►
From YouTube: Sigstore: Using Transparent Digital Signatures to Help Secure the Software Supply Ch... Bob Callaway
Description
Sigstore: Using Transparent Digital Signatures to Help Secure the Software Supply Chain - Bob Callaway, Google
A
Thank
you
Brian
and
good
afternoon.
I!
Don't
I,
don't
know!
I,
don't
like
to
worry
about
big
fancy
titles,
but
I'm.
An
engineer
at
Google
I
lead
part
of
our
team
around
supply
chain
Integrity
for
for
open
source.
I
wanted
to
spend
a
few
minutes
to
talk
to
you
about
what
is
Sig
store.
A
It's
a
fast-growing
project
that
was
nice
to
see
a
few
hoodies
out
in
the
audience
already
of
wearing
the
six
store
logo,
I
thought
about
bringing
mine
but
had
enough
stuff
in
the
luggage,
but
I'll
take
you
through
kind
of
some
of
the
motivation
behind
why
we
created
the
project,
some
of
the
just
a
quick
high-level
view
of
the
architecture.
What
are
some
of
the
moving
pieces
and
some
of
the
wins
that
we've
had
in
terms
of
overall
adoption
over
the
past
several
months?
Slash
I!
A
Guess
it's
been
about
two
years
now,
since
we
started
it,
but
hopefully,
if
you're
sitting
in
the
room
today,
this
chart
you've
probably
seen
this
up
into
the
right
graph
of,
unfortunately,
a
rise
in
supply
chain
attacks.
This
comes
from
the
sonotype
state
of
the
software
supply
chain
report.
If
you
haven't
taken
a
look
at
that,
I
highly
recommend
it.
It
goes
into
great
depth
in
terms
of
some
of
the
nuance
and
challenge
that
exists
in
the
ecosystem
today.
A
But
the
long
story
short
is:
this
is
not
an
up
into
the
right
graph
that
you
want
to
show
an
executive.
This
is
unfortunate
in
to
the
state
of
much
of
Upstream.
Today
there
are
certainly
spots
where
we
see
projects
doing
the
right
things
and
that
are
not
largely
vulnerable
to
many
attacks,
but
unfortunately,
those
are
the
exceptions
to
the
rule
today,
and
so
events
like
solarwinds
or
codecov
or
Trojan
Source
I,
know
David
mentioned
typo.
Squatting
is
another
type
of
attack.
A
This
isn't
the
last
of
of
these
attacks
and
we're
going
to
see
many
more,
unfortunately,
in
the
in
the
months
to
come
so
you've
seen
the
industry
rise
to
say
how
do
we
solve
this
problem,
and
so
a
lot
of
where
the
conversation
in
the
Upstream
today
is
around,
let's
generate
better
information
about
what
is
the
state
of
the
supply
chain.
So
you
see
a
lot
of
conversation
around
s-bombs,
let's
create
s-bombs,
and
once
we
have
them,
we'll
we'll
be
good
right
yeah,
it
helps,
but
it's
not
necessarily
everything
build
provenance
understanding.
A
What
were
the
inputs
to
the
build?
What
were
the
outputs
from
the
build,
and
how
do
we
ultimately
get?
You
know
a
trusted
document
that
says
this
is
the
exact
sequence
of
of
steps
that
were
taken.
That
would
be
very
useful
in
a
lot
of
cases
to
understand
where,
where
the
possible
opportunities
for
tampering-
and
hopefully
there
aren't
any-
but
that
would
be
super
helpful
to
have
that
documented.
We
have
the
artifacts
themselves,
obviously
widely
available
vulnerability
scanners.
A
We
have
no
shortage
of
those
today
so
but
we're
quickly
evolving
in
the
industry
towards
having
lots
of
information
about
the
supply
chain.
A
We
need
to
be
able
to
trust
each
of
these
documents,
and
so
digital
signatures
are
a
technology
that
allows
you
to
bind
cryptographic
information
with
identity
information
and
put
that
together
to
say
well
for
a
given
artifact.
This
person
is
making
a
statement
that
this
is
what
they
saw
at
a
given
point
in
time,
and
if
you
choose
to
trust
the
author
of
that
digital
signature,
then
that
obviously
goes
towards
your
overall
trust
decision
around.
Whether
I
should
use
that
artifact
in
an
environment
or
not.
A
So
we
want
to
see
all
of
these
data
sources
all
of
these
signals
as
I
call
them.
Sometimes
we
want
them
to
exist,
but
we
want
them
to
be
digitally
signed
as
well,
so
that
we
can
understand
that
relation
around
who
made
who
generated
them
or
who
who's,
making
the
satisation
about
their
quality
and
ultimately
rise
that
up
into
a
higher
level
policy
decision.
So
I'm,
not
here,
to
tell
you
that
Sig
store
is
a
fundamentally
new
crypto
algorithm
or
a
nice
new
web
3
token
nft
thing
it's
none
of
that.
A
It's
the
same
digital
signature
technology
that
has
existed
on
the
public
internet
for
the
last
couple
decades.
The
problem
is,
is
that
not
many
people
in
the
Upstream
are
actually
using
them,
and
if
you
really
dig
into
that-
and
you
say
why-
there's
two
fundamental
challenges
that
are
frequently
pop
up-
one
is
around
the
developer.
Experience
I
would
ask
for
you
to
raise
your
hand
and
say:
have
you
ever
tried
to
use
pgp,
but
in
general,
I
know
how
this
sort
of
thing
goes.
A
Everybody
kind
of
goes,
I
tried
once
and
it
was
hard
or
I
didn't
understand
it.
Some
projects
do
use
pgp
successfully,
but
the
developer
experience
leaves
quite
a
bit
to
be
desired.
It's
complicated!
You
want
to
make
sure
that
you're
doing
something
like
this
correctly,
but
the
experience
is,
is
not
that
great.
The
second
problem,
if
you
want
to
go
down
this
path,
is
that
you
have
to
have
the
cryptographic
key
material
and,
if
I'm
going
to
generate
those
keys,
I
have
to
share
my
public
key
with
others.
A
A
Second,
is
storing
the
private
key
and
making
sure
that
only
I
have
access
to
the
private
key
in
in
the
kind
of
the
existing
paradigms.
You
would
generate
a
key
once
and
you
would
use
it
for
10
years,
20
years,
30
years,
which
is
fine
as
long
as
you
can
keep
it
secure
for
that
long.
But
what
we've
seen
in
the
industry
is
a
massive
shift
towards
short-lived
tokens
and
short-lived
key
material
which
helps
to
drive.
You
know
the
challenges
with
storing
that
key
material
down
quite
a
bit.
A
But
finally
key
compromise
does
happen.
Unfortunately,
and
the
question
is
not,
how
do
you
prevent
it
from
ever
happening?
But
frankly,
if
it
does
happen,
how
do
I
respond,
and
so,
when
people
look
at
this
overall
challenge
with
with
dealing
with
the
cryptographic
keys,
it
tends
to
shy
a
lot
of
people
away
from
using
digital
signatures.
A
This
notion
of
identity
is
also
a
fundamental
concept
within
digital
signatures
and
when
you
think
about
this
is
an
example
of
installing
a
Helm
chart
and
then
looking
at
the
pods
that
make
up
that
particular
deployment.
Well,
what's
the
identity
of
this
container
that
I'm
using
right?
It
goes
down
to
the
base
image
that
was
created
from
there's
the
identity
of
the
repository
itself.
Where
do
I
pull
the
signature
from
who
are
the
maintainers
of
the
dependencies
and
what
happens
if
I
don't
have
perfect
information
about
all
of
these?
A
A
Well,
the
good
news
is
that
we
have
evolved
as
an
industry
and
evolved
as
an
upstream
ecosystem
over
the
past
several
years,
and
so
these
are
just
six
trends
that
six
door
really
has
taken
advantage
of
and
helped
to
bring
together,
as
we've
built
a
solution
that
I'll
talk
to
you
here
in
a
second
about,
but
I
do
want
to
spend
a
minute
just
to
go
through
these
six,
because
they
are
really
the
the
fundamental
components
that
that
help
make
sigster
what
it
is
today.
So,
starting
on
the
left,
we
have
workload
identity.
A
A
Moving
clockwise
we've
seen
the
openid
connect
protocol
become
proliferated
across
the
internet.
So
whenever
you
go
to
a
website-
and
you
say,
I
want
to
log
in
with
Google
or
log
in
with
Facebook
or
log,
in
with
Twitter
you're,
using
the
openid
connect
protocol
to
securely
attest
to
your
identity
without
actually
sharing
the
credentials.
Your
username
and
password
with
the
website
that
you're
trying
to
access
ory
uses
that
same
underlying
technology,
around
openid
connect
to
help
share
identity,
information
between
the
developer
or
workload
and
the
signing
service.
A
But
we
need
to
do
that
in
a
privacy
conscious
way,
and
so
we've
seen
the
rise
of
many
new
techniques
within
the
confidential
Computing
space
as
well
that
we're
starting
to
to
embrace.
A
But
all
of
that's
great,
let's
say
that
we
digitally
sign
an
artifact
and
and
David's
I'll
just
pick
on
him.
David
signs
an
artifact
and
he
wants
to
give
it
to
somebody.
Well,
what
happens
if
I
steal,
David's
key
I
sign
an
artifact
with
malware
in
it
and
I
hand
it
to
somebody
else.
It's
that
same
person.
A
This
isn't
published
in
the
database.
I
shouldn't
trust
it
even
if
it's
signed
with
David's
key,
if
I'm
not
willing
to
attest
to
that
publicly.
That's
probably
a
decent
sign
that
this
there's
something
going
on
here
that
should
raise
a
red
flag
and
then
finally
kind
of
completing
the
circle.
We've
also
seen
a
rise
of
automation,
around
certificate
authorities
and
making
it
much
easier
to
get
certificates
largely
this
has
happened
in
the
SSL
or
the
TLs
space,
but
we're
starting
to
see
that
adapt
more
widely
and
then.
A
Finally,
with
a
project
like
the
update
framework,
which
is
a
graduated
cncf
project,
we're
actually
able
to
deal
with
the
end-to-end
management
of
Distributing
artifacts,
as
well
as
with
their
cryptographic
material
down
to
a
consumer
that
mitigates
a
variety
of
threats
and
that
project
has
kind
of
grown
up
over
the
past
several
years
and
now
getting
wider
spread
use
in
the
industry.
So
all
of
these
things
kind
of
came
together
at
the
perfect
time
and
with
the
six
door
Community
we
said
our
mission
is
what
let's
encrypt
did
for
the
TLs
certificate
ecosystem.
A
We
want
to
do
that
for
software
signing
or
artifact
signing
in
general,
and
what
does
that
really
break
down
into
meaning
three
things
number
one?
We
want
that
process
of
getting
digital
signatures
and
verifying
them
to
be
as
easy
as
possible.
We
want
it
to
be
free,
we
want
it
to
be
simple
and
we
want
it
to
be
intuitive
so
that
people
actually
take
advantage
of
the
technology.
A
Second,
we
want
to
make
sure
that
it's
widely
used
everywhere
and
part
of
that
is
through
automation.
So
we
need
to
leverage
these
Trends
around
certificate,
Authority,
Automation
and
the
Acme
protocols.
We
want
to
make
sure
that
those
are
actually
brought
forward
in
this
project
to
make
sure
that
this
system
is
widely
used
and
that
kind
of
gets
to
the
last
bullet
point
is
we
want
digital
signatures
to
be
used
everywhere
throughout
the
software
supply
chain?
They
don't
solve
every
single
Attack
under
the
under
the
sun.
A
You
can
still
sign
things
with
malware,
but
if
we
aren't
using
digital
signatures
as
a
as
a
you
know,
predominant
tool
in
our
in
our
toolbox,
then
we're
really
missing
an
opportunity
to
mitigate
a
large
variety
of
threats
that
exist
today.
So
very
long-winded
way
of
saying
all
right.
What
is
six
store,
so
Sig
store
is
a
way
to
pull
together
many
of
these
different
Technologies
to
make
it
easy
to
use
digital
signatures,
but
Sig
store
itself
is
a
very
much
an
umbrella
term.
A
It's
a
set
of
projects
that
have
evolved
and
that
are
part
of
the
open
ssf.
It's
also
a
set
of
services
that
are
freely
available
to
individual
developers
or
systems
out
on
the
web,
and
it
also
refers
to
a
community,
so
I'll
go
through
each
of
these
in
a
little
bit
of
detail,
so
the
projects
there
are
different
categories
of
projects.
We
have
two
major
server-side
components.
A
One
is
a
transparency
log
that
I
talked
about
before,
and
the
second
is
a
is
a
certificate
Authority,
the
other
class
of
projects
we
have
are
really
around
the
clients.
Again,
we
want
to
make
digital
signatures
easy
to
use
and
when
you
go
and
you
approach
a
Java
community-
and
you
say
hey,
we
would
love
to
see
digital
signatures
used
more
aggressively
in
the
Java
ecosystem.
A
A
They
don't
necessarily
have
the
means
to
to
spend
that
money
to
get
a
code
signing
certificate,
not
to
mention
they
don't
know
how
to
or
don't
want
to
store
a
key
material.
So
we
wanted
to
stand
up
instances
of
our
Sig
store
services
available
for
free
for
the
public
good,
but
we
also
want
to
recognize
that
those
Services
may
not
meet
every
single
use
case.
So
we
do
have
the
ability
for
end
customers
or
individuals
on
the
web
to
run
instances
of
these
projects
themselves
within
their
own
environment.
A
They
don't
have
to
use
our
public
instances
if
they
don't
choose
to.
So
we
want
to
be
very
open
and
interoperable
with
different
environments
and
different
Frameworks
as
we
go
to
deploy
this
out,
but
for
our
public
instances.
We
want
them
to
be
run
by
the
community,
because
it's
important
that
they
are
are
vendor
neutral,
that
it's
not
like,
oh
well,
I'm,
using
Google
for
this
or
I'm
using
meta
for
that
or
Amazon
for
this
people,
fundamentally
trust
neutral
instances
and
that's
what
we've
learned
from
the
experience
with
let's
encrypt
and
the
isrg.
A
A
The
pagers
did
wake
me
up
at
3
A.M
this
morning
for
an
issue,
so
they
they
actually
are
working
and
we
did
have
a
team
that
responded
very
quickly
to
a
very
a
very
minor
issue,
but
in
general
we
we
have
that
again,
multi-vendor
team.
That's
that's
been
pulled
together
to
run
that
for
the
good
of
the
ecosystem
and
then
finally,
we're
part
of
the
open,
ssf,
obviously
I'm
here
today,
but
we
have
the
support
of
the
foundation
and
helping
to
to
bring
forward
many
of
these
projects
together
around
many
of
these
different
ecosystems.
A
So
we
get
a
lot
of
support
and
we
have
a
lot
of
Engagement.
We
have
we're
one
of
the
top
25
largest
Linux
Foundation
projects,
and
we
were
really
only
about
two
years
old
now.
So
it's
been
just
a
massive
growth
and
interest
across
the
entire
community,
so
we
have
regular
meetings,
regular
office
hours.
A
We
we're
introducing
the
concepts
of
sigs
that
people
can
come
and
engage
in
the
community
in
different
areas
where
they
might
be
specifically
interested
and
so
over
those
two
years,
six
door
has
luckily
started
to
become
more
widely
adopted
across
the
supply
chain.
So
just
a
couple
examples
here:
this
is
a
bit
of
a
just
a
logo
chart
the
couple
that
I'll
call
out
here
are
the
open
source
communities,
so
we've
seen
the
npm
community.
So
this
is
the
large
JavaScript.
A
The
largest
programming
language
on
the
planet
is
has
published
a
request
for
comments,
draft
to
their
Community,
saying
that
they
are
going
to
not
only
use
Sig
store
to
sign
their
artifacts,
but
they're
also
going
to
use
it
to
sign,
build
Providence
that
are
going
to
be
coming
out
of
their
their
cloud-hosted
systems.
A
We
have
the
python
community
that
has
started
to
sign
their
releases
of
the
actual
python
interpreter
with
sigstore,
and
so,
if
you
go
to
python.org
right
now,
you
can
actually
see
the
verification
instructions
that
come
along
with
using
Sig
store
as
part
of
that
and
then
finally,
we
have
the
maven
Central
group-
that's
largely
funded
out
of
sonotype,
but
it
is
an
open
effort
that
has
been
aggressive
to
help
adopt
Sig
sort
technology
for
the
Java
ecosystem,
and
so
there
are
some
recent
presentations
that
you
can
find
on
YouTube
that
go
into
a
much
greater
detail
around
how
we're
working
with
the
Java
Community
to
actually
replace
pgp
and
become
the
primary
source
of
use
of
digital
signatures
within
the
Java
ecosystem.
A
So
that's
that's
all
amazing
to
quickly
go
technical
for
a
second
I
mentioned
these
kind
of
three
different
components:
the
transparency
log,
the
certificate
Authority
and
then
our
tooling,
the
workflow.
A
Essentially,
if
you're
a
developer
or
workload,
goes
something
like
this
you'll
launch
a
a
a
utility
in
your
language
of
choice
to
essentially
say
I'd
like
to
make
a
signature
and
I
either
have
access
to
key
material
through
KMS
or
through
access
to
a
Hardware
security
module
or
maybe
I,
don't
want
to
actually
deal
with
that
at
all
and
I
just
need
some
very
short-lived
keys
and
so
that
client
utility,
which
we
refer
to
here
as
a
as
cosine,
see
if
my
laser
works
here,
will
ultimately
deal
with
the
interaction
with
the
other
parts
of
the
system
and
hopefully
make
that
experience
very
easy
and
simple.
A
So
that
you
understand
what's
going
on
once
you
generate,
you
have
the
artifact
that
you
want
to
sign.
You
need
to
go
talk
to
the
code
signing
certificate
Authority,
and
this
is
again
is
what
binds
the
identity
of
a
workload
or
the
identity
of
a
developer
with
the
key
material,
so
that,
when
I
go
back
to
verify,
I
understand
that
linkage
is
part
of
my
overall
trust
model
and
then,
finally,
once
I
actually
sign
the
artifact.
A
I
need
to
go
put
it
inside
of
this
transparency,
log
and
so
end
users
once
they
are
verifying
signatures.
They
also
need
to
verify
that
the
signature
is
included
in
the
log
so
that
they
have
that
assurance
that
they're
not
vulnerable
to
a
split
view
attack.
So
these
are
the
major
moving
pieces.
Cosine
is
probably
our
most
popular
client
at
this
point,
but
again
we
do
have
support
for
Python
and
Java
and
rust
and
Ruby,
and
many
of
the
other
major
ecosystems
as
well
from
a
operating
mode
perspective.
A
What
we
call
keyless
model
akin
to
the
serverless
model,
where
we
can
dynamically
generate
Keys
use
them
for
a
matter
of
seconds,
put
them
onto
the
log
so
that
they're
persistent
forever
and
then
actually
delete
them
from
memory,
so
that
we
don't
have
to
worry
about
the
compromise
of
a
private
key.
And
so
we
have
a
very,
very
flexible
deployment
model
where
we
can
interoperate
in
a
variety
of
different
situations,
which
is
really
why
Sig
store
has
emerged
as
as
popular
as
it
has.
So.
A
In
closing,
what
I
would
encourage
you
to
do
is
learn
more
about
Sig
store.
We
have
a
presentation
coming
up
shortly,
which
will
help
with
that.
But
ultimately
we
are
a
fast-growing
Community
with
starting
to
see
a
much
greater
set
of
projects
and
ecosystems
adopt
us.
It
doesn't
matter
whether
you're
not
a
golang
programmer.
We
actually
have
work
in
many
different
languages
where
you
can
come
and
get
engaged
and
get
involved.
Our
community
is
also
very
diverse.
A
We
have
folks
engaged
from
Academia,
we
have
you
know
Masters
and
PhD
students
that
are
contributing.
We
have
many
different
large
corporations
and
small
corporations
that
are
ultimately
contributing
in
this
community
and
we
are
really
having
a
big
impact
out
there
today,
as
evidenced
by
the
the
work
within
the
kubernetes
ecosystem,
the
python
ecosystem
Etc.
So
we
point
you
to
our
website.
We
have
documentation,
we
have
a
slack
Channel.
We
have
a
Blog
with
regular
updates.
So
all
of
those
are
available
for
you
to
learn
more
about
what
we're
doing
with
six
store.