Open
Description
In Speranza (https://dl.acm.org/doi/pdf/10.1145/3576915.3623200) it is argued that Sigstore has a developer identity privacy leakage problem and a privacy friendly solution is proposed, but it also inevitably compromises the transparency that Sigstore provides.
How does everyone feel about transparency and privacy, please?
My personal view is that if transparency is compromised, there could be more serious security consequences.
Metadata
Metadata
Assignees
Labels
No labels