The goal of "Attestations" and associated is to promise "when I download...
The goal of "Attestations" and associated is to
promise "when I download sampleproject4, I know it came from the repo it's supposed to and PyPI served the same file to me as everyone else."
and .. that it is now an attackers job to high two machines to attack.
(me: but if I lose my github credentials to Alice and Bob, they can publish package now with 1 compromised credential?)
Self-replies
I guess this does clarify that
- we still don't know who the pypi user is, nor do we know who controls the repository and it isn't a goal
Should we be using that package in the first place? Shouldn't be using any packages in the first place! We can trust the 2nd and 3rd packages are from the repo & are just as trust worth as the initial package, but Alice and Bob were publishing the 1st and they're North Korean state actors.