Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Ergonomic Codesigning for the Python Ecosystem with Sigstore

PyCon US via YouTube

Overview

Explore the future of code signing in the Python packaging ecosystem through this PyCon US talk by William Woodruff. Dive into the world of Sigstore, a revolutionary approach that allows package maintainers and users to sign and verify the authenticity of Python packages without the complexities of PGP. Gain insights into the cryptographic fundamentals of code signing and understand how Sigstore eliminates the need for long-term key material. Learn about the ongoing efforts to integrate Sigstore into Python packaging, including the standardization process and foundational work required for introducing a new code signing format. Discover the security model of Sigstore and the guarantees it provides for the Python packaging ecosystem. Get a comprehensive overview of the current state of Sigstore for Python, future goals, and ways to contribute to this important initiative in supply chain security.

Syllabus

Python is everywhere
let's talk about "supply chain security"
codesigning: a quick overview
codesigning for packaging ecosystems
codesigning for Python packaging: status quo
solving identity and key management with Sigstore
sunlight is the best disinfectant
Sigstore for Python: where we are
Sigstore for Python: where we want to be
Sigstore for Python: how you can help

Taught by

PyCon US

Reviews

Start your review of Ergonomic Codesigning for the Python Ecosystem with Sigstore

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.