ietf-wg-scitt / draft-ietf-scitt-architecture
An Architecture for Trustworthy Digital Supply Chain Transparency Services
☆11Updated this week
Related projects: ⓘ
- Attestation verification services based on Veraison components☆24Updated this week
- TUF repository for Sigstore trust root☆84Updated this week
- A specification for signing methods and formats used by Secure Systems Lab projects.☆66Updated last week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆30Updated 8 months ago
- A specification including, problem statement, use cases, requirements, and architectural constituents for a Transparency Service in suppo…☆14Updated last year
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆53Updated 2 years ago
- Source Code Transparency☆11Updated 11 months ago
- Attestation and Secret Delivery Components☆58Updated this week
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆18Updated last week
- A TUF repository and signing tool☆20Updated this week
- ☆56Updated 2 months ago
- Cryptography Bill of Materials☆51Updated this week
- A CLI tool for creating secure by design/default source repos.☆24Updated last month
- SCITT API Emulator☆10Updated 3 weeks ago
- This repository stores meetings minutes for the SPDX project☆25Updated last week
- Formal specification of attestation mechanisms in Confidential Computing☆14Updated 3 weeks ago
- Protocol Buffer specifications☆22Updated last week
- Making transparency normal!☆24Updated 9 months ago
- The model for the information captured in SPDX version 3 standard.☆68Updated last week
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆32Updated last year
- Supply Chain Integrity Transparency and Trust ledger application using Confidential Consortium Framework (CCF)☆35Updated last week
- Log monitor for Rekor to verify immutability and monitor entries☆24Updated this week
- ☆17Updated 3 weeks ago
- Technical Advisory Council☆107Updated last week
- Check SPDX SBOM for NTIA minimum elements☆52Updated 2 weeks ago
- A proof-of-concept SLSA provenance generator for Jenkins☆18Updated last month
- TACOS framework structural details☆19Updated 9 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆42Updated last year
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated this week
- Find & pull public SBOMs☆13Updated 3 weeks ago