Week 19 - Signing and Verification: Cosign, Sigstore¶

19.1 Conceptual Core¶

Sigstore is a free public-good infrastructure for software signing: keyless signatures via OIDC (your GitHub/Google identity becomes the signer), a transparency log (Rekor), and a CA (Fulcio).
Cosign is the CLI: sign images, verify signatures, attach attestations (SBOMs, VEX, SLSA provenance), all backed by Sigstore by default-or a private key for offline use.
The promise: every artifact you publish has a verifiable link back to who built it, what SBOM was attached, when, with cryptographic proof recorded in a public ledger.

`cosign sign - keyless signing via OIDC; opens browser for auth; uploads short-lived cert + signature to Rekor.
`cosign verify --certificate-identity user@example --certificate-oidc-issuer https://accounts.google.com - verifies signer identity and issuer.
For private/offline: cosign generate-key-pair; cosign sign --key cosign.key; cosign verify --key cosign.pub.
Attestations-signed statements about an artifact: cosign attest --predicate sbom.json --type spdx <image>. The full SLSA provenance flow.
Policy verification-cosign verify with policy: only specific signers, only via specific CI workflows (GitHub Actions OIDC subject repo:org/repo:ref:refs/heads/main).

Sign an image with cosign keyless (GitHub OIDC). Verify.
Attach SBOM and VEX as attestations.
Configure policy-controller (Sigstore's Kubernetes admission controller) to require a valid signature from your CI's OIDC subject before allowing deploys.
Try to deploy an unsigned image-observe the rejection.

Set registry retention policy: signed images permanent; unsigned images garbage-collected after 7 days. Forces a signing-or-discard discipline.

Wire cosign verify into skopeo policy.json-transparent verification on every pull. Document the disaster-recovery flow if your signing identity is compromised.