ThreadSky
About ThreadSky
Log In
webappsec.dev
•
101 days ago
Indeed signatures have different security properties, but since trusting a signature is an opt-in feature, I'm not worried about this.
Comments
Log in
with your Bluesky account to leave a comment
[–]
webappsec.dev
•
101 days ago
Also Signatures allows for nice advanced code provenance use cases like removing the CDN form the TCB by signing an OSS build in a github workflow and have the CDN pass on the pubkey.
0
reply
Posting Rules
Be respectful to others
No spam or self-promotion
Stay on topic
Follow Bluesky's terms of service
×
Reply
Post Reply
Comments