all InfoSec news
How to Use Sigstore without Sigstore
Jan. 2, 2023, 4:06 a.m. |
IACR News www.iacr.org
ePrint Report: How to Use Sigstore without Sigstore
Yan-Cheng Chang
Sigstore is a Linux Foundation project aiming to become the new standard for signing software artifacts. It consists of a free certificate authority called Fulcio, a tamper-resistant public log called Rekor, and an optional federated OIDC identity provider called Dex, where Rekor also acts as the timestamping service. Several command line interfaces (CLIs), written in different languages, are available to interact with it for signing software artifacts.
Ironically, we will …
artifacts authority called certificate certificate authority dex eprint report foundation free identity identity provider linux linux foundation log project public report signing sigstore software standard
More from www.iacr.org / IACR News
Regev Factoring Beyond Fibonacci: Optimizing Prefactors
1 day, 14 hours ago |
www.iacr.org
NTRU-based FHE for Larger Key and Message Space
1 day, 14 hours ago |
www.iacr.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cybersecurity Engineer
@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
Invoice Compliance Reviewer
@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
Technical Program Manager II - Compliance
@ Microsoft | Redmond, Washington, United States
Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence
@ Moonshot | Washington, District of Columbia, United States
Customer Engineer, Security, Public Sector
@ Google | Virginia, USA; Illinois, USA