Skip to content

GitLab

Verified Commit 0533544d authored by Kristian Klausen's avatar Kristian Klausen 🎉
Browse files

Link to @shibumi blog post about "ephemeral certificates"

parent c136f961
Pipeline #13092 passed with stage
in 1 minute
Hide whitespace changes
Inline Side-by-side
docs/artifact-signing.md
View file @ 0533544d
......@@ -88,7 +88,7 @@ signing request and sign malicious artifacts
Pros:
* Better User Experience (single step verify via cosign verify-blob)
* Private keys are ephemeral, a later stolen private key is useless.
* Private keys are [ephemeral](https://shibumi.dev/posts/what-are-ephemeral-certificates/), a later stolen private key is useless.
* The key identity is strictly connected to the pipeline run
* Creation of rekor transparency logs happens automatically
* Transparency lookups are enforced by cosign
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment