From 3b39d52982ca8c6b14516b4866e6313a3af08d74 Mon Sep 17 00:00:00 2001
From: William Woodruff <william@trailofbits.com>
Date: Fri, 9 Aug 2024 13:41:49 -0400
Subject: [PATCH] sigstore_rekor: clarify inclusion_promise requirement

Signed-off-by: William Woodruff <william@trailofbits.com>
---
 protos/sigstore_rekor.proto | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/protos/sigstore_rekor.proto b/protos/sigstore_rekor.proto
index 424ff40c..09863ded 100644
--- a/protos/sigstore_rekor.proto
+++ b/protos/sigstore_rekor.proto
@@ -104,8 +104,10 @@ message TransparencyLogEntry {
         int64 integrated_time = 4 [(google.api.field_behavior) = REQUIRED];
         // The inclusion promise/signed entry timestamp from the log.
         // Required for v0.1 bundles, and MUST be verified.
-        // Optional for >= v0.2 bundles, and SHOULD be verified when present.
-        // Also may be used as a signed timestamp.
+        // Optional for >= v0.2 bundles if another source of signed time
+        // is present.
+        // MUST be verified if no other source of signed time is present,
+        // and SHOULD be verified otherwise.
         InclusionPromise inclusion_promise = 5;
         // The inclusion proof can be used for offline or online verification
         // that the entry was appended to the log, and that the log has not been