Home / Companies / JFrog / Blog / Post Details
Content Deep Dive

Free for the Community, Built by JFrog: Introducing the DSSE Attestation Online Decoder

Blog post from JFrog

Post Details
Company
Date Published
Author
Yonatan Arbel, JFrog Developer Advocate
Word Count
364
Company Posts That Month
10
Language
English
Hacker News Points
-
Summary

Attestations play a crucial role in ensuring software supply chain security, but the process of verifying these attestations can be cumbersome without the right tools. JFrog has introduced a free DSSE Attestation Online Decoder, aimed at simplifying the verification of DSSE (Dead Simple Signing Envelope) envelopes, a standard JSON format for attesting software supply chain security. The tool allows users to easily decode and verify DSSE envelopes by pasting the JSON and, if desired, a public key for signature verification, making the evidence payload human-readable within seconds. This innovation supports compliance with global regulations and enhances workflows related to SLSA provenance, in-toto verification, and Sigstore, while also integrating with JFrog's automated evidence collection for governance, risk, and compliance efforts.

Trends Found in this Post

No tracked trend matches for this post yet.