Explore the critical aspects of container supply chain security in this informative conference talk featuring Justin Cormack from Docker and Steve Lasker from Microsoft. Delve into the progress and decisions made in the Notary v2 project, addressing issues from its predecessor and gathering consensus on essential security mechanisms. Gain insights into early production use, future roadmaps, and the broader supply chain landscape. Learn about the stages of the supply chain, entity and artifact promotion, location independence, and the challenges associated with supply chain artifacts. Discover the importance of policy management in Notary v2 and how it contributes to enhancing overall container security.
Overview
Syllabus
Intro
State of the Container Supply Chain
Stages of the Supply Chain
Attesting To Entity Promotion
Artifact Promotion
Location Independence
Supply Chain Artifact Challenges
Promoting Artifacts
Notary v2 Policy Management
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Notary v2 - Supply Chain Security for Containers
-
Securing the Container Supply Chain with Notary
-
Notary v2 - Promoting Signed Artifacts
-
Notary: State of Development and Supply Chain Security
-
Securing Container Supply Chain in CI/CD with Notary Project, ORAS and Harbor
-
Notary v2 Outstanding Issues Working Session
