From c349cae4aa728b671676a6f5bc0f95617a8ee824 Mon Sep 17 00:00:00 2001
From: Zach Steindler <steiza@github.com>
Date: Fri, 30 Jan 2026 14:50:59 -0500
Subject: [PATCH] Remove references to cosign triangulate

For https://github.com/sigstore/cosign/pull/4675

Signed-off-by: Zach Steindler <steiza@github.com>
---
 content/en/cosign/signing/other_types.md      | 66 -------------------
 .../cosign/signing/signing_with_containers.md | 43 ------------
 2 files changed, 109 deletions(-)

diff --git a/content/en/cosign/signing/other_types.md b/content/en/cosign/signing/other_types.md
index ba19b640..a8b7ef20 100644
--- a/content/en/cosign/signing/other_types.md
+++ b/content/en/cosign/signing/other_types.md
@@ -225,69 +225,3 @@ One additional layer is added, forming the final image.
 ```
 
 Note that this could be applied recursively, for multiple intermediate base images.
-
-## Countersigning
-
-Cosign signatures (and their protected payloads) are stored as artifacts in a registry.
-These signature objects can also be signed, resulting in a new, "counter-signature" artifact.
-This "counter-signature" protects the signature (or set of signatures) **and** the referenced artifact, which allows
-it to act as an attestation to the **signature(s) themselves**.
-
-Before we sign the signature artifact, we first give it a memorable name so we can find it later.
-
-```shell
-$ cosign sign --key cosign.key -a sig=original user/demo
-Enter password for private key:
-Pushing signature to: user/demo:sha256-97fc222cee7991b5b061d4d4afdb5f3428fcb0c9054e1690313786befa1e4e36.sig
-$ cosign verify --key cosign.pub user/demo | jq .
-{
-  "Critical": {
-    "Identity": {
-      "docker-reference": ""
-    },
-    "Image": {
-      "Docker-manifest-digest": "97fc222cee7991b5b061d4d4afdb5f3428fcb0c9054e1690313786befa1e4e36"
-    },
-    "Type": "cosign container image signature"
-  },
-  "Optional": {
-    "sig": "original"
-  }
-}
-```
-
-Now give that signature a memorable name, then sign that:
-
-```shell
-$ crane tag $(cosign triangulate user/demo) mysignature
-2021/02/15 20:22:55 user/demo:mysignature: digest: sha256:71f70e5d29bde87f988740665257c35b1c6f52dafa20fab4ba16b3b1f4c6ba0e size: 556
-$ cosign sign --key cosign.key -a sig=counter user/demo:mysignature
-Enter password for private key:
-Pushing signature to: user/demo:sha256-71f70e5d29bde87f988740665257c35b1c6f52dafa20fab4ba16b3b1f4c6ba0e.sig
-$ cosign verify --key cosign.pub user/demo:mysignature
-{"Critical":{"Identity":{"docker-reference":""},"Image":{"Docker-manifest-digest":"71f70e5d29bde87f988740665257c35b1c6f52dafa20fab4ba16b3b1f4c6ba0e"},"Type":"cosign container image signature"},"Optional":{"sig":"counter"}}
-```
-
-Finally, check the original signature:
-
-```shell
-$ crane manifest user/demo@sha256:71f70e5d29bde87f988740665257c35b1c6f52dafa20fab4ba16b3b1f4c6ba0e
-{
-  "schemaVersion": 2,
-  "config": {
-    "mediaType": "application/vnd.oci.image.config.v1+json",
-    "size": 233,
-    "digest": "sha256:3b25a088710d03f39be26629d22eb68cd277a01673b9cb461c4c24fbf8c81c89"
-  },
-  "layers": [
-    {
-      "mediaType": "application/vnd.oci.descriptor.v1+json",
-      "size": 217,
-      "digest": "sha256:0e79a356609f038089088ec46fd95f4649d04de989487220b1a0adbcc63fadae",
-      "annotations": {
-        "dev.sigstore.cosign/signature": "5uNZKEP9rm8zxAL0VVX7McMmyArzLqtxMTNPjPO2ns+5GJpBeXg+i9ILU+WjmGAKBCqiexTxzLC1/nkOzD4cDA=="
-      }
-    }
-  ]
-}
-```
diff --git a/content/en/cosign/signing/signing_with_containers.md b/content/en/cosign/signing/signing_with_containers.md
index 505a1479..1223d8d5 100644
--- a/content/en/cosign/signing/signing_with_containers.md
+++ b/content/en/cosign/signing/signing_with_containers.md
@@ -299,49 +299,6 @@ $ cosign generate $IMAGE | openssl... | cosign attach signature --signature - $I
 Pushing signature to: user/demo:sha256-87ef60f558bad79beea6425a3b28989f01dd417164150ab3baab98dcbf04def.sig
 ```
 
-## Signature location and management
-
-Signatures are uploaded to an OCI artifact stored with a predictable name.
-This name can be located with the `cosign triangulate` command:
-
-```shell
-$ cosign triangulate $IMAGE
-index.docker.io/user/demo:sha256-87ef60f558bad79beea6425a3b28989f01dd417164150ab3baab98dcbf04def8.sig
-```
-
-They can be reviewed with `crane`:
-
-```shell
-$ crane manifest $(cosign triangulate $IMAGE) | jq .
-{
-  "schemaVersion": 2,
-  "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-  "config": {
-    "mediaType": "application/vnd.docker.container.image.v1+json",
-    "size": 342,
-    "digest": "sha256:f5de0db6e714055d48b4bb3a374e9630c4923fa704d9311da6a2740cf625aaba"
-  },
-  "layers": [
-    {
-      "mediaType": "application/vnd.dev.cosign.simplesigning.v1+json",
-      "size": 210,
-      "digest": "sha256:1119abab63e605dcc281019bad0424744178b6f61ba57378701fe7391994c999",
-      "annotations": {
-        "dev.cosignproject.cosign/signature": "MEUCIG0ZmgqE3qTrHWp+HF9CrxsNH57Cck3cQI+zNNrUwSHfAiEAm+2eY/Z6ixQwjLbTraDN5ZB/P1Z5k/KwIoblry65r+s="
-      }
-    },
-    {
-      "mediaType": "application/vnd.dev.cosign.simplesigning.v1+json",
-      "size": 219,
-      "digest": "sha256:583246418c2afd5bfe29694793d07da37ffd552aadf8879b1d98047178b80398",
-      "annotations": {
-        "dev.cosignproject.cosign/signature": "MEUCIF/+szLKKA2q2+c86AXeWR7UeD5yYpW7p0waHordxNjhAiEAm5e+Hm7Jhv9JpSwHpTc6aGLSkL6/Acm/z+b8mhfGXqY="
-      }
-    }
-  ]
-}
-```
-
 Some registries support deletion too (DockerHub does not):
 
 ```shell