[$] Eliminating long-lived credentials with trusted publishing (lwn.net)
<p><a
href="https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/">Trusted
publishing</a> is an authentication mechanism that relies on
short-lived credentials to reduce the risk of supply-chain attacks. At
the 2026 <a
href="https://events.linuxfoundation.org/open-source-summit-north-america/">Open
Source Summit North America</a>, Mike Fiedler walked the audience
through why trusted publishing exists, how it works, and made the case
for its adoption. It is not a silver bullet against all attacks, but
it does offer protection against theft of long-lived credentials used
to publish to package registries.</p>
href="https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/">Trusted
publishing</a> is an authentication mechanism that relies on
short-lived credentials to reduce the risk of supply-chain attacks. At
the 2026 <a
href="https://events.linuxfoundation.org/open-source-summit-north-america/">Open
Source Summit North America</a>, Mike Fiedler walked the audience
through why trusted publishing exists, how it works, and made the case
for its adoption. It is not a silver bullet against all attacks, but
it does offer protection against theft of long-lived credentials used
to publish to package registries.</p>
Comments