Securely distributing and signing WebAssembly modules using OCI and TUF

added by DotNetKicks
11/4/2019 4:08:39 PM

156 Views

Attacks on software repositories happen all the time, and any future WebAssembly repository and client tooling should be prepared to mitigate these attacks. In this article we will explore a minimum security model for WebAssembly registries and client tooling based on The Update Framework, and how to integrate this model when distributing WebAssembly modules using OCI registries.


0 comments