►
From YouTube: CNCF Security TAG Supply Chain WG 2021-09-02
Description
CNCF Security TAG Supply Chain WG 2021-09-02
C
C
D
C
E
C
D
E
E
B
Sure
so
we're
gonna
be
talking
today
about
a
git
bomb
which
is
sort
of
an
attempt
to
get
to
a
verifiable
artifactory.
It's
particularly
useful
for
enabling
launch
time
security
scanning,
but
it
can
be
used
for
a
whole
variety
of
things.
I
wanted
to
briefly
stop
and
call
out
you
know
ava
black
and
frederick
house,
who
are
collaborators
that
I
have
in
this
particular
endeavor,
so
really
quickly.
How
many
of
you
folks,
like
the
unix
model,
quick,
show
of
hands?
You
know
they
basically
build
a
tool.
That
does
one
thing.
B
Well,
that
can
be
you
know,
strung
together
with
other
tools:
okay,
good,
fantastic
you're,
gonna,
love.
This,
then
because
it
does
exactly
one
thing.
So
this
is
a
security
crowd,
so
I'm
sure
you're
familiar
with
the
colonial
pipeline
hack.
That
happened
recently
in
the
resulting
cyber
security
executive
order
in
the
united
states
that
came
down
that
was
primarily
focused
on
two
things.
B
What
vendor
did
you
get
this
from?
What's
the
release
version?
What's
the
contact
information
give
me
licensing,
information,
copyright,
information,
etc,
etc,
and
they
usually
get
built
out
sort
of
this
way
in
a
tree,
and
there
are
a
few
competing
standards
in
this
area:
suid
spdx,
cyclin,
dx,
I'm
mostly
familiar
with
spdx.
B
I
used
to
work
with
those
folks
way
back
in
the
early
days,
which
is
kind
of
how
I
got
this
thinking
about
this
again,
and
so,
when
thinking
about
this,
like
this,
this
kind
of
a
thing
when
you've
got
a
tree
with
metadata.
It
gets
a
little
bit
of
mess,
get
a
little
bit
messy
for
a
variety
of
reasons,
and
so
often
when
faced
with
hard
problems,
I'll,
try
and
take
inspiration
from
very
simple
systems
that
are
powerful,
which
is
sort
of
how
I
got
thinking
about
get
again.
B
So
how
many
folks
are
familiar
with
git
internals
like
what's
actually
going
on
inside,
get
okay?
How
many
folks
are
aware
that
git
is
actually
an
object,
data,
an
object,
store
masquerading
as
an
scm,
okay,
good
and,
and
so
basically
git
says.
Okay,
I've
got
objects
and
it's
got
a
very
simple
object:
format,
there's
some
kind
of
a
type,
a
space
the
size
as
an
ascii
string
base,
10
of
the
content,
a
null
character,
and
then
it's
content
now
some
interesting
things
about
this.
B
B
B
Also,
probably
some
of
you
are
probably
jumping
up
and
down
screaming
right
now
in
your
heads
about
shawwan
and
the
shattered
folks
and
the
fact
that
they
claim
to
have
broken
it.
And
yes,
they
have
in
fact
demonstrated
that
in
a
pdf
in
which
you
have
infinite
flexibility
to
introduce
junk
data,
you
can
in
fact
very
expensively
break
sha-1,
but
there's
a
lot
more
structure
to
this
than
what
you
get
in
their
example.
B
That
makes
it
enormously
harder
to
actually
break
git
ref
and
I'm
aware
of
no
actual
demonstrations
of
breaking
git
rough
or
anybody
even
getting
close
at
this
point.
But
then
that
result
is
you
get
this
40
character,
byte
string
of
which
we're
usually
familiar
with
the
first
seven
or
20
bytes?
Frankly,
and
of
course,
when
you
look
at
blobs,
as
I
said,
that's
just
a
bite
array
now
the
interesting
thing
to
really
keep
in
mind
here
is
it's
the
content
of
the
files.
This
does
not
include
file,
name
or
path
information.
B
It
does
not
include
mode
information,
it
does
not
include
any
metadata,
it's
just
the
contents,
so
any
file
anywhere
with
the
same
contents
will
have
the
same
blob
object
now.
This
is
really
important
when
you're
building
an
artifactory,
because
when
you're
building
an
artifact
tree
where
that
file
happens
to
be
located
is
metadata
about
it.
It's
not
actually
a
fundamental
thing
about
what
gets
built
into
it.
B
Then
it
doesn't
actually
matter
that
we
were
in
different
home
directories
when
we
built
it
in
terms
of
all
the
characteristics
around
vulnerability,
information,
licensing
information
and
everything
else
that
you
actually
care
about
with
an
spom,
and
you
know
so.
Basically,
this
is
a
super
important
and
useful
characteristic
of
get
lobs.
B
B
That
was
the
first
realization.
The
second
realization
is,
you
got
to
separate
the
metadata
from
the
artifactory,
and
the
reason
this
is
crucial
is
that
metadata
can
vary
independent
of
the
artifact
tree
I
mentioned
before.
For
example,
there
are
people
who
want
to
put
contact
information
into
the
metadata
for
the
artifact
tree.
Well,
when
you've
got
companies
that
are
providing
support
for
things,
I
may
send
you
exactly
the
same
artifact
from
cisco
that
you
got
from
yoyodyne,
but
we
may
have
entirely
different
contact
information.
B
So,
just
to
sort
of
give
you
an
example
of
what
I
mean
by
artifact
trees,
because
pictures
help
a
lot
of
people
right.
This
is
sort
of
a
familiar
one
from
the
sea
world.
Right,
you
get
a
bunch
of
dot
c
files;
they
pull
in
a
bunch
of
header
files,
those
get
compiled,
2.0
files,
which
are
another
node
in
the
tree.
Those
get
linked
together
into
an
executable
so
like
this
is
sort
of
the
hello
world
of.
How
do
you
think
about
this?
The
c
case?
B
Now,
of
course,
you
can
get
more
complicated.
You
can
say
well
what,
if
I've
got
static,
libraries
that
I'm
linking
in
right?
Well,
that's
actually
not
so
hard,
because,
again
c
and
h,
files
get
linked,
auto
files
in
the
case
of
the
static
library,
those
get
linked
into
a
dot
a
file.
When
you
build
your
executable
from
a
static
library,
you
link
the
dot
a
file
into
your
executable.
It's
still
a
tree,
and
you
still
have
these
artifacts
that
are
all
bytes.
B
One
that
gets
really
fun
is
running
executables
because
oftentimes,
at
least
in
the
sea
world,
when
you
have
an
executable
you're,
not
actually
really
executable
by
yourself.
You've
got
a
link
in
shared
shared
libraries,
but
again
these
are
just
things
with
their
own
artifact
tree,
and
so
you
can
actually
reason
about
the
running
executable
tree
independent
of
the
executable,
because,
for
example,
it
may
be
that
this
executable
is
vulnerable
with
particular
versions
of
a
shared
library,
but
not
with
others,
and
so
in
terms
of
reasoning
about
vulnerabilities
at
runtime.
B
Python
is
extremely
boring
in
this
regard,
because
py
files
get
compiled
to
pyc
files,
and
then
they
all
get
dynamically
linked
at
runtimes.
You
you
in
python
you're
always
dealing
with
the
runtime
artifact
tree,
and
I
can
literally
go
on
and
on
like
every
single
example,
I've
looked
at
has
something
that
looks
like
this
that
can
fit
into
this
particular
approach.
B
B
B
You
know
a
new
line,
blob
space,
the
get
ref
of
artifact
five,
a
new
line.
You
keep
going
down
the
line
and,
of
course
you
want
everyone
to
come
to
the
same
conclusion.
So
you
lexically
order
this,
but
it
turns
out
to
be
really
easy
to
lexically
order
this
and
arrive
at
the
same
answer
any
time,
you're
compiling
four
and
five
into
two.
B
And,
of
course,
you
can
do
the
same
thing
exactly
with
artifact
three
to
get
its
get
bomb
file
for
artifact
three
and
then,
where
things
get
fun
is
artifact
one,
because
artifact
one
has
children
artifact
two
and
three,
but
they
also
have
children.
So
how
do
you
capture
the
treeness
of
this
and
the
answer
is
and
for
those
of
you
who
play
with
merkel
trees?
None
of
this
is
rocket
science.
B
You
simply
say:
look
if
you're
an
artifact
that
has
children
who
themselves
have
children,
then
you
start
the
same
way.
You
know
basically
blob
space
in
the
get
rid
of
the
artifact.
That's
your
immediate
child,
but
then,
if
your
immediate
child
has
itself
a
get
bomb,
you
simply
say
bomb
space
and
the
get
ref
of
the
get
bomb
of
that
particular
child.
B
So
now
these
git
bump
files
now
describe
the
tree.
You've
got
a
very,
very
simple
format
for
how
to
deal
with
these
and
because
we're
lexically
ordering
so
we're
going
to
get
this
the
same
way.
Every
time
I
can
tell
looking
at
this
particular
bomb.
You
know
I
I
can
basically
tell
if
you
give
me
the
collection
of
the
git
bomb
files
that
I've
actually
got
a
tree.
It's
the
same
method
with
merkle
trees,
that's
used
by
git
itself
to
make
sure
that
you
actually
are
getting
the
code
that
you
expected
from
a
particular
commit.
B
Then
you
could
have
all
of
your
metadata
reference
either
the
artifacts
by
their
git
ref
or
if
they
need
to
reference
the
parent
child
relationships
by
the
get
ref
of
the
git
bomb
for
that
parent-child
relationship
right.
So,
if
you
want
to
say,
okay,
artifact
7
is
a
source
code
file
that
is
the
source
of
a
known
cve.
B
You
can
reference
that
as
metadata.
If
you
want
to
say,
artifact
6
is
actually
licensed
as
gplv3.
You
can
reference
that
as
metadata,
and
this
way
you
can
actually
have
all
kinds
of
independent
reasoning
about
metadata,
both
in
s-bom
formats,
but
even
also
in
other
places,
because
the
artifact
tree
gives
you
a
skeleton
to
put
all
of
that
stuff
on
by
the
way.
Stop
me
at
any
point.
Folks.
If
you
have
questions,
I
love
questions.
B
Okay,
so
the
really
cool
part
about
this
is
the
fact
that
metadata
references
into
the
tree
is
that
it
turns
out.
This
means
that
git
bomb
is
compatible
with
the
other
s
bomb
approaches
already
in
the
world,
because
all
of
them
allow
some
form
of
external
identifier
that
you
can
use
to
reference
things
and,
and
so
don't
think
of
get
bomb
as
a
competitor
to
the
existing
s
bomber
approaches,
because
we're
not
they're
doing
way
more
stuff
than
we're
doing.
Remember
we
love
the
unix
model.
B
So
this
is
where
we
get
really
fun,
because
now
that
we
have
a
git
ref
for
the
git
bomb
for
a
particular
artifact,
we
can
ask
ourselves
it's
small,
it's
literally
20
bytes
in
size.
Where
can
we
stick
it
where
we
can
always
find
it
and,
of
course
the?
Where
do
you
stick
it?
Where
you
can
always
find
it?
Well,
of
course
you
stick
it
in
the
artifact.
B
B
Okay,
that's
cool,
so
l
files.
This
is
fairly
easy
and
it's
actually
also
cheap.
It's
sort
of
going
to
cost
you
about
89,
bytes
per
executable,
and
while
the
iot
people
there
do
exist,
people
from
89
bytes
is
a
stretch.
That's
not
most
of
us
ar
files
they're.
Basically
things
like
that.
A
files
also,
I
think
it's
devs-
are
also
done
as
dot
a
file
ar
files.
You
can
simply
embed
the
git
bomb
identifier
into
an
archive
entry,
name,
dot.
Bom.
B
You
can
play
the
same
game
with
general
artifact
files,
your
general
archive
files,
the
same
thing
can
be
done
with
annotations.
In
java,
in
pyc
files,
the
python
community
could
choose
to
adopt
an
understore
underscore
bomb
that
gets
computed
by
the
python
compiler
we're
looking
at
container
images,
there's
actually
space
in
the
manifest
for
annotations.
B
B
Because
then,
if
I
sit
down-
and
I
write
a
program
in
c
and
I
haul
out
a
git
bomb
enabled
lvm
and
I
build
it,
everything
is
get
bombed
right.
So
if
this
moves
its
way
into
the
compiler
linker
chain
and
a
variety
of
people
have
expressed
interest
in
doing
so,
then
you
sort
of
have
this
coming
through
with
great
fidelity,
relatively
free
and.
E
E
It
is
the
authoritative
reference
and
also
the
amount
of
effort
it
would
take
to
convince
every
software
developer
out
there,
a
project
out
there
to
change
their
ci
system
or
process
or
remember,
to
run
an
extra
step
after
their
build
is
exponentially
larger
than
the
number
of
compilers
out
there
that
we
could
go
work
with
typically
compiler
folks
are
also
much
more
concerned
about
security
and
doing
this.
Well,
it's
just
a
much
easier
surface
area
to
go.
Get
this
work
done!
B
And
you
know
if
you
started
talking
to
them,
you
got
an
endless
assertion
of
corner
cases
where,
if
you
wanted
the
compiler
a
linker
for
this,
it
broke
down
and
broke
down
badly,
and
then
I
sort
of
hum
a
few
bars
about
how
you
might
you
know
one
of
the
ways
you
might
propagate
this
forward
through
the
tool
chain
so
that
you
can
move
the
breadcrumbs
forward
and
collect
them
at
the
end
of
building
an
artifact.
But
I'm
not
going
to
spend
too
much
time
on
that
right
now.
B
That's
been
signed
by
the
vendors,
so
they
I
know
that's
the
artifact
I
got
from
the
vendor,
then
I
can
look
in
that
artifact
and
I
can
see
the
get
bomb
ref
in
that
l
section
of
that
executable,
for
example,
and
then,
if
I'm
given
something
that
purports
to
be
the
get
bomb,
I
can
know
specifically
whether
that's
actually
the
get
bomb
or
not
because
tampering
with
the
git
bomb
would
change
to
get
rough
and
therefore
tell
me
that
I'm
not
getting
the
information.
I
thought
I
should
get.
B
So
distributing
git
bombs
also
becomes
super
easy.
You
can
literally
just
do
it
by
simple
static
pattern.
You
know,
example:
dot
com,
slash
bomb,
slash,
ref,
the
get
ref
of
the
artifact
could
give
you
the
you
know
the
git
bomb
file
that
you're
looking
for
or
they
get.
You
know
the
you
could
do
it
by
you
know
you
could
ask
for
a
fully
resolved
version
with
all
the
get
bombs
of
all
the
children.
You
could
also
ask
for
metadata
about
a
particular
git
ref,
so
it
all
becomes
fairly
referenceable
in
a
static
pattern.
B
E
Imagine
at
container
launch
time
opa
being
able
to
express
a
policy
that
says
cross-reference
the
get
bomb
of
this
container
image
against.
You
know
all
the
all
the
hashes
of
all
the
things
in
it
against
this
list
of
known
vulnerable
packages
and
if
you
find
any
matches
block
the
launch
of
that
container,.
B
B
Unfortunately,
food.c
has
been
copied
everywhere
across
the
known
universe,
because
it's
bsd
licensed
it's
a
single
file.
It
works.
Nobody
really
has
to
deal
with
it.
Much
imagine
being
able
to
now
see
that
food.c
has
been
built
into
things
in
the
artifact
tree
of
that
thing.
That
ava
was
just
describing
that's
enormously
more
powerful
than
just
packages.
F
I
I
think
I
would
have
a
question
just
about
how
willing
the
the
the
folks,
who
are
sort
of
managing
the
vulnerability
databases
to
include
some
of
these
things
that
I
think
one
of
the
big
issues
we've
seen
is
that
you
know
implementing
any
sort
of
change
like
that.
You
know,
like
often
I
think
cves
are
mostly
just
focused
around
packages
and
also
not
really
including
a
lot
of
metadata
where
sometimes
it's
like.
Actually,
this
package
doesn't
include
this
vulnerability.
B
C
E
B
I
mean-
and
please
also
note-
and
I
do
want
to
distinguish
this
strongly
from
scanning
tools,
because
scanning
tools
are
usually
trying
to
rummage
through
data
and
figure
things
out,
and
if
you
actually
use
scanning
tools
in
a
lot
of
these
environments,
you
often
get
a
lot
of
false
positives
that
are
difficult
to
sort
through.
It's
very
easy
for
them
to
miss
things
here,
we're
talking
about
providing
a
high
fidelity,
high
precision
picture
of
the
artifact
tree,
and
it's
not
so
much
of
a
matter
of
scanning.
B
Yeah,
the
other
one
that's
actually
kind
of
nice
about
this
is
in
talking
to
folks
who
are
interested
in
being
able
to
disclaim
vulnerabilities.
You
can
attach
the
disclaimers
to
artifact
refs
as
well.
So
if
take
my
apocryphal
food.c,
that
has
a
bunch
of
you
know
really
useful
crypto
implementations
in
it,
but
it
turns
out
that
it's
one
function
in
particular
that's
the
source
of
the
vulnerability.
B
B
That
simply
says.
We
know
we
have
this
file,
it's
vulnerable.
If
you
call
this
function,
we
have
looked,
and
we
do
not
call
that
function
and
therefore
we
disclaim
actually
having
this
vulnerability
simply
because
we
we
are
building
this
violet
and
that
gets
to
be
a
huge
operational
issue
if
you're,
actually
a
vendor
who
ships
software,
because
how
many
folks
actually
ship
software
that
industrial
scale
on
this
call.
B
I
think
you
might
have
vulnerability
your
cvex
for
a
variety,
whatever
reason
and
the
thing
is
even
if
you've
actually
been
really
on
top
of
your
game-
and
you
know
you
don't
the
means
by
which
you
communicate
this
to
your
customer
is
incredibly
expensive
because
it
usually
turns
into
support
calls
simply
being
able
to
mechanize
this,
not
only
in
terms
of
how
you
publish
the
information,
but
in
a
way
that
your
consumers
can
mechanize
their
consumption
of.
It
is
a
huge
win
for
everybody.
B
B
I've
got
people
that
I'm
dealing
with
internally,
who
are
very
interested
in
repeatable
and
verifiable,
builds,
and
so
getting
that
high
fidelity
artifact
tree
picture
is
the
huge
win
for
them
on
repeatable
builds
because
the
first
question
about
reputable
builds
is
why
exactly
do
you
believe?
That's
the
same,
build.
F
Now
this
looks
really
cool,
definitely
interested
in
understanding
a
lot
more
about
this.
I
know
there's
like
several
projects
out
there
that
are
starting
to
do
use,
merkle,
trees
to
start
to
sort
of
either
build
s-bombs
or
better
trace
the
understanding
of
of
the
supply
chain
it.
Actually,
I
guess
my
first
question
is:
is
there
any
sort
of
have
you
written
any
code
for
this
sort
of
thing
yet,
or
is
it
mostly
conceptual
right
now.
B
So
I
I've
started
hacking
a
bit
on
code.
I've
just
become
deeply
delusioned
with
the
fact
that
goes.
Elf.
Parser
is
only
a
person,
not
a
writer,
so
I'm
fixing
that
I've
started
writing
a
little
bit
of
toy
code
and
I've
got
several
folks
who
are
looking
at
various
compiler
implementations.
I've
had
folks
have
taken
a
look
at
lvm
and
gcc.
It
appears
to
be
eminently
doable
there
and
there's
some
interest
in
upstreaming
in
that
direction.
E
Looking
at
rust
and
dot
net
c
sharp
as
well,
there's
already
similar
work
as
far
as
generating
the
bomb
in
the
compiler
itself
for
net.
So
there's
definitely
interest.
We
don't
have.
I
don't
have
running
code
either
right
now,
but
all
in
the
code
for
this
needs
to
end
up
in
a
bunch
of
different
compilers.
E
F
F
You
know,
since,
since
they
are
trying
to
take
the
hard
path
of
literally
compiling
everything
from
scratch
and
making
sure
that
they
can
deterministically
sort
of
link,
everything
to
just
their
specific
shared
objects
and
libraries,
but
it
could
prove
to
be
interesting,
so
I
just
figured
I'd
throw
that
out
there.
I
I
know
very
little
about
it
outside
of
that
they
use
it.
B
D
A
E
E
E
B
B
The
other
thing
that's
going
to
be
super
interesting
here
is
that
how
this
gets
embedded
into
a
particular
artifact
is
going
to
be
a
little
bit
bespoke
to
the
kind
of
artifact
you're
talking
about
right.
I'm
not
going
to
stick
an
elf
section
into
a
container
image
because
it
doesn't
have
l
sections
and
the
what
constitutes
an
artifactory
is
also
going
to
be.
A
little
bit
spoke
to
languages.
B
You
know,
python
is
not
going
to
have
got
h
files,
for
example,
but
part
of
the
goal
here
was
to
have
a
single
single
way
of
doing
this.
That
is
so
freaking
simple
that
everyone
can
use
it
productively,
sort
of
back
to
the
unix
model.
When
I
commented
at
the
beginning,
you
know
one
thing
that
one
thing
does
something
super
super
well
simply
and
links
with
other
things.
That's
the
whole
goal
here:
it's
ambitiously
unambitious.
What
we're
doing.
E
This
seems
to
answer
a
chunk
of
that
in
a
really
concise
way,
in
terms
of
how
how
to
write
about
it
in
a
reference
architecture
document
not
sure
yet.
But
I'd
love
to
I'd
love
help
getting
this
added
to
the
build
tools
and
added
to
the
paper
talking
about
how
it
can
be
used
in
whether
it's
you
know
container
image,
registry
or
container
build
chain.
C
E
E
A
Yeah
as
not
so
much,
I
think
that
we're
going
to
get
a
malicious
compiler
breaks
everything,
but
more
that
if
the
compiler
is
fed,
maybe
bad
data
or
somebody
just
influence
a
broken
version
of
this
or
somebody
just
reruns
the
same
build
with
stale
data
every
single
time.
It
forgets
to
update
this
one
field:
there's
no
hard
link
in.
E
There
that
requires
is
there,
so
so
this
is
not
s-bomb
data
in,
in
the
sense
of
all
of
that,
metadata
of
you
know
the
file
path
or
who's
doing
the
build.
What
system
it's
on?
That
is
the
kind
of
thing
that's
often
captured
in
a
more
robust
s-bomb.
That's
not
captured
in
a
git
bomb.
Git
bomb
is
just
the
artifacts
that
go
in
and
come
out.
E
B
Yeah,
the
the
point
about
steel
metadata
actually
gets
to
some
one
of
the
reasons
why
separating
metadata
from
the
artifact
tree
is
a
really
important
thing,
because
you
could
issue
a
corrected
s-bomb
that
points
to
the
same
artifactory
and
say:
oh,
wait.
Crap,
we
forgot
to
update
this
metadata
without
invalidating
your
artifact
tree
at
all.
Right,
you
can
say:
oh
wait.
B
We
we
forgot
to
update
some,
you
know
licensing
information
or
some
vulnerability,
information
or
some
other
piece
of
metadata
about
it,
because
the
thing
that
we're
actually
going
through
and
validating
in
git
bomb
is
the
artifact
tree.
The
metadata
is
declarations
about
the
artifacts
and
the
relationships
in
the
tree
and
it's
entirely
possible
to
not
only
update
those
without
invalidating
the
tree.
B
A
A
Yeah
I'm
just
looking
at
where
the
borders
are
and
where
we
need
to
potentially
add
security
or
where
this
covers
us,
and
so
I'm
just
kind
of
drawing
those
lines.
So
the
hash
we're
going
to
get
out
of
this.
It's
just
a
single
hash.
It's
not
the
whole
tree
itself,
and
so
you
need
that
pointer.
Going
back
to
you
know
some
gif
on
database
of
some
kind
out
there
that
says.
Okay,
this
hash
you've
got
represents
this
entire
tree
of
data.
A
B
That
that's
so
part
of
it
is
that
we're
going
to
discover
better
practice
as
we
go
along,
so
you
don't
want
to
make
too
much
into
the
initial
notion
right.
So
when
I'm
talking
about
distributing
git
bombs,
I
expect
to
see
best
practices
emerge,
but
I
don't
think
that
when
specifying
git
bomb
you
want
to
be
pedantic
about
what
that
should
be.
So
take
this
slide
as
a
suggestion
more
than
anything,
but
because
the
things
you're
talking
about
are
entirely
because
the
things
you're
talking
about
are
basically
entirely
identifiable,
but
they
get
refs.
B
A
Yeah,
I
guess
where
I'm
going
with
that,
and
maybe
it's
just
that
there
needs
to
be
that
single
source
out
there,
like
a
github.
That's
doing
this,
for
us
is
that
if
I've
got
a
single
binary,
it
may
have
come
from
hp.
Do
I
know
to
go
to
the
hp,
git
bomb
server,
to
look
this
up
versus
someone
else?
Maybe
they
repackage
the
binary
from
someone
else,
and
so
do.
I
know
which
server
to
go
ping,
that
on.
B
Yeah,
no,
absolutely
and
there's
some
interesting
stuff
in
there.
Git
bomb
itself
is
not
explicitly
trying
to
solve
the
distribution
problem.
We're
trying
to
make
solving
it
easy,
if
that
makes
sense
by
having
bite-sized
chunks
that
better
in
standard
formats
and
like
I
said
because
your
question
is
in
fact
a
really
good
question.
I
sort
of
hum
a
few
bars
on
the
slide
about
distributing
git
bombs,
sort
of
as
a
solution
exists
humming,
but
I'm
by
no
means
saying
that
this
particular
distribution
solution
is
the
optimal
one.
B
C
F
Yes,
yes,
but,
but
I'm
saying,
like
you
can
potentially
sort
of
require
vendors
to
have
audits
that
somebody,
a
third
party,
is
saying
yep.
We
believe
your
build
system
is
generating
reasonable
s
bombs
here
that
we
are
signing
off
on
that
and
then
be
able
to.
It
would
be
useful
to
better
to
understand
how,
like
some
of
those
out
of
band
attestations
could
also
be
potentially
coming
in
there.
Where
somebody
third
party
has
come
in
and
said,
I
am
certifying
that
vendor
x
is
doing
the
right
thing.
E
So
having
vendors
provide
attestations,
they
have
inspected
something
they've
audited,
something
they
approve
of
something
yes,
absolutely
as
gets
at
the
beginning.
Following
the
unix
model,
git
bomb
is
trying
to
do
one
thing
and
do
it
well
and
not
solve
that
problem.
There
are
other
proposals
for
how
to
distribute,
attestations
and
audits
that
could
usually
reference
a
git
bomb
and
say:
yes,
we've
audited
this
git
bomb
at
this
time
by
this
vendor.
On
this
platform
it
is
trustable-
and
here
is
the
window
of
time
for
which
this
certificate
is
valid.
B
I
mean
it's
interesting
because
there's
a
lot
of
creative
things,
you
can
do
around
the
skeleton
because
again
get
bombs
not
doing
very
much.
It's
sort
of
doing
one
simple
thing
and
your
idea
actually
is
close
to
one
that
I
that
it
occurred
to
me,
which
is
how
many
folks
have
actually
been
involved
with
acquiring
a
software-based
company
like
the
due
diligence
process.
B
Now
you
don't
get
it
as
the
potential
acquirer,
but
the
third
party
that's
going
to
do
the
hygienic
examination
say
for
things
like
open
source
contamination.
They
get
the
code
and
there's
there's.
I
think
one
dominant
vendor
in
this
space
that
I'm
aware
of
there
are
probably
others,
but
you
could
actually
accentuate
that
process
by
saying
look:
okay,
you've
been
you
know
you,
the
company,
that
I'm
trying
looking
to
acquire.
You
keep
publishing
executables
and
they
have
git
bomb
reps,
so
we're
going
to
give
those
git
bomb
refs
to
the
source
code.
B
Oh
so
typically
you'll
take
if
I'm
a
company
x
that
is
looking
to
be
acquired
by
big
corp
right
and
I
will
send
my
big
corp
will
say:
I
want
to
make
sure
I'm
not
buying
something.
That's
so
gpl
contaminated.
I
can't
use
it
right,
so
big
corp
will
turn
to
auditor
x,
will
send
their
code
to
auditor,
and
auditor
will
go
through
the
code
and
produce
some
kind
of
report
about
open
source
usage
and
possible
contamination.
B
This
is
because
you
know
little
company
x
doesn't
want
to
simply
give
their
code
to
big
core
they're
legitimate
concerns
with
that.
If
this
becomes
common
practice,
little
company
x
has
been
selling
their
product
that
has
get
on
refs
in
it,
at
which
point
the
auditors
can
look
at
the
get
bomb
rest
in
the
executable
that
were
being
shipped
historically
by
company
x
and
say:
okay,
the
source
code
you
gave
us
doesn't
match
those
get
refs
those
git
bomb
trees.
E
The
previous
idea
for
vendors
of
open
source,
pro
or
vendors,
who
are
taking
open
source
and
wrapping
it
in
a
service
agreement,
makes
a
downstream
consumer
of
that
have
better
tools
to
be
able
to
audit
what
they're
receiving
and
say.
Hey,
you
told
me,
you
were
you,
know
rolling,
kubernetes
together
in
this
way,
but
the
hashes
for
the
thing
you
sent
me
don't
match
the
git
bomb.
For
the
thing
you
said
it
was.
C
E
I
guess
I'll
I'll
pull
andre's
question
back
a
little
bit.
The
the
content
of
this
meeting
stream
is
focused
a
lot
around
producing,
hopefully
a
white
paper
or
reference
architecture
for
the
cncf
supply
chain
work.
How
would
we
best
integrate
the
what
ed
and
I
just
shared
today
into
that
work
stream
in
the
timeline
you
all
have
given
that
we
don't
have
running
code
for
this
right
now?
F
F
With
that
said,
I
think
some
of
the
concepts
here
are
definitely
things
we
might
cite
in
sort
of
the
future
work.
That's
you
know
that
that
we
think
is
coming
out
and
I'd
be
interested
with.
You
know
some
of
the
folks
who
are
very
focused
on
the
notary
and
sick
store
stuff
right,
like
some
of
that,
like
how
do
you
see
all
of
this
kind
of
coming
together
and
and
and
where
do
you
see
that
synthesis
I'd
be
interested
in
hearing
more
thoughts
from
from
other
folks?
On
that.
E
A
B
D
Well,
tying
it
back
to
the
paper.
I
think
the
papers
can
give
you
reach
to
a
broader
audience.
We
do
have
dedicated
assignees
for
it
for
the
different
areas
we
can
help
you
identify
who
those
are.
I
don't
know
if
it'd
be
prudent
at
this
point
in
time
for
to
say,
hey,
we're,
opening
up
the
doc
to
you.
Try
to
slot
this
in
here
or
wedge
it
in
or
that,
as
michael
pointed
out,
it
we're
cutting
it
a
little
bit
close.
D
B
Yeah
and
that's
fair-
I
mean
I,
I
have
a
basic
principle
that
I
live
by,
which
is
no
unnatural
acts.
I
try
and
avoid
asking
encouraging
or
even
having
people
mistakingly
commit
unnatural
acts
on
my
behalf
and
your
basic
statement,
which
reads
true
to
me
sort
of
says:
look
we're
not
going
to
go,
commit
a
natural
acts
in
this
process
around
git
bomb,
and
I
am
a
million
percent
behind
that.
D
D
C
A
A
E
C
A
D
C
Cool
sorry,
one
quick
request
in
terms
it's
a
bit
housekeeping.
Almost
I
was
looking
at
the
the
no
for
the
meeting,
and
one
thing
that's
lacking.
Maybe
for
newcomers
is
at
the
top
sort
of
a
clear
indication
of
what
the
current
goals
of
the
working
group
is,
because
you
can
land
in
the
document
and
sort
of
try
and
catch
up
on
all
the
notes,
but
it
would
just
be,
I
think,
convene
to
have
a
bit
at
the
top,
like
you
know,
we're
working
on
getting
this
document
out.
E
C
Yeah,
sorry,
sorry,
my
point
was
more
general
to
the
whole
working
group
not
specifically
get
bomb,
though
it
would
be
also
interesting
for
git
bomb.
Obviously-
and
I
I
guess,
you'll
reach
that
point
in
time-
it
seems
like
it's,
you
know
quite
new.
Also
it's
really
cool.
So
thanks
a
lot
for
presenting
but
yeah.
My
my
point
was
more
about
the
the
working
group
in
general.
F
C
D
D
You
have
if
you
could
share
the
the
link
to
the
slides
I'll
post
a
recording
later
today
and
I'll
make
sure
to
include
the
slides
there
and
we'll
promote
it
to
our
channels.
Thank
you
very
much
great
presentation.
So
michael
yeah,
as
you
were,
saying,
we're
trying
to
target
kubecon
for
a
published
draft
open
for
comments.
D
A
C
F
Cool
from
from
my
end,
yeah,
I
think
things
are-
are
really
starting
to
come
together.
The
only
part-
and
this
is
also,
I
think,
the
weakest
part
from
my
perspective
just
like
from
sorry,
my
understanding
is
just
around-
I
think
some
of
that
sort
of
like
how
do
we
distribute
identities
and
yaya,
and
how
does
that
all
sort
of
look
inside
this
inside
the
big
picture?
F
Anybody
have
any
thoughts
around
any
sort
of
big
gaps
that
they
think
that,
like
are
missing
here
that
like,
if
we
were
to
say,
hey,
you
know
other
than
outside,
of
like
filling
in
some
details.
Is
there
anything
that
they
think
we
can't
possibly
have
be
securing
a
supply
chain?
If
we're
not
doing
this
thing
or
if
we're
not
talking
about
this
thing,
is
there
anything
that
folks
think
is
still
sort
of
like
a
huge
gap.
F
Hoping
silence
is
a
good
sign
there
it.
If
that's
the
case,
do
we
think
that
in
general
the
scope
is
now
pretty
decent
that
we
haven't
kind
of
like
you
know,
because,
because
assuming
all
those
things,
I
think
one
of
the
other
things
that
we
probably
want
to
start
working
on
is
just
talking
a
little
bit
about
what
the
reference
architecture
actually
gives
you
right
like
assuming
you
follow
this
reference
architecture,
here's
the
sorts
of
things
that
you
could
expect
us
minimum.
F
Well,
I
I
think
that
there
are
definitely
things
that,
like
at
the
end
of
the
day,
I
don't
want
to
say
guarantee,
because
when
it
comes
to
any
of
these
things,
right,
like
I
think,
as
we
sort
of
talked
about
right,
if,
if,
if
somewhere
down
the
line,
even
if
you
did
all
these
things
and
it
turned
out-
you
know
somebody
compromised
intel
chips,
yeah
you're,
probably
still
you
know,
you
can't
necessarily
trust
that.
So
I
think
the
thing
here
is
like
you
know,
one
is
temper.
F
Expectations
like
we
might
be
able
to
say
this
is
a
guarantee
within
this
sort
of
general
framework,
but
I
don't
think
we
can.
Specifically.
You
know,
I
think,
when
it
comes
to
you
know
most
security
things
very
few
people
are
guaranteeing
stuff
they're,
saying
we're
minimizing
these
sorts
of
risks.
Where
you
know
that
kind
of
thing.
D
D
D
D
So
we
we're
like
at
this
point
where
well,
we
think
we're
we're
covered
on
like
the
minimum
viable
architecture
for
a
secure
supply
chain.
At
least
we
think
so
we
want
to
test
that
assumption,
so
we
want
to
float
a
very
early
rough
draft
that
we
have
for
you
to
poke
holes
at,
and
the
other
thing
we
want
to
do
next
is
like
well,
we
want
to
talk
about
the
security
of
this
architecture
as
a
whole,
which
is
what
michael
was
talking
about
like
talk
about
talk
about
risk.
B
Yeah,
well,
I
absolutely
cannot
guarantee
time.
I
have.
I
definitely
have
interest,
and
I
also
have
history
because
I
was
building
s
bombs
in
07
at
industrial
scale,
in
order
to
be
able
to
track
a
number
of
considerations,
and
I
was
involved
in
the
very
early
days
of
speediac.
So
I
understand
a
lot
of
the
history
of
that
stuff
and
I
also
understand
really
really
well
how
these
things
actually
break
down
and
the
places
where
they're
actually
real
and
where
the
theater
and
there's
a
lot
more
theater
than
anyone
needs
to
talk
about.
E
D
E
F
Yeah,
I
was
thinking
maybe
starting
off
funneling
through
you,
ava,
where
it's
like.
If
there
are
specific
people
who
are
like
oh
yeah,
I
have
a
ton
on
that.
Then
we
can
add
them
in,
but
I
think
to
start
off
like
not
sort
of
send
it
out
a
huge
blast.
Unless
there's
like
specific
people
who
who
have
a
lot
to
sort
of
contribute,
no.