Loading…
Open Source Summit + Embedded Linux Conference North America... has ended
May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
One Signature To Rule Them All: Portable Supply Chain Verification With Zarf - Brandt Keller, Defense Unicorns
Monday May 18, 2026 1:30pm - 2:10pm CDT
200G (Level Two)
Signed software creates assurances around the integrity and authenticity of how it was produced and by whom. But signing alone is not inherently valuable. The ability to verify the signature in a meaningful way elevates the process to complete the trust cycle.

Blend this idea with many disparate signing mechanisms, add the many layers of exchange as software changes hands and where the software ultimately needs to resolve verification, combine it with many different types of artifacts, and you end up with a complex web of requirements that can be difficult to maintain.

Zarf, an OpenSSF Sandbox project, takes a different approach. Rather than requiring each artifact to be independently verified against external infrastructure, Zarf consolidates artifacts into a declarative package that is pre-verified at creation time. A single signature covers the entire package. The trusted root is embedded in the CLI and the package contains the signature, enabling meaningful verification anywhere, including entirely airgapped environments, with no external connectivity or additional tooling required.
Speakers
avatar for Brandt Keller

Brandt Keller

Staff Software Engineer, Defense Unicorns
Brandt is a Staff Software Engineer with a passion for Open Source. He serves as a Maintainer and Technical Lead for the CNCF Security & Compliance Technical Advisory Group, a Cloud Native Ambassador, and a project maintainer within the OpenSSF. He has lead and contributed to multiple... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
200G (Level Two)
  Packages + Images + Containers
  • Audience Experience Level Any

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link