Author: Sascha Grunert The Kubernetes Special
Interest Group (SIG) Release is proud to announce that we are
digitally signing all release artifacts, and that this aspect of
Kubernetes has now reached beta. Signing artifacts
provides end users a chance to verify the integrity of the
downloaded resource.It allows to mitigate man-in-the-middle attacks
directly on the client side and therefore ensures the trustfulness
of the remote serving the artifacts.The overall goal of out past
work was to define the used tooling for signing all Kubernetes
related artifacts as well as