Joomla! & TUF - Secure Updates
Make the web a safer place by using secure updates.
PROJECT DESCRIPTION
Currently Joomla! Updates are not secured by cryptographic signatures. Signing updates would ensure the legitimacy of the updates. We plan to implement “The Update Framework” (TUF), a framework designed to deliver signed updates for all kinds of software. Integrating it into Joomla will make sure that no contaminated version of the CMS and its extensions are installed.
HACKATHON GOALS
The goal of the project is to create a PoC for a Joomla!-implementation of TUF which also can be adapted by other Open Source Software.
This includes to feed back fixed issues and finished features for TUF.
TARGET AUDIENCE
Everyone who is interested in looking beyond the horizon and working with a community driven CMS. If you have some experience with PHP, working with a framework, are interested in security or always wanted to know how secure updates should work, you’re very welcome to join this project.
Hackathon Results
PROJECT LEAD
Benjamin Trenkle is Release Lead of the current Joomla! Version 4.1. He works with Joomla! from 1.0.
Beside Joomla! Benjamin is helping companies to digitize and automate their daily processes.
TAGS
