The Community Attestation Service (CAS) is an open source service that helps users protect their software and runs on the Codenotary digital identification infrastructure.
The project allows them to create a list of materials with software, notarize containers and allow others to verify on launch, and allows you to view the unchanging history of notarized assets in immudb.
CAS stores all signatures inside immudb, the standard for immutable open source databases.
The project is also protected against falsification, as all certification data is verified for integrity and cryptographically verified by CAS clients.
CAS is also protected from MITM attacks because the public key is checked at each connection.
The CAS can detect, authenticate and warn of any conduct involving the use of non-authentic digital assets. CAS validation can be built anywhere and can be used to run alerts, updates or workflows.
“Codenotary cas is a solution written by DevOps-obsessed engineers for DevOps engineers to bring more trust and security to the CloudNative source during the deployment process,” the project developers wrote on the GitHub project. page.