PLAY PODCASTS
Episode 329 - Signing (What is it good for)

Episode 329 - Signing (What is it good for)

Open Source Security · Open Source Security

June 27, 202230m 54s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Josh and Kurt talk about what the actual purpose of signing artifacts is. This is one of those spaces where the chain of custody for signing content is a lot more complicated than it sometimes seems to be. Is delivering software over https just as good as using a detached signature? How did we end up here, what do we think the future looks like? This episode will have something for everyone to complain about!

Show Notes
← All episodes of Open Source Security