Notary v2 - Redesigning the Secure Supply Chain for Containers
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the redesign of secure supply chain for containers in this conference talk on Notary v2. Dive into the evolution of container security, learning about the joint community effort to address issues with the first-generation Notary. Discover how Notary v2 leverages five years of experience to enhance supply chain security across the container ecosystem. Gain insights into OCI registry-native protocols, progress updates, and key problems being solved. Examine the current state of specifications and implementations, open issues, and the roadmap to production. Understand the Update Framework, Notary's history, and critical improvements. Investigate scenarios involving registry signatures and meta-data services. Conclude with a look at future steps in container security development.
Syllabus
Intro
Who are we?
Supply Chain Security
The Update Framework
Notary history
Key issues to fix
Notary v2 Scenarios
Signatures in registry
Meta-data services
Next steps
Taught by
CNCF [Cloud Native Computing Foundation]