PowerBI Data Analyst - Create visualizations and dashboards from scratch
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the concept of "trusted publishing" in this 24-minute conference talk by William Woodruff from Trail of Bits, presented at OpenSSF. Gain a developer-focused introduction to the OpenID Connect-based authentication scheme successfully implemented by PyPI to reduce reliance on manual API tokens. Discover how thousands of packages, including critical Python packages, have adopted trusted publishing to enhance security and auditability in the Python ecosystem. Delve into a two-part discussion: first, examine the high-level overview of trusted publishing, its use of ephemeral OpenID Connect credentials, and its security advantages over traditional authentication methods. Then, dive into the technical details of PyPI's implementation, addressing challenges with OIDC, multiple identity provider support, threat model considerations, and potential future integrations with code-signing schemes like Sigstore.
Syllabus
Trusted Publishing: Lessons from PyPI - William Woodruff, Trail of Bits
Taught by
OpenSSF