Docker Security Team

Notary 0.2 – Delegations and more!

The Notary ™ project has been continuing to forge towards 1.0 and we’re pleased to announce our 0.2 release. In addition to various minor improvements and bugfixes we have added some significant features. Read on to find out more!

Diogo Mónica

Introducing Docker Content Trust

Image Signing and Verification using The Update Framework (TUF) A common request that we’ve heard from the Docker community is the need to have strong cryptographic guarantees over what code and what versions of software are being run in your infrastructure. This is an absolute necessity for secure and auditable production deployments. To answer these needs, we are excited to announce a new feature in 1.8 called Docker Content Trust which integrates The Update Framework (TUF) into Docker using Notary, an open source tool that provides trust over any content.

Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration

We’re thrilled to announce Docker 1.8 with support for image signing, a new installer, as well as incremental improvements to Engine, Compose, Swarm, Machine and Registry. You’ve been telling us that you want Docker to be more extensible and composed of smaller, standalone components. We hear you loud and clear. In June, we announced our intention to release runC as a separate piece of plumbing. With this release we’re taking another step towards that goal. The system powering image signing has been implemented as a separate piece of plumbing called Notary, and volume plugins, an experimental feature in 1.7, has now been promoted to the stable release. Across the board we’ve been making the usual quality improvements – something we know is important to all of you running Docker in production.