Sultans Of Ping Forum Index Sultans Of Ping
New forum for the band Sultans of Ping.
Please register and post so this becomes as popular as the old one.
Hosted by ping.fishtank.org.uk.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Docker registry security ?

 
Post new topic   Reply to topic    Sultans Of Ping Forum Index -> Everything Else
View previous topic :: View next topic  
Author Message
Johneames
Psychopath


Joined: 14 Oct 2017
Posts: 133

PostPosted: Sat Nov 04, 2017 8:00 am    Post subject: Docker registry security ? Reply with quote

hello,


Is it possible to sign images with a CA-cert such that a customer can verify that the image is signed by some delegate of the CA-cert trust chain? It seems like DTR has a binary mode of trust: either and image is signed or it is not, but not qualified by who.

As far as I know, the security model is such that on a per-machine basis, you create a root, taret, timestamp and snapshot keys. Are we able to have these derive from an existing certificate or is this impossible?



Please help.
Thanks!

I didn't find the right solution from the Internet.


References:
https://forums.docker.com/t/docker-registry-security/37311


infographic examples
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Sultans Of Ping Forum Index -> Everything Else All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group