Updating software securely is a hard problem that we don't necessarily think about much of the time. This talk covers the history of a solution to this problem from its origins in updating the Tor browser securely to the most common method used to sign containers at scale.
The Update Framework and Notary, the most widely used implementation, are currently going through the process of being accepted as a CNCF project.
YOU MAY ALSO LIKE:
The Update Framework and Notary: from Tor to Cloud Native
I am working on distributed systems, microservices, LinuxKit, unikernels, containers, security, open source, systems software, and all the bits that glue these together and the changes these are undergoing. I am a maintainer and contributor on many open source projects.