YoVDO

PGP vs Sigstore - The Match at Maven Central

Offered By: Devoxx via YouTube

Tags

Devoxx Courses Software Security Courses Sigstore Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the world of software artifact signing in this informative conference talk comparing PGP and sigstore for Maven Central. Dive into the challenges of PGP key management for signing libraries and verifying dependencies to prevent software supply chain issues. Learn about the sigstore project, which promises easier keyless signatures, and its potential to revolutionize package registry security. Discover how sigstore works and its expected improvements for both signing and verification processes at Maven Central. Gain insights from Hervé Boutemy, a long-time Maven Committer and Apache Software Foundation member, as he shares his expertise on enhancing user experience in Maven.

Syllabus

PGP vs sigstore: the match at Maven Central by Hervé Boutemy


Taught by

Devoxx

Related Courses

Play by Play: Developing Microservices and Mobile Apps with JHipster
Pluralsight Software Archaeology - Learning from the Landing on the Moon
Devoxx via YouTube Create an Eco-Friendly World with Green Software Engineering
Devoxx via YouTube Platform Building for Data Mesh - Show Me How It Is Done
Devoxx via YouTube The Hitchhiker's Guide to Software Architecture and Design
Devoxx via YouTube