BastionZero’s OpenPubkey, which is a new cryptographic protocol that’s designed to fortify the open-source software ecosystem, is now a Linux Foundation open-source project. Docker is also integrating OpenPubkey, so that you can use it for container signing. This innovative cryptographic technology promises enhanced security through zero-trust passwordless authentication.
OpenPubkey provides this authentication by making a client-side modification to OpenID Connect. Connect is an authentication protocol based on the OAuth 2.0 framework. Together, these technologies simplify how programmers can verify a user’s identity. The OpenID Token can then be committed to a user-held public key. This key transforms an ID Token into a certificate that cryptographically binds an OpenID Connect identity to a public key.
