Our foundations of trust

Sigstore's trust is built opon our open source, distributed community.

The Sigstore trust root is made up of five established community members who serve as key holders. They are responsible for all policy changes.

Our security model describes how Sigstore establishes trust and verifies identity.

CEO, Always Further, Inc

Sigstore is Luke’s brainchild. Luke is focused on the Root CA and transparency logs.

Tech Lead & Manager, Google Open Source Security Team

Bob focuses on the transparency logs, certificate authority, and OSS ecosystem engagement.

Engineering Manager, Chainguard

Priya is a maintainer on Sigstore and its infrastructure.

Assistant Professor, Purdue University

Santiago's research focuses on securing the software development life-cycle.

Engineering Manager, GitHub

Trevor leads the Package Security Engineering team at GitHub.