The Sigsum Project

Sigsum is a free and open source software project that brings transparency logging to signed checksums. The overall design is kept general by not logging a more concrete data structure like TLS certificates.

Sigsum logging can be used to make a signer’s key-usage transparent. For example, malicious and unintended key-usage can be detected. Transparent key-usage also facilitates verification of falsifiable claims.

Examples include:

Please refer to the sigsum logging design document, API specification, and public prototype to learn more. There is also an archive of meeting minutes and discuss pads. All project repositories are located at git.sigsum.org.

Contact

Chat

Chat with users and developers on IRC or Matrix. The rooms are bridged so it does not matter which one you choose.

There are open video/voice meeting on Tuesdays at 1200 UTC, in the ‘sigsum’ Jitsi room.

Email

Subscribe to the sigsum-general mailing list by sending an empty email to

sigsum-general+subscribe@lists.sigsum.org

and follow the instructions received in response. To unsubscribe, send an empty email to

sigsum-general+unsubscribe@lists.sigsum.org

To retrieve help on how to manage your subscription further, send an empty email to

sigsum-general+help@lists.sigsum.org

You can provide feedback, report issues, and submit patches by sending an email to sigsum-general@lists.sigsum.org.

Sponsors