Navigating the Land of Git Commit Signatures With Gittuf - Patrick Zielinski & Yongjae Chung

Navigating the Land of Git Commit Signatures With Gittuf - Patrick Zielinski, Secure Systems Lab @ NYU & Yongjae Chung, New York University You’ve probably heard by now that Git supports signing your commits and the chorus encouraging you to sign your commits. There’s just a tiny little problem: what exactly do you do with those signatures? How do you know if a signature is legitimate? When a signing key needs to be rotated and is marked as untrusted, does that mean your entire Git history is “untrusted”? What makes a commit “Verified” on GitHub? Wonder no more. In this talk, we will discuss the state of Git commit signing today, and dispel the mysteries that surround making sense of commit signatures. We’ll look at how gittuf brings structure to commit signatures, and then uses these signatures to enforce a security policy on your repository.

Join Today
AI as Security Orchestrator: An Introduction To Darnit - Michael Lieberman, Kusari
▶︎

AI as Security Orchestrator: An Introduction To Darnit - Michael Lieberman, Kusari

Quantum Proofing Sigstore: A Tale of Three Approaches - Kevin Conner, Red Hat
▶︎

Quantum Proofing Sigstore: A Tale of Three Approaches - Kevin Conner, Red Hat

Git Will Finally Make Sense After This
▶︎

Git Will Finally Make Sense After This

Petra: SBOMs Without Oversharing for Confidential Supply Chain... Eman Abu Ishgair & Marcela Melara
▶︎

Petra: SBOMs Without Oversharing for Confidential Supply Chain... Eman Abu Ishgair & Marcela Melara

Why Aliens Would NEVER Invade Africa
▶︎

Why Aliens Would NEVER Invade Africa

Git and GitHub Tutorial for Beginners
▶︎

Git and GitHub Tutorial for Beginners

Stanford CS153 Frontier Systems | Scale, AGI, and the Future of Everything
▶︎

Stanford CS153 Frontier Systems | Scale, AGI, and the Future of Everything

Enforcing the OpenSSF Ecosystem With AMPEL - Adolfo García Veytia, Carabiner Systems
▶︎

Enforcing the OpenSSF Ecosystem With AMPEL - Adolfo García Veytia, Carabiner Systems

I Made Opus 4.8 and Fable 5 Build the Same App (RAW RESULTS)
▶︎

I Made Opus 4.8 and Fable 5 Build the Same App (RAW RESULTS)

Git Tutorial For Dummies
▶︎

Git Tutorial For Dummies

Android 17 sucks. So I put Linux on a phone.
▶︎

Android 17 sucks. So I put Linux on a phone.

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
▶︎

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker

Inside the Mind of Anthropic CEO Dario Amodei | The Circuit | Extended Interview
▶︎

Inside the Mind of Anthropic CEO Dario Amodei | The Circuit | Extended Interview

How To Think SO CLEARLY People Assume You're A Genius
▶︎

How To Think SO CLEARLY People Assume You're A Genius

Git Tutorial for Beginners: Learn Git in 1 Hour
▶︎

Git Tutorial for Beginners: Learn Git in 1 Hour

Keynote: Linus Torvalds, Creator of Linux & Git with Dirk Hohndel, Founder, DH Consulting
▶︎

Keynote: Linus Torvalds, Creator of Linux & Git with Dirk Hohndel, Founder, DH Consulting

This Sentence ENDS your career and NO ONE is allowed to tell you about it!
▶︎

This Sentence ENDS your career and NO ONE is allowed to tell you about it!

OSS-CRS: Next Generation Bug-Finding and Remediation for the LLM Era - Andrew Chin
▶︎

OSS-CRS: Next Generation Bug-Finding and Remediation for the LLM Era - Andrew Chin

Stop Prompting Claude. Use Karpathy's Method Instead.
▶︎

Stop Prompting Claude. Use Karpathy's Method Instead.

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones
▶︎

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones