sigstore / sigstore-website

Codebase for sigstore.dev
https://sigstore.dev
Apache License 2.0
26 stars 74 forks source link

Add research / historical section to documentation #93

Closed Foxboron closed 2 years ago

Foxboron commented 2 years ago

Using Transparency Logs to secure Supply Chains has a had several research papers and projects published since around 2016. It would probably be a good idea to document them for historical context?

Software Distribution Transparency and Auditability

Contour: A Practical System for Binary Transparency

Reproducible Builds: Break a log, good things come in trees

I'm sure @SantiagoTorres also has some more suggestions :)

I'm sure a section like this would be useful in the future when there are research being done utilizing sigstore

SantiagoTorres commented 2 years ago

I actually was collecting a list of papers for some interested people in slack! :+1:

dlorenc commented 2 years ago

Yeah this would be great!

ltagliaferri commented 2 years ago

I made a first pass on this in #201 but I was not able to find this list of papers in Slack you mentioned @SantiagoTorres — I think it's because we can no longer search into the Slack past