Beyond Signatures - Using TUF and Notary to Secure Software Distribution

Overview

Explore the critical aspects of secure software distribution in this conference talk. Delve into The Update Framework (TUF) and its application in protecting against attacks on software distribution and updates. Discover how TUF can enhance security for registries and learn about its adaptation for use with the Notary v2 project. Examine the threat model, cryptographic signatures, and their limitations. Gain insights into TUF attacks, principles, and features such as explicit and implicit relocation and offline keys. Understand the importance of securing the system and explore new features in this comprehensive overview of TUF and Notary for software distribution security.

Syllabus

Intro
Why do we care
What are we doing
Threat model
Cryptographic signatures
The downside of cryptographic signatures
Summary of attacks
TUF attacks
TUF principles
Explicit and implicit relocation
Offline keys
Securing the system
New features
Learn more

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Beyond Signatures - Using TUF and Notary to Secure Software Distribution

3000+ Courses from California Community Colleges

Most common

Popular subjects

Popular courses

Beyond Signatures - Using TUF and Notary to Secure Software Distribution

Overview

Syllabus

Taught by

Reviews

3000+ Courses from California Community Colleges

Taught by

TUF-En Up Your Signatures - Enhancing Software Distribution Security

Whose Sign Is It Anyway?

Talking TUF: Securing Software Distribution

Securing the Software Supply Chain with TUF and Docker - Protecting Against Distribution Attacks

Securing Content Distribution with The Update Framework - TUF

Never Stop Learning.