Back To Schedule
Wednesday, November 20 • 4:25pm - 5:00pm
Redesigning Notary in a Multi-registry World - Justin Cormack, Docker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Notary, used to secure container image updates, is the most widely adopted implementation of the TUF protocol. However, since Notary’s design around Docker Hub in 2015, container registries have proliferated and some of the design decisions don’t support the needs of a multi-registry world. This talk looks at redesigning the model to allow portability of container images between registries with signature data stored alongside the image data allowing it to be pushed and pulled alongside the image. This reworking of Notary will enable easier portability of images, and improve supply chain security by enabling mirrors and users of mirrors to validate image data, allowing users to easily work with cloud and local registries, offline caches and other common architectures.

avatar for Justin Cormack

Justin Cormack

CTO, Docker
Justin is the CTO at Docker, and a member of the CNCF TOC. He has spent a lot of time working on security in the container ecosystem. He is a maintainer on the Notary project for container security.

Wednesday November 20, 2019 4:25pm - 5:00pm PST
Room 6E - San Diego Convention Center Upper Level