[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Exposing the code signing audit log as a CT log


I wanted to clarify what I asked about in the talk's Q&A (though I talked
with Helen about it): I didn't mean logging our signed binaries in a WebPKI
CT log, as interacting with the WebPKI folks can indeed get quite
political, but adding the necessary code in [code-signing] to expose its
audit log not only as PostgreSQL dumps, but also as a CT log.

The main advantage would be that it would be easier for Debianites to
mirror and audit the log, as a number of us already operate infrastructure
that can deal with CT; for instance, Q runs a WebPKI auditor, and I myself
run CT log monitoring for a number of non-WebPKI logs.

Benjamin Hof, who gave a talk a few days ago about securing software
delivery with append-only logs, was also able to confirm that more and more
users are settling on CT as a unified API/format to expose the data.

If there is no opposition, I would be quite willing to write the necessary
code, tests, and point my CT monitor at it.  :)



[code-signing]: https://salsa.debian.org/ftp-team/code-signing

Attachment: signature.asc
Description: PGP signature

Reply to: