Sign provenance #105
Description
Intermediate results arrive with some metadata that includes a workflow graph describing how they were made. This provenance information is used in combination with the policies to determine what can be done with them and anything produced from them. This means that we depend on the sites that produced our inputs to give us correct provenance in order to be able to correctly apply policies from others.
There's nothing we can do if they lie to us, but at least we have to be able to prove that they did. So the provenance must be signed. Probably, each step needs to have a signature by whoever ran it that covers that step: its inputs, the compute asset, and the outputs. Since one step's outputs are another step's inputs, that should provide a closed chain. Do we need some kind of signature on the workflow inputs though? And should there be signatures on the images as well as on the provenance? Needs some thought.