Loading…
Back To Schedule
Wednesday, November 20 • 4:25pm - 5:00pm
Redesigning Notary in a Multi-registry World - Justin Cormack, Docker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Notary, used to secure container image updates, is the most widely adopted implementation of the TUF protocol. However, since Notary’s design around Docker Hub in 2015, container registries have proliferated and some of the design decisions don’t support the needs of a multi-registry world. This talk looks at redesigning the model to allow portability of container images between registries with signature data stored alongside the image data allowing it to be pushed and pulled alongside the image. This reworking of Notary will enable easier portability of images, and improve supply chain security by enabling mirrors and users of mirrors to validate image data, allowing users to easily work with cloud and local registries, offline caches and other common architectures.

Speakers
avatar for Justin Cormack

Justin Cormack

Security Lead, Docker
Justin is a senior engineer and security lead at Docker. He is a maintainer of the Notary project, and a member of the CNCF TOC and SIG Security. He has been working in container security for five years.



Wednesday November 20, 2019 4:25pm - 5:00pm PST
Room 6E - San Diego Convention Center Upper Level