Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Arch Linux
infrastructure
Commits
0533544d
Verified
Commit
0533544d
authored
Nov 14, 2021
by
Kristian Klausen
🎉
Browse files
Link to
@shibumi
blog post about "ephemeral certificates"
parent
c136f961
Pipeline
#13092
passed with stage
in 1 minute
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
docs/artifact-signing.md
View file @
0533544d
...
...
@@ -88,7 +88,7 @@ signing request and sign malicious artifacts
Pros:
*
Better User Experience (single step verify via cosign verify-blob)
*
Private keys are ephemeral, a later stolen private key is useless.
*
Private keys are
[
ephemeral
](
https://shibumi.dev/posts/what-are-ephemeral-certificates/
)
, a later stolen private key is useless.
*
The key identity is strictly connected to the pipeline run
*
Creation of rekor transparency logs happens automatically
*
Transparency lookups are enforced by cosign
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment