David Runge
I am a freelance software developer working on various infrastructure related projects.
In my free time I am working on projects related to Arch Linux and also maintain a few packages for the distribution.
Session
09-26
15:15
40min
Boring infrastructure: Building a secure signing environment
David Runge
Many Linux distributions rely on cryptographic signatures for their packages and release artifacts. However, most of the used signing solutions either do not rely on hardware backed private key material or are run in untrusted environments.
This presentation will provide a general overview of the Signstar project, which is currently under development by Arch Linux to provide a generic signing solution based on a Hardware Security Module (HSM).
Main Hall