aboutsummaryrefslogtreecommitdiff
path: root/hugo/content
diff options
context:
space:
mode:
Diffstat (limited to 'hugo/content')
-rw-r--r--[l---------]hugo/content/_index.md26
-rw-r--r--hugo/content/about.md21
-rw-r--r--hugo/content/contact.md30
-rw-r--r--hugo/content/docs.md12
-rw-r--r--hugo/content/visuals.md26
5 files changed, 114 insertions, 1 deletions
diff --git a/hugo/content/_index.md b/hugo/content/_index.md
index fe84005..24879e2 120000..100644
--- a/hugo/content/_index.md
+++ b/hugo/content/_index.md
@@ -1 +1,25 @@
-../../README.md \ No newline at end of file
+Sigsum logging brings transparency to signed checksums. This makes it possible
+to detect malicious and unintended key-usage. In other words, no signature
+accepted by an end-user goes unnoticed.
+
+> A new signature made with my key was just logged.
+> Was that signature expected?
+
+Specific use-cases can be implemented on-top of the minimal building block that
+Sigsum provides. Examples include transparency for executable binaries, TPM
+quotes, and onion address rulesets.
+
+> Everyone gets the same binaries.
+> Signed binary checksums become public in Sigsum logs.
+> Each binary is locatable on a separate release page.
+> An independent monitor can verify these claims.
+
+Sigsum is designed to be secure against a powerful attacker that controls:
+
+ - The signer's secret key and infrastructure
+ - The log's secret key and infrastructure
+ - A threshold of so-called witnesses that cosign the log
+
+Any use-case that cannot tolerate a few minutes of logging latency is out of
+scope. This and other aspects keep the Sigsum design simple, both with regards
+to operations and end-user verification.
diff --git a/hugo/content/about.md b/hugo/content/about.md
new file mode 100644
index 0000000..6388c38
--- /dev/null
+++ b/hugo/content/about.md
@@ -0,0 +1,21 @@
+# About
+Sigsum is a free and open source software project that [launched officially][]
+in October, 2021. The goal is to provide a minimal building block that can be
+used to enforce public logging of signed checksums.
+
+[launched officially]: https://lists.sigsum.org/mailman3/hyperkitty/list/sigsum-general@lists.sigsum.org/thread/ZCWCOWYTBQSVYWADEHBAWYEHNS3FJ6RK/
+
+## Core members
+
+ - Anwesha Das (anwesha)
+ - Fredrik Strömberg (kfreds)
+ - Linus Nordberg (ln5)
+ - Rasmus Dahlberg (rgdd)
+
+## Sponsors
+
+ - [DFRI][], mailing list infrastructure
+ - [Mullvad VPN][], financial funder
+
+[Mullvad VPN]: https://www.mullvad.net
+[DFRI]: https://www.dfri.se
diff --git a/hugo/content/contact.md b/hugo/content/contact.md
new file mode 100644
index 0000000..154f036
--- /dev/null
+++ b/hugo/content/contact.md
@@ -0,0 +1,30 @@
+# Contact
+Chat with users and developers on IRC or Matrix. The rooms are bridged so it
+does not matter which one you choose.
+
+ - IRC: \#sigsum @ [OFTC.net][]
+ - Matrix: [#sigsum:matrix.org][]
+
+[OFTC.net]: https://oftc.net/
+[#sigsum:matrix.org]: https://app.element.io/#/room/#sigsum:matrix.org
+
+Subscribe to the [sigsum-general mailing list][] by sending an email with
+'subscribe' in the subject to
+
+ sigsum-general-join@lists.sigsum.org
+
+or use the form at [the list info page][]. After being subscribed, you can
+provide feedback, report issues, and submit patches by sending an email to
+
+ sigsum-general@lists.sigsum.org
+
+[sigsum-general mailing list]: https://lists.sigsum.org/mailman3/hyperkitty/list/sigsum-general@lists.sigsum.org/
+[the list info page]: https://lists.sigsum.org/mailman3/postorius/lists/sigsum-general.lists.sigsum.org/
+
+Join open video/voice meetings on Tuesdays at 1200 UTC.
+
+ - Jitsi: [meet.sigsum.org/sigsum][]
+ - Pad: [pad.sigsum.org/p/sigsum-YYMMDD][]
+
+[meet.sigsum.org/sigsum]: https://meet.sigsum.org/sigsum
+[pad.sigsum.org/p/sigsum-YYMMDD]: https://pad.sigsum.org/p/sigsum-YYMMDD
diff --git a/hugo/content/docs.md b/hugo/content/docs.md
new file mode 100644
index 0000000..9f140b2
--- /dev/null
+++ b/hugo/content/docs.md
@@ -0,0 +1,12 @@
+# Docs
+
+ - [Design document][] - an introduction to the Sigsum logging design
+ - [API specification][] - a succinct description of the Sigsum API
+ - [History][] - a brief history about how Sigsum came together
+ - [Archive][] - notes and meeting minutes
+ - [Visuals](/visuals) - logo, colors, and font
+
+[Design document]: https://git.sigsum.org/sigsum/tree/doc/design.md
+[API specification]: https://git.sigsum.org/sigsum/tree/doc/api.md
+[History]: https://git.sigsum.org/sigsum/tree/doc/history.md
+[Archive]: https://git.sigsum.org/sigsum/tree/archive
diff --git a/hugo/content/visuals.md b/hugo/content/visuals.md
new file mode 100644
index 0000000..2faee1f
--- /dev/null
+++ b/hugo/content/visuals.md
@@ -0,0 +1,26 @@
+# Visuals
+
+## Font
+
+A geometric sans-serif font named [outfit][]. It is [SIL OFL][] licensed.
+
+[outfit]: https://outfit.io/outfit-font
+[SIL OFL]: https://github.com/Outfitio/Outfit-Fonts/blob/main/OFL.txt
+
+## Colors
+
+The color codes are:
+
+ - \#FAF9F5, rgba(250, 249, 245, 1)
+ - \#333333, rgba(51, 51, 51, 1)
+ - \#DB4D2C, rgba(219, 77, 44, 1)
+ - \#581303, rgba(219, 77, 44, 1)
+ - \#6B60E3, rgba(107, 96, 227, 1)
+
+A brief demo is available in [pdf form](/media/colors.pdf).
+
+## Logo
+
+Available as an [svg file](/media/logo.svg). It is [CC BY-SA 4.0][] licensed.
+
+[CC BY-SA 4.0]: https://creativecommons.org/licenses/by-sa/4.0/