notarization

The process of creating a trusted, verifiable record of a software asset and its composition.

In the context of SBOMs, this means creating an immutable, cryptographically-verifiable record of a software asset, the components comprising the asset, the level of trust for each, and the hashes that uniquely identify those components.