Software transparency as a service
STaaS is free and open-source brought to you by ExcID.
Quickly sign artifacts, such as binaries, documents, and pictures,
using short-lived certificates bound to your identity.
Signatures are generated using one-time keys and they are record
in a public, auditable transparency registry. Your artifacts are
never transmitted to our platform.
Sign up now and start using STaaS for free. We respect your privacy and we will use your email only for authentication purposes.
How it works
- Login and select a file to sign. ExcID never learns the contents of the file.
- STaaS generates a short-lived certificate bound to your email address using an instance of Fulcio CA hosted by ExcID.
- Information about generated signatures is immutably recorded in the Rekor public transparency registry.
- Generated signatures can be easily verified using the Cosign utility.
For more information read STaaS documentation