PGI spec: add supported algorithms section

algorithm-registry.md

@@ -6,9 +6,10 @@ file **must** be reflected in the `PublicKeyDetails` enumeration in
 [`sigstore_common.proto`] in [sigstore/protobuf-specs].
 
 Sigstore clients aren't required to support all algorithms in this registry,
-and **MAY** support algorithms that aren't in the registry. However,
-compatibility with the Sigstore Public Good Instance requires support
-for at least one of these algorithms.
+and **MAY** support algorithms that aren't in the registry.
+
+See [Spec: Sigstore Public Deployment](./sigstore-public-deployment-spec.md)
+for the algorithms supported by Sigstore's public good instance.
 
 ## Signature Algorithms
 
@@ -22,7 +23,9 @@ for at least one of these algorithms.
 |           | rsa-sign-pss-4096-sha256   | sign/verify |                                                                                  |
 | ECDSA     | ecdsa-sha2-256-nistp256    | sign/verify |                                                                                  |
 |           | ecdsa-sha2-384-nistp384    | sign/verify |                                                                                  |
+|           | ecdsa-sha2-256-nistp384    | sign/verify | Not recommended.                                                                 |
 |           | ecdsa-sha2-512-nistp521    | sign/verify |                                                                                  |
+|           | ecdsa-sha2-256-nistp521    | sign/verify | Not recommended.                                                                 |
 | EdDSA     | ed25519                    | sign/verify |                                                                                  |
 |           | ed25519-ph                 | sign/verify | Recommended only for `hashedrekord`.                                             |
 | LMS       | lms-sha256                 | sign/verify | Stateful; signer selects the `H` parameter. Not recommended for keyless signing. |

sigstore-public-deployment-spec.md

@@ -191,3 +191,40 @@ The Sigstore project provides the resources necessary to deploy private Sigstore
 * [sigstore/scaffolding](https://github.com/sigstore/scaffolding)
 * [sigstore/sigstore-probers](https://github.com/sigstore/sigstore-probers)
 * [sigstore/policy-controller](https://github.com/sigstore/policy-controller)
+
+### 5.2 Supported Algorithms
+
+The Sigstore public good instance supports a subset of the algorithms defined
+in the [Algorithm Registry](./algorithm-registry.md). Clients that interoperate
+with the public good instance **MUST** support
+these algorithms in their respective contexts.
+
+#### 5.2.1 TUF
+
+The public good instance uses `ecdsa-sha2-256-nistp256` for all TUF signing keys.
+
+#### 5.2.2 Fulcio
+
+The public good instance uses `ecdsa-sha2-384-nistp384` for Fulcio's
+certificate chain and `ecdsa-sha2-256-nistp256` for Fulcio's certificate
+transparency log.
+
+Clients may submit Certificate Signing Requests (CSRs) with the following
+algorithms:
+
+* `ecdsa-sha2-256-nistp256`
+* `ecdsa-sha2-384-nistp384`
+* `ecdsa-sha2-512-nistp521`
+* `ed25519`
+* `rsa-sign-pkcs1-2048-sha256`
+* `rsa-sign-pkcs1-3072-sha256`
+* `rsa-sign-pkcs1-4096-sha256`
+
+#### 5.2.3 Rekor
+
+The public good instance uses `ecdsa-sha2-256-nistp256` for Rekor's
+public key.
+
+#### 5.2.4 Timestamp Authority
+
+TODO.