Explore the role of cryptographic signatures in securing the software supply chain through this informative conference talk. Delve into the capabilities and limitations of cryptographic signatures, understanding their function as a crucial building block rather than a complete solution. Learn about effective implementation strategies, common pitfalls to avoid, and real-world applications in cloud native supply chain security. Examine topics such as compromise resilience, verification processes, trust establishment, and delegation mechanisms. Gain insights into signature projects like Notation, Cosine, and Update Framework. Discover how multisignatures and thresholds enhance security measures. Equip yourself with essential knowledge to leverage cryptographic signatures effectively in your software development and security practices.