Cryptographic Signatures - A Building Block Not A Panacea

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore the role of cryptographic signatures in securing the software supply chain through this informative conference talk. Delve into the capabilities and limitations of cryptographic signatures, understanding their function as a crucial building block rather than a complete solution. Learn about effective implementation strategies, common pitfalls to avoid, and real-world applications in cloud native supply chain security. Examine topics such as compromise resilience, verification processes, trust establishment, and delegation mechanisms. Gain insights into signature projects like Notation, Cosine, and Update Framework. Discover how multisignatures and thresholds enhance security measures. Equip yourself with essential knowledge to leverage cryptographic signatures effectively in your software development and security practices.

Syllabus

Intro
How do they work
What does it mean
Things to think about
Why use signatures
Compromise resilience
Verification
Storage
Establishing Trust
Trust Limitations
Delegations
Multisignatures
Signature Projects
Notation
Cosine
Update Framework
Entoto
Thresholds
Contact Info
Template

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Cryptographic Signatures - A Building Block Not A Panacea

Taught by

No Keys? No Problem - Why You Can Trust Sigstore Signatures

Zero Trust Supply Chains with Project Sigstore and SPIFFE

Secure Boot from A to Z - Building a Complete Chain-of-Trust

Sigstore: Using Transparent Digital Signatures to Help Secure the Software Supply Chain

Never Stop Learning.