Skip to content

Use Docker Content Trust (DCT) to sign Docker Containers #265

New issue
New issue
Open
Open
Use Docker Content Trust (DCT) to sign Docker Containers#265
Labels
enhancementNew feature or request
@bsper2

Description

@bsper2
bsper2
opened on Aug 31, 2021

Use Case

Our security team is uneasy that the docker containers used for pupperware hosted at https://hub.docker.com/u/puppet are not signed with a Docker Content Trust Key. Which makes verifying the software supply chain difficult for security vetting purposes.

Describe the Solution You Would Like

Would you be able to start using keys to sign containers published on docker.com?

Additional Context

Info about Docker Content Trust can be found here : https://docs.docker.com/engine/security/trust/

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions