Read the original article: Free sigstore signing service confirms software origin and authenticity
The Linux Foundation, the nonprofit organization enabling innovation through open source, today announced the sigstore project, which improves the security of the software supply chain by enabling the easy adoption of cryptographic software signing backed by transparency log technologies. sigstore will empower software developers to securely sign software artifacts such as release files, container images and binaries. Signing materials are then stored in a tamper-proof public log. The service will be free to use for all developers … More
The post Free sigstore signing service confirms software origin and authenticity appeared first on Help Net Security.
Read the original article: Free sigstore signing service confirms software origin and authenticity