Sigstore: Cosign, Fulcio & Rekor
Keyless signing and the transparency log.
Sigstore is the open-source project that made signing artifacts practical by removing the hardest part: managing keys. It has three pieces. Cosign is the tool that signs and verifies (containers, blobs, attestations). Fulcio is a certificate authority that issues short-lived signing certificates tied to an OIDC identity. Rekor is a public, append-only transparency log that records every signature. Together they enable keyless signing — you sign as "this identity," with no long-lived private key to protect or leak.
Why keyless changes the game
Traditional signing keys are a liability, especially in CI: a stored private key is one more secret that can leak, and if it does, an attacker can sign anything as you until you notice and rotate. Keyless signing removes the standing key entirely — Fulcio issues a certificate bound to your verified OIDC identity, valid for minutes, used once, then gone. The signature’s trust comes from "this was signed by the identity gitlab-ci@acme building project X," verifiable forever via the Rekor log, with nothing durable for an attacker to steal.
$ cosign sign --yes "$IMAGE@$DIGEST" # OIDC → Fulcio cert → sign → Rekor entry# verify, asserting the identity (not merely "is it signed"):$ cosign verify \--certificate-identity-regexp "https://gitlab.acme.internal/acme/.*" \--certificate-oidc-issuer https://gitlab.acme.internal \"$IMAGE@$DIGEST"
Rekor: the transparency log
Rekor is what makes the ephemeral-key model auditable. Every signature is recorded in a public, tamper-evident, append-only log, so you can prove a signature existed at a point in time and detect if signing was misused — much like certificate transparency for the web. It means "was anything ever signed as our identity that we did not expect?" is an answerable question, and it removes the need to trust that a signature was not backdated or forged after the fact.