Jan 19, 2022

Written by Hayden Blauzvern, Asra Ali

Sigstore: Bring-your-own sTUF with TUF

Users of Sigstore may want to leverage Sigstore tools and infrastructure, but may not want want to rely on Sigstore’s root of trust or all of the components of the public infrastructure. For example, a company may want to maintain a private transparency log for all internal build information but only make entries to a public log for published releases. Or, a user may not want to include their email addresses in a public certificate transparency log.

Tags:  sigstoresecurityopensourcesoftwaresupplychain

Jan 10, 2022

Written by Santiago Torres-Arias

Celebrating 1,000,000 entries in Rekor

We’ve finally reached a million entries! We hit a million entries by the end of 2021: rekor-cli get — log-index 1000000 LogID: c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d Index: 1000000 IntegratedTime: 2021–12–27T21:34:27Z UUID: abb93264122dc2eb6da3ac77957978dda3ceb3521ab52cdff8490b23eaf791c1 As a double milestone — the turn of the year and the next order of magnitude — this is a good opportunity to look into what’s become of the Sigstore ecosystem since its inception. Throughout the last year, we’ve seen a lot of different initiatives, new types of signatures added, tools, major features, and more from the whole community.

Tags:  sigstoresoftwaresupplychainsoftwareengineering

Oct 29, 2021

Written by Dan Lorenc

Spooky Updates for Sigstore!

October is almost done, so it’s time for another update! The supply chains are clearly haunted, so this one has a spooky theme. The community is still growing quickly, and the fancy new “Contributor Strength” dashboard reflects it! In other numbers, we’re at 820 commits from 85 committers, and our slack channel has reached 710 members! Keep the PRs coming everyone! The Sigstore talk at Kubecon went very well, and the Sigstore booth was a huge success!

Tags:  sigstoreinfosecsecurity

Oct 1, 2021

Written by Luke Hinds

Sigstore project update — September 2021

Well another month has passed and as per usual in the sigstore world, a lot has happened! Since our last update in August we have over double the amount of contributors working on sigstore! There has been a leap from 46 to 98! wow! KubeCon NA 20201 sigstore will be at KubeCon North America with it’s own booth, so if you’re in person at the event, come and say hi! We will be at booth number S86

Tags:  sigstoresecuritydevsecops

Aug 31, 2021

Written by Luke Hinds

Sigstore Project Update — August 2021

Welcome to our project update for August. As always the community is continuing to expand. We are now close to 600 members in our slack workspace. We now have 46 contributors and are growing each day. The month of August saw 254 commits and 526k lines of code were changed! Lots of exciting things are happening, read more for our project updates and our presence at KubeCon, NA. cosign Cosign hit 1.

Tags:  sigstoresecuritydevsecops