On 30/09/14 12:40 -0400, Colin Walters wrote:
On Tue, Sep 30, 2014, at 11:55 AM, Václav Pavlín wrote:Tianon also mentioned future feature which would support signed images - we would probably want to produce such signed image by ourselves, not just give Docker rootfs and let them sign it.How does this intersect with https://github.com/docker/docker/issues/8093 As a Docker user, I may trust Docker Hub, or I may trust Fedora, or both (or neither). If the signatures are being validated, the client should be configurable to allow e.g. only accepting images signed by a particular set of keys (e.g. Fedora's). If we just hand them a tarball that they sign, then AIUI someone would have to jump through significant hoops to determine provenance to Fedora. CC'ing vbatts for comment.
#8093 is the new layout for signed images. This is coming. It looks like it will not make it in docker-1.3 (to be released any day now), but is targeted for docker-1.4. Relevant to this is the preliminary key management piece, which was recently merged and will be in docker-1.3 https://github.com/docker/docker/pull/8112 The idea is that these keys will be much like ssh keys. Autogenerated if not present, or you can drop in your own keys. So a build infrastructure will use its own keys and trust the issuer of the keys. In the meantime there is the 'dockertarsum' utility for creating and validate the time-fixed checksum of an image's layers. https://github.com/vbatts/docker-utils There is a copr build of this tool here http://copr.fedoraproject.org/coprs/vbatts/docker-utils/ vb
Attachment:
pgpwCdPwjJ7NJ.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
