Sigstore Announces General Availability of Software Signing Service

0
117
Essential Skills for IT Managers

Dit bericht verscheen eerder bij FOSSlife

Sigstore has announced the general availability of its free software signing service, 

According to the announcement, Sigstore “provides a set of tools designed to improve supply chain security by making it easy to sign, verify and check the software developers are building and consuming.”

Sigstore functionality brings together free open source technologies including Fulcio, Cosign, and Rekor. And, according to the website, it handles digital signing, verification, and checks for provenance needed to make it safer to distribute and use open source software.”

Kubernetes and Python have already adopted Sigstore for their production releases, and npm says they are actively working to integrate Sigstore as well.

Dit bericht verscheen eerder bij FOSSlife

Vorig artikelPrepare today for potentially high-impact OpenSSL bug
Volgend artikelWhat to Know About EU’s Digital Markets Act