Expected outcome: ST is extended with a new signature type, "spicy sigsum signature". It's like a regular signature, expect that it is transparent. Will require extensions of stmgr and stboot after having accepted proposals.

Non-scope: improvements to existing (or develop new) monitoring tooling. It is also not in scope to make any additional claims about the signed data, figuring out where it should be published and how, etc. I.e., the goal here is to facilitate key-usage transparency, which is primarily helpful for signers who would know from a "ping" that they didn't intent to sign something at that time.

It is up to @nisse who will be working on this if more detailed issues will be attached to this milestone or not.

This will likely become st-v1.3.0. The due date is tentative and may be pushed into the next roadmap if we're not done until then.

EDIT 2025-01-20. There's an accepted proposal on this now -- implementation have yet to be started. Milestone continues with bumped date.