<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en" style='--code-editor-font: var(--default-mono-font, "GitLab Mono"), JetBrains Mono, Menlo, DejaVu Sans Mono, Liberation Mono, Consolas, Ubuntu Mono, Courier New, andale mono, lucida console, monospace;'>
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>

<style data-premailer="ignore" type="text/css">
a { color: #1068bf; }
</style>


<style>img {
max-width: 100%; height: auto;
}
body {
font-size: .875rem;
}
body {
-webkit-text-shadow: rgba(255,255,255,.01) 0 0 1px;
}
body {
font-family: var(--default-regular-font, "GitLab Sans"),-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"; font-size: inherit;
}
</style>
</head>
<body style='font-size: inherit; -webkit-text-shadow: rgba(255,255,255,.01) 0 0 1px; font-family: var(--default-regular-font, "GitLab Sans"),-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";'>
<div class="content">

<h3 style="margin-top: 20px; margin-bottom: 10px;">
Chris Lamb pushed to branch master at <a href="https://salsa.debian.org/reproducible-builds/reproducible-website">Reproducible Builds / reproducible-website</a>
</h3>
<h4 style="margin-top: 10px; margin-bottom: 10px;">
Commits:
</h4>
<ul>
<li>
<strong style="font-weight: 600;"><a href="https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/6eea053b3e38ee8eaea325229c4d560f4bcaa980">6eea053b</a></strong>
<div>
<span> by Chris Lamb </span> <i> at 2024-07-10T17:44:49+01:00 </i>
</div>
<pre class="commit-message" style='white-space: pre-wrap; display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: #fbfafd; border-radius: 2px; margin: 0; padding: 8px 12px; border: 1px solid #dcdcde;'>2024-06: Fixup some spelling.
</pre>
</li>
</ul>
<h4 style="margin-top: 10px; margin-bottom: 10px;">
1 changed file:
</h4>
<ul>
<li class="file-stats">
<a href="#545162459d95dbc48bfe57398838a9a9aaac4d6b">
_reports/2024-06.md
</a>
</li>
</ul>
<h4 style="margin-top: 10px; margin-bottom: 10px;">
Changes:
</h4>
<li id="545162459d95dbc48bfe57398838a9a9aaac4d6b">
<a href="https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/6eea053b3e38ee8eaea325229c4d560f4bcaa980#545162459d95dbc48bfe57398838a9a9aaac4d6b"><strong style="font-weight: 600;">_reports/2024-06.md</strong></a>
<hr style="overflow: hidden; border: 1px solid #e1e1e1;">
<table class="code white" style="border-spacing: 0; border-collapse: collapse; width: auto; font-family: monospace; font-size: 90%;" bgcolor="#fff" width="100%" cellpadding="0" cellspacing="0">
<tr class="line_holder match" style="line-height: 1.6;">
<td class="diff-line-num unfold js-unfold old_line" data-linenumber="63" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">...</td>
<td class="diff-line-num unfold js-unfold new_line" data-linenumber="63" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">...</td>
<td class="line_content match" style="color: rgba(31,30,36,.24); padding: inherit;" bgcolor="#fbfafd">@@ -63,7 +63,7 @@ A total of three separate scholarly papers related to Reproducible Builds were p</td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="63" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
63
</td>
<td class="new_line diff-line-num" data-linenumber="63" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
63
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC63" class="line" lang="markdown"></span>
</pre></td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="64" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
64
</td>
<td class="new_line diff-line-num" data-linenumber="64" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
64
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC64" class="line" lang="markdown"><span class="p">[</span><span class="nv" style="color: teal;">*DiVerify: Diversifying Identity Verification in Next-Generation Software Signing*</span><span class="p">](</span><span class="sx" style="color: #d14;">https://arxiv.org/abs/2406.15596</span><span class="p">)</span> was written by Chinenye L. Okafor, James C. Davis and Santiago Torres-Arias also of <span class="p">[</span><span class="nv" style="color: teal;">Purdue University</span><span class="p">](</span><span class="sx" style="color: #d14;">https://www.purdue.edu/</span><span class="p">)</span> and is interested in:</span>
</pre></td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="65" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
65
</td>
<td class="new_line diff-line-num" data-linenumber="65" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
65
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC65" class="line" lang="markdown"></span>
</pre></td>
</tr>
<tr class="line_holder old" style="line-height: 1.6;">
<td class="old_line diff-line-num old" data-linenumber="66" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: inherit;" align="right" bgcolor="#f9d7dc">
66
</td>
<td class="new_line diff-line-num old" data-linenumber="66" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: inherit;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content old" style="padding: inherit;" bgcolor="#fbe9eb"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'>-<span id="LC66" class="line" lang="markdown"><span class="gt" style="color: #a00;">> Code signing enables software developers to digitally sign their code using cryptographic keys, thereby associating the code to their identity. This allows users to verify the authenticity and integrity of the software, ensuring it has not been tampered with. Next-generation software signing such as Sigstore and OpenPubKey simplify code signing by providing streamlined mechanisms to verify and link signer identities to the public key. However, their designs have vulnerabilities: reliance on an identity provider introduces a single point of failure, and the failure to follow the principle of least privilege on the client side increases security risks. We introduce Diverse Identity Verification (DiVerify) scheme, which strengthens the security guarantees of nextgeneration software signing by leveraging threshold identity validations and scope mechanisms.</span></span>
</pre></td>
</tr>
<tr class="line_holder new" style="line-height: 1.6;">
<td class="old_line diff-line-num new" data-linenumber="67" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: inherit;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="66" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: inherit;" align="right" bgcolor="#ddfbe6">
66
</td>
<td class="line_content new" style="padding: inherit;" bgcolor="#ecfdf0"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'>+<span id="LC66" class="line" lang="markdown"><span class="gt" style="color: #a00;">> Code signing enables software developers to digitally sign their code using cryptographic keys, thereby associating the code to their identity. This allows users to verify the authenticity and integrity of the software, ensuring it has not been tampered with. Next-generation software signing such as Sigstore and OpenPubKey simplify code signing by providing streamlined mechanisms to verify and link signer identities to the public key. However, their designs have vulnerabilities: reliance on an identity provider introduces a single point of failure, and the failure to follow the principle of least privilege on the client side increases security risks. We introduce Diverse Identity Verification (DiVerify) scheme, which strengthens the security guarantees of next<span class="idiff left right addition" style="background-color: #c7f0d2;">-</span>generation software signing by leveraging threshold identity validations and scope mechanisms.</span></span>
</pre></td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="67" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
67
</td>
<td class="new_line diff-line-num" data-linenumber="67" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
67
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC67" class="line" lang="markdown"></span>
</pre></td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="68" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
68
</td>
<td class="new_line diff-line-num" data-linenumber="68" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
68
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC68" class="line" lang="markdown"><span class="nt" style="color: navy;"><br></span></span>
</pre></td>
</tr>
<tr class="line_holder" style="line-height: 1.6;">
<td class="old_line diff-line-num" data-linenumber="69" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
69
</td>
<td class="new_line diff-line-num" data-linenumber="69" style="width: 35px; color: rgba(31,30,36,.24); border-right-width: 1px; border-right-color: #ececef; border-right-style: solid; padding: inherit;" align="right" bgcolor="#fbfafd">
69
</td>
<td class="line_content" style="padding: inherit;"><pre style='display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: inherit; border-radius: 2px; margin: 0; padding: 0; border: inherit solid #dcdcde;'> <span id="LC69" class="line" lang="markdown"></span>
</pre></td>
</tr>

</table>
<br>
</li>

</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #737278;">
—
<br>
<a href="https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/6eea053b3e38ee8eaea325229c4d560f4bcaa980">View it on GitLab</a>.
<br>
You're receiving this email because of your account on <a target="_blank" rel="noopener noreferrer" href="https://salsa.debian.org">salsa.debian.org</a>. <a href="https://salsa.debian.org/-/profile/notifications" target="_blank" rel="noopener noreferrer" class="mng-notif-link">Manage all notifications</a> · <a href="https://salsa.debian.org/help" target="_blank" rel="noopener noreferrer" class="help-link">Help</a>
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/6eea053b3e38ee8eaea325229c4d560f4bcaa980"}}</script>


</p>
</div>
</body>
</html>