Container Security: Image Signing with Notary

preview_player
Показать описание
Updates for software libraries, software package managers, and repositories software usually does not remain static, and updates are necessary to add new functionality or remove vulnerabilities. When we apply these updates, it's important to provide security mechanisms for updating software such as applying patches and updates to Software Libraries. There is a need to understand better how the updates to software should be managed.

Additional Resources:
*Understand the Notary service architecture:

Music Credit:

Рекомендации по теме
Комментарии
Автор

Good detailed explanation about Notary server and Notary signer.

GunjanShah
Автор

Nice one ..have few questions here! When you say "the keys that we use to sign the image" are verified in the Notary server, is that the Private Delegation key you are talking about? Can you please let me know what happens when notary init repoA is executed, does that create the Root Key and Repo Key (Not sure what does content trust metadata is generated). Also can you please help us understand the need for Root Key to back up.

MONISHGURU