Sigstore: Roots of trust for software artifacts

Sigstore has become the default software signing method for everything from Kubernetes to NPM, Maven, and PyPi, verifying the integrity of more than a million open source packages.

Related Keywords

Vint Cerf ,Brandon Phillip ,Google ,Certification Authority Browser Forum ,Transport Layer Security ,Certificate Transparency ,Binary Transparency ,Transparency Log ,