secure software distribution in an adversarial world
TRANSCRIPT
Secure Software Distribution in an Adversarial World
@diogomonica
🔐💾↔👹🌎
source: edharrington.tumblr.com
Isn’t HTTPS enough?
What about GPG?
3 months later…
“A software update system is secure if it can be sure that it knows about the latest available updates in a timely manner, any files it downloads are the correct files, and no harm results from checking or downloading files.”
- The Update Framework
•Freshness •Signed collections •Key Hierarchy •Transparent key rotation •Threshold signing
Freshness
Freshness
Signed Packages Signed Collection
Signed Collections
Key Hierarchy
Key Hierarchy
Short Expiry
Long Expiry
Less Sensitive
More Sensitive
Key Hierarchy
Transparent Key Rotation
Transparent Key Rotation
offline
online
Transparent Key Rotation
Transparent Key Rotation
Threshold Signing
Threshold Signing
Use The Update Framework (TUF)
theupdateframework.com
Notary, an opinionated implementation of TUF
github.com/docker/notary
When the going gets tough, get TUF going
Thank you@diogomonica