The talk discussed the authentication of Git checkouts in the context of supply chain security. The speaker presented the work done in the GNU Geeks project, which is a GNU/Linux distribution that builds packages from source using reproducible and hermetic builds. They introduced the concept of authenticating Git checkouts by annotating each commit with authorized committers using OpenPGP keys. The authentication rule states that a commit is authentic if it is signed by an authorized committer of the parent commit. This approach ensures that users are getting the real code and protects against attacks such as malicious changes or downgrade attacks. The speaker also highlighted the importance of reproducible builds and the integration of authentication in the entire software development and deployment process. They concluded by emphasizing the need for collective thinking and efforts to address supply chain security issues in free and open-source software development.