More markdown fixes

Signed-off-by: Patrick Smyth <[email protected]>
sigstore · Aug 28, 2023 · eb96ae1 · eb96ae1
1 parent 0b9361c
commit eb96ae1
Showing 1 changed file with 11 additions and 10 deletions.
diff --git a/content/en/about/security.md b/content/en/about/security.md
@@ -22,8 +22,8 @@ The Trust Root, which was established during a public [root key signing ceremony
 
 The Sigstore Trust Root is used to secure the keys used by the entire Sigstore project. It allows individuals and systems to automatically retrieve trusted keys and certificates used to verify artifacts produced by the Sigstore ecosystem. Using the Sigstore Trust Root, end users can verify:
 
-* Certificates issued by Fulcio
-* Entries in the Rekor transparency log
+- Certificates issued by Fulcio
+- Entries in the Rekor transparency log
 
 This allows end users to verify (and trust) that the distributors of the software they use are who they say they are.
 
@@ -39,24 +39,24 @@ Transparency Logs make it hard to forge timestamps long term, but in short time
 
 ### Fulcio Security Model
 
-One of the targets secured by the Sigstore Trust Root is the Fulcio root certificate, which is used to issue short-lived code signing certificates. 
+One of the targets secured by the Sigstore Trust Root is the Fulcio root certificate, which is used to issue short-lived code signing certificates.
 
-**Certificate Transparency Log**
+### Certificate Transparency Log
 
 Fulcio assumes that a valid OIDC token from a trusted provider is sufficient “proof of ownership” of the associated identity. To mitigate against OIDC compromise, Fulcio appends certificates to an immutable, append-only cryptographically verifiable transparency log. This means:
 
-* Fulcio MUST publish all certificates to the log.
-* Clients MUST NOT trust certificates that are not in the log.
+- Fulcio MUST publish all certificates to the log.
+- Clients MUST NOT trust certificates that are not in the log.
 
 As a result, users can detect any mis-issued certificates, either due to the CA acting maliciously or a compromised OIDC identity provider. Combined with Rekor's signature transparency, artifacts signed with compromised accounts can be identified (auditability).
 
 _Note: Fulcio itself does not monitor the certificate transparency log; users are responsible for monitoring the log for unauthorized certificates issued to their identities._
 
-**Short Lived Certificates**
+### Short Lived Certificates
 
 Fulcio also uses short-lived certificates as a solution to the key management problem. Traditional signing involves issuing long-lived certificates, but this method assumes that users won’t lose their private key or that the key won’t get stolen or otherwise compromised for long periods of time.
 
-Fulcio was designed to avoid revocation by issuing short-lived certificates instead. When signing, the user only needs to know that the artifact was signed while the certificate was valid. 
+Fulcio was designed to avoid revocation by issuing short-lived certificates instead. When signing, the user only needs to know that the artifact was signed while the certificate was valid.
 
 How can a user do that?
 
@@ -66,19 +66,20 @@ End users can leverage Fulcio's short-lived code signing certificates and Rekor'
 
 Storing the signature in a transparency log also makes certificates easily discoverable so that maintainers don’t have to worry about public key distribution.
 
-**Ephemeral Keys**
+### Ephemeral Keys
 
 Sigstore clients like Cosign can also eliminate the key management problem by using ephemeral keys. These ephemeral keys only exist in memory; the private key never hits disk and is never known by Sigstore services.
 
 Cosign will:
+
 1. Generate an ephemeral public/private keypair in memory
 1. Bind the public key to a short-lived certificate requested from Fulcio
 1. Sign an artifact with the ephemeral private key while the certificate is still valid
 1. Store the signature and certificate in Rekor as proof the artifact was signed while the certificate was valid
 
 Clients like Cosign only need to find the correct Rekor entry to verify the artifact.
 
-## What Sigstore *Doesn't* Guarantee
+## What Sigstore _Doesn't_ Guarantee
 
 - If an OIDC identity or OIDC provider is compromised, Fulcio might issue unauthorized certificates. However, these certificates are useless unless they are published to the certificate transparency log, so such compromise can be detected.
 - If Fulcio is compromised, it might issue unauthorized certificates. However, like before, these should be detectable.