logo

Maintaining TUF, a Talk

2023-04-21

Authors:   Lukas Pühringer, Joshua Lock


Abstract

The Update Framework (TUF) is a framework for secure content delivery and updates. It protects against various types of supply chain attacks, and, in contrast to many other systems, provides resilience to compromise. TUF’s design has been described in many previous talks at KubeCon and elsewhere. This maintainer track session, for the first time, is indeed all about maintaining TUF. The two core project members, Joshua and Lukas, will share their insights into the organization, which consists of a specification, a standardization process, and a steadily growing number of implementations. They will talk about the different needs of the various subprojects, and show-case these efforts by walking through the recent reference implementation rewrite. Finally, they will point out the many avenues that exist for you to contribute to TUF. Because behind TUF stands a welcoming community, which is constantly looking for new people who are excited about a secure software supply chain.

Materials:

Post a comment