Closed Foxboron closed 2 years ago
I actually was collecting a list of papers for some interested people in slack! :+1:
Yeah this would be great!
I made a first pass on this in #201 but I was not able to find this list of papers in Slack you mentioned @SantiagoTorres — I think it's because we can no longer search into the Slack past
Using Transparency Logs to secure Supply Chains has a had several research papers and projects published since around 2016. It would probably be a good idea to document them for historical context?
Software Distribution Transparency and Auditability
Contour: A Practical System for Binary Transparency
Reproducible Builds: Break a log, good things come in trees
I'm sure @SantiagoTorres also has some more suggestions :)
I'm sure a section like this would be useful in the future when there are research being done utilizing sigstore