Back To Schedule
Wednesday, November 20 • 4:25pm - 5:00pm
Redesigning Notary in a Multi-registry World - Justin Cormack, Docker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Notary, used to secure container image updates, is the most widely adopted implementation of the TUF protocol. However, since Notary’s design around Docker Hub in 2015, container registries have proliferated and some of the design decisions don’t support the needs of a multi-registry world. This talk looks at redesigning the model to allow portability of container images between registries with signature data stored alongside the image data allowing it to be pushed and pulled alongside the image. This reworking of Notary will enable easier portability of images, and improve supply chain security by enabling mirrors and users of mirrors to validate image data, allowing users to easily work with cloud and local registries, offline caches and other common architectures.

avatar for Justin Cormack

Justin Cormack

Engineer, Docker
Justin Cormack is Security Lead at Docker. He is a maintainer on the CNCF Notary project and is involved with CNCF SIG Security. He has spoken at Kubecon on a variety of subjects such as containerd, security audits, Notary and container runtimes. He also speaks at other events such... Read More →

Wednesday November 20, 2019 4:25pm - 5:00pm
Room 6E - San Diego Convention Center Upper Level