The first publication of the GCVE-BCP-01 - Signature Verification of the Directory File

A Best Current Practice (BCP) in the context of the GCVE.eu project is a community-driven guideline that documents recommended procedures, configurations, or operational principles to support the secure, reliable, and consistent implementation of GCVE-related infrastructure, tools, and services.

GCVE.eu has published its first Best Current Practice document, GCVE-BCP-01, which outlines the recommended method for verifying the integrity and authenticity of the GCVE directory file using OpenSSL and a public key. This BCP ensures that all consumers of the directory validate the file’s signature before use, reinforcing trust and security within the GCVE ecosystem. All implementers and users are strongly encouraged to follow the outlined verification process. The BCP is a draft for public review. Feedback is more than welcome.