From 7bb6ad6cc272873bed88efed1dbf6dc20e0fb6c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?=
 <66256922+daniel-weisse@users.noreply.github.com>
Date: Tue, 17 Sep 2024 15:33:08 +0200
Subject: [PATCH] docs: fix broken links (#3359)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Update cosign installation guide link
* Update cosign overview link
* Update cosign sbom link

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
---
 docs/docs/workflows/sbom.md                              | 2 +-
 docs/docs/workflows/verify-cli.md                        | 4 ++--
 docs/versioned_docs/version-2.0/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.1/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.10/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.10/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.11/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.11/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.12/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.12/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.13/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.13/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.14/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.14/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.15/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.15/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.16/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.16/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.17/workflows/sbom.md       | 2 +-
 docs/versioned_docs/version-2.17/workflows/verify-cli.md | 4 ++--
 docs/versioned_docs/version-2.2/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.2/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.3/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.3/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.4/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.4/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.5/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.5/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.6/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.6/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.7/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.7/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.8/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.8/workflows/verify-cli.md  | 4 ++--
 docs/versioned_docs/version-2.9/workflows/sbom.md        | 2 +-
 docs/versioned_docs/version-2.9/workflows/verify-cli.md  | 4 ++--
 36 files changed, 55 insertions(+), 55 deletions(-)

diff --git a/docs/docs/workflows/sbom.md b/docs/docs/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/docs/workflows/sbom.md
+++ b/docs/docs/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/docs/workflows/verify-cli.md b/docs/docs/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/docs/workflows/verify-cli.md
+++ b/docs/docs/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.0/workflows/verify-cli.md b/docs/versioned_docs/version-2.0/workflows/verify-cli.md
index a65a5a749..52ed24d95 100644
--- a/docs/versioned_docs/version-2.0/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.0/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.1/workflows/verify-cli.md b/docs/versioned_docs/version-2.1/workflows/verify-cli.md
index a65a5a749..52ed24d95 100644
--- a/docs/versioned_docs/version-2.1/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.1/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.10/workflows/sbom.md b/docs/versioned_docs/version-2.10/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.10/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.10/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.10/workflows/verify-cli.md b/docs/versioned_docs/version-2.10/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.10/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.10/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.11/workflows/sbom.md b/docs/versioned_docs/version-2.11/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.11/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.11/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.11/workflows/verify-cli.md b/docs/versioned_docs/version-2.11/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.11/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.11/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.12/workflows/sbom.md b/docs/versioned_docs/version-2.12/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.12/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.12/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.12/workflows/verify-cli.md b/docs/versioned_docs/version-2.12/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.12/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.12/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.13/workflows/sbom.md b/docs/versioned_docs/version-2.13/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.13/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.13/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.13/workflows/verify-cli.md b/docs/versioned_docs/version-2.13/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.13/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.13/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.14/workflows/sbom.md b/docs/versioned_docs/version-2.14/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.14/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.14/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.14/workflows/verify-cli.md b/docs/versioned_docs/version-2.14/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.14/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.14/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.15/workflows/sbom.md b/docs/versioned_docs/version-2.15/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.15/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.15/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.15/workflows/verify-cli.md b/docs/versioned_docs/version-2.15/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.15/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.15/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.16/workflows/sbom.md b/docs/versioned_docs/version-2.16/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.16/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.16/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.16/workflows/verify-cli.md b/docs/versioned_docs/version-2.16/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.16/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.16/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.17/workflows/sbom.md b/docs/versioned_docs/version-2.17/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.17/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.17/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.17/workflows/verify-cli.md b/docs/versioned_docs/version-2.17/workflows/verify-cli.md
index 86392346b..e33569d37 100644
--- a/docs/versioned_docs/version-2.17/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.17/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -37,7 +37,7 @@ You don't need to verify the Constellation node images. This is done automatical
 This guide assumes Linux on an amd64 processor. The exact steps for other platforms differ slightly.
 :::
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.2/workflows/sbom.md b/docs/versioned_docs/version-2.2/workflows/sbom.md
index 817685a02..e8ba25a64 100644
--- a/docs/versioned_docs/version-2.2/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.2/workflows/sbom.md
@@ -36,7 +36,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.2/workflows/verify-cli.md b/docs/versioned_docs/version-2.2/workflows/verify-cli.md
index a65a5a749..52ed24d95 100644
--- a/docs/versioned_docs/version-2.2/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.2/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.3/workflows/sbom.md b/docs/versioned_docs/version-2.3/workflows/sbom.md
index 817685a02..e8ba25a64 100644
--- a/docs/versioned_docs/version-2.3/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.3/workflows/sbom.md
@@ -36,7 +36,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.3/workflows/verify-cli.md b/docs/versioned_docs/version-2.3/workflows/verify-cli.md
index ebaa86b21..01a2583d6 100644
--- a/docs/versioned_docs/version-2.3/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.3/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.4/workflows/sbom.md b/docs/versioned_docs/version-2.4/workflows/sbom.md
index 817685a02..e8ba25a64 100644
--- a/docs/versioned_docs/version-2.4/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.4/workflows/sbom.md
@@ -36,7 +36,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.4/workflows/verify-cli.md b/docs/versioned_docs/version-2.4/workflows/verify-cli.md
index ebaa86b21..01a2583d6 100644
--- a/docs/versioned_docs/version-2.4/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.4/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.5/workflows/sbom.md b/docs/versioned_docs/version-2.5/workflows/sbom.md
index 817685a02..e8ba25a64 100644
--- a/docs/versioned_docs/version-2.5/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.5/workflows/sbom.md
@@ -36,7 +36,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.5/workflows/verify-cli.md b/docs/versioned_docs/version-2.5/workflows/verify-cli.md
index ebaa86b21..01a2583d6 100644
--- a/docs/versioned_docs/version-2.5/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.5/workflows/verify-cli.md
@@ -1,6 +1,6 @@
 # Verify the CLI
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -25,7 +25,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.6/workflows/sbom.md b/docs/versioned_docs/version-2.6/workflows/sbom.md
index e304466bb..92550c182 100644
--- a/docs/versioned_docs/version-2.6/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.6/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.6/workflows/verify-cli.md b/docs/versioned_docs/version-2.6/workflows/verify-cli.md
index 906031c7a..aa2df4be4 100644
--- a/docs/versioned_docs/version-2.6/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.6/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -33,7 +33,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.7/workflows/sbom.md b/docs/versioned_docs/version-2.7/workflows/sbom.md
index e304466bb..92550c182 100644
--- a/docs/versioned_docs/version-2.7/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.7/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.7/workflows/verify-cli.md b/docs/versioned_docs/version-2.7/workflows/verify-cli.md
index 906031c7a..aa2df4be4 100644
--- a/docs/versioned_docs/version-2.7/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.7/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -33,7 +33,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.8/workflows/sbom.md b/docs/versioned_docs/version-2.8/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.8/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.8/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.8/workflows/verify-cli.md b/docs/versioned_docs/version-2.8/workflows/verify-cli.md
index 906031c7a..aa2df4be4 100644
--- a/docs/versioned_docs/version-2.8/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.8/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -33,7 +33,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64
diff --git a/docs/versioned_docs/version-2.9/workflows/sbom.md b/docs/versioned_docs/version-2.9/workflows/sbom.md
index ca1ae7d4b..6c1702dee 100644
--- a/docs/versioned_docs/version-2.9/workflows/sbom.md
+++ b/docs/versioned_docs/version-2.9/workflows/sbom.md
@@ -40,7 +40,7 @@ cosign verify-blob --key cosign.pub --signature constellation.spdx.sbom.sig cons
 
 ### Container Images
 
-SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/signing/other_types#sboms-software-bill-of-materials) and uploaded to the same registry.
+SBOMs for container images are [attached to the image using Cosign](https://docs.sigstore.dev/cosign/signing/other_types/#sboms-software-bill-of-materials) and uploaded to the same registry.
 
 As a consumer, use cosign to download and verify the SBOM:
 
diff --git a/docs/versioned_docs/version-2.9/workflows/verify-cli.md b/docs/versioned_docs/version-2.9/workflows/verify-cli.md
index 906031c7a..aa2df4be4 100644
--- a/docs/versioned_docs/version-2.9/workflows/verify-cli.md
+++ b/docs/versioned_docs/version-2.9/workflows/verify-cli.md
@@ -8,7 +8,7 @@ This recording presents the essence of this page. It's recommended to read it in
 
 ---
 
-Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/signing/quickstart), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
+Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/signing/overview/), [Rekor](https://docs.sigstore.dev/logging/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at `https://rekor.sigstore.dev`.
 
 :::note
 The public key for Edgeless Systems' long-term code-signing key is:
@@ -33,7 +33,7 @@ You don't need to verify the Constellation node images. This is done automatical
 
 ## Verify the signature
 
-First, [install the Cosign CLI](https://docs.sigstore.dev/system_config/installation). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
+First, [install the Cosign CLI](https://docs.sigstore.dev/cosign/system_config/installation/). Next, [download](https://github.com/edgelesssys/constellation/releases) and verify the signature that accompanies your CLI executable, for example:
 
 ```shell-session
 $ cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64