BastionZero’s OpenPubkey, a new cryptographic protocol designed to strengthen the open source software ecosystem, is now an open source project of the Linux Foundation. Docker also integrates OpenPubkey so developers can use it to sign containers. This innovative cryptographic technology promises increased security through passwordless, zero-trust authentication.

Developers will be able to use these keys to cryptographically sign applications, provide secure remote access, or access secure software supply chain features such as signed builds, deployment, and code commit.

“The Linux Foundation is proud to host the OpenPubkey Project. We believe this initiative will play a pivotal role in strengthening the security of the open source software community. We encourage developers and organizations to join this collaborative effort in enhancing software supply chain security,” said Jim Zemlin, Executive Director of the Linux Foundation.

You can learn more about how OpenPubkey works and how to get involved and help the project on GitHub.