. The provenance MAY provide multiple identifying
373+ cryptographic hashes using different algorithms. When only one hash is
374+ provided, the RECOMMENDED algorithm is SHA-256 for cross-system
375+ compatibility. If another algorithm is used, it SHOULD be resistant to
376+ collisions and second preimages.
374377
375378<td >✓<td >✓<td >✓<td >✓
376379<tr id =" identifies-builder " >
You can’t perform that action at this time.
0 commit comments