-
Google's `pilot` CT log contains 17M certs. The `certificates` table of the observatory contains 1.7M certs and uses 2.1GB of space. Loading the entire CT log would only consume 21GB, which is perfect…
-
### What is the issue?
I am a freeloader home user who decided to host the service myself using `headscale` to not stress your systems without paying.
Headscale is working fine on my linux boxes u…
-
For quite a long time Chrome has checked CT for EV certificates, very soon they will do the same for OV and DV certificates.
It seems it would be good to add a (W) or (N) when the CT policy of chro…
-
# Request
Start publishing armored signature files for binaryen artifacts. E.g. for `binaryen-version_118-aarch64-linux.tar.gz` add `binaryen-version_118-aarch64-linux.tar.gz.asc` file so that the or…
-
[Sigstore](https://www.sigstore.dev) exists to verify whether a deployed dependency was signed by the author. Detecting whether a detected dependency was signed by Sigstore would allow downstream tool…
-
We hit an error with a unit test we had in Kubernetes and started looking at the impact on end users of kubernetes if the problem is not resolved by the time kubernetes 1.24 is released. More context:…
dims updated
3 months ago
-
Add a new report that tracks the adoption and share of detected technologies.
Reports currently fall into timeseries and histograms, so we many need a new report template that handles more custom w…
-
Do we want the MPIC service to sign its responses as evidence.
-
Howdy! We just had to turn off release attestations to get our releases running in [langchain-ai/langchain](https://github.com/langchain-ai/langchain). Haven't had a chance to dig deeper into attestat…
-
Hi @mayaCostantini , the guide which you wrote is very helpful for local sigstore setup.
I have configured the keycloak and fulcio as mentioned, but Im getting the below error.
main.go:74: error…