Adrian Castro
Adrian Castro
> Why is the data being stored in the client? Why would it be stored on the server? If every key is stored on the server, we would have a...
That is correct. Every content signed with the expired/old rotated keys must be resigned.
I created a small sandbox here: https://github.com/IAL32/notary-sandbox The README explains in detail how to add a delegation and perform signing operations with it. Hope it helps!
The Notary Server needs to be either: 1. served on a domain with a valid certificate (www.notary.example.com) signed by a CA 2. served with a self-signed certificate In the second...
> I need a sample notary server config which is used to configure docker client with tls certificates for two-way handshake Then this is not an issue related to Notary,...
Ah, no, it is not supported, then.
I would look at the `~/.docker/trust` folder as volatile, as you can just delete it and re-populate it with the Notary CLI. What I suggest is to store the passphrase...
Uh, lots of things going on. Let's go by order: > `notary key export` doesn't appear to produce any data `notary key export` will basically just print out every key...
> I think my earlier confusion was because I don't have separate pem files for all these certificates, I've been using the ones generated for me when I run `init`...
> Thank you - the diagram especially is helpful. Just looking at the initialisation for now, the diagram seems to refer to `collection-name` and the `gun` being `registry/collection-name` when checking...