1 files changed, 7 insertions, 0 deletions

diff --git a/wiki/devops/continuous-signing.md b/wiki/devops/continuous-signing.md
new file mode 100644
index 0000000..422ec49
--- /dev/null
+++ b/wiki/devops/continuous-signing.md
@@ -0,0 +1,7 @@
+# Code Signing on Build Servers
+
+We sign things so that we can authenticate them later, but authentication is
+largely a conscious function. Computers are bad at answering "is this real".
+
+Major signing systems (GPG, jarsigner) require presentation of credentials at
+signing time. CI servers don't generally have safe tools for this.