Explore the critical aspects of container supply chain security in this informative conference talk featuring Justin Cormack from Docker and Steve Lasker from Microsoft. Delve into the progress and decisions made in the Notary v2 project, addressing issues from its predecessor and gathering consensus on essential security mechanisms. Gain insights into early production use, future roadmaps, and the broader supply chain landscape. Learn about the stages of the supply chain, entity and artifact promotion, location independence, and the challenges associated with supply chain artifacts. Discover the importance of policy management in Notary v2 and how it contributes to enhancing overall container security.
Overview
Syllabus
Intro
State of the Container Supply Chain
Stages of the Supply Chain
Attesting To Entity Promotion
Artifact Promotion
Location Independence
Supply Chain Artifact Challenges
Promoting Artifacts
Notary v2 Policy Management
Taught by
CNCF [Cloud Native Computing Foundation]
