Benjamin

Software transparency is a proposal to make some attacks by a compromised archive detectable. In this session, we will do a quick recap of the current software transparency architecture proposal and then discuss how to proceed. The possible areas of idea collection and discussion include: - the current state of the implementation, what works, what doesn't - being helpful for reproducible builds - integration within libapt - interface to dak

Software transparency is an effort to improve on the cryptographic signatures of the APT package manager by introducing a Merkle tree transparency log for package meta data and source code, similar to certificate transparency. This allows us to provide two security properties: The detection of targeted backdoors introduced by a malicious archive and the validation of the reproducible builds property. We present an overview of the architecture and report on the progress made since DebConf18, which includes: - (almost) removing online operations for the client - secured mirror available - compatibility to Certificate Transparency gossip hub to defend against equivocation attacks There are also lots of things that still need to be done, and we will talk about that as well!