Loading…
Attending this event?
19 September 2024
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for SOSS Community Day Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central Europe Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

The schedule is subject to change.
← Back to schedule
Securing Content Distribution with RSTUF, an Incubating OpenSSF Project - Kairo De Araujo, TestifySec & Martin Vrachev, Open Source Contributor
Thursday September 19, 2024 14:40 - 15:00 CEST
Room 3.29-3.30
As part of OpenSSF, led by the Securing Software Repositories Working Group, one of the goals has been securing content distribution. The Update Framework (TUF) has been a prime reference for secure content delivery and updates for many years. Despite its popularity, integrating with existing repositories remains challenging. Repository Service for TUF (RSTUF) is the first project to implement a generic TUF application to make general TUF adoption easier for any content repository. Lately, as a recognition of the progress, RSTUF was promoted as an "incubating" project. In this talk, we will present RSTUF and update you with all the latest news about the project and how to secure content distribution by sharing use cases: - How PyPI and RubyGens are adopting RSTUF to secure their package repositories - RSTUF securing private repositories - Archivista, a storage for in-toto attestation secured by RSTUF
Speakers
avatar for Kairo De Araujo

Kairo De Araujo

Senior Software Engineer - Open Source, TestifySec
Kairo is a Senior Open Source Engineer at TestifySec. Kairo contributed to python-tuf and is the author of Repository Service for TUF (RSTUF). Past roles include Senior Open Source Software Engineer at VMware OSPO, Senior Software Engineer at IBM, ING, Forescout, and a former System... Read More →
avatar for Martin Vrachev

Martin Vrachev

Open Source Contributor
Martin Vrachev is an Open Source contributor. He was part of the VMware Open Source Program Office on the Security Supply Chain team. His contributions include multiple Open Source security projects solving a variety of problems. His latest work is focused on secure software supply... Read More →
Thursday September 19, 2024 14:40 - 15:00 CEST
Room 3.29-3.30
  Breakout Sessions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link