in-toto Attestation Specification

aid: in-toto:in-toto-spec
name: in-toto Attestation Specification
description: The in-toto specification defines the metadata format for recording software supply chain
  steps. It includes layout metadata that defines the expected steps and their authorized functionaries,
  and link metadata that records what actually happened at each step including materials consumed and
  products produced. Verification compares layouts against links to detect tampering.
humanURL: https://in-toto.io/docs/specs/
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
properties:
- type: Documentation
  url: https://in-toto.io/docs/specs/
- type: Reference
  url: https://github.com/in-toto/docs/blob/master/in-toto-spec.md
- type: JSONSchema
  url: json-schema/in-toto-layout-schema.json
- type: JSONSchema
  url: json-schema/in-toto-link-schema.json
- type: JSONSchema
  url: json-schema/in-toto-attestation-schema.json
- type: JSON-LD
  url: json-ld/in-toto-context.jsonld
tags:
- Attestation
- Specification
- Supply Chain