notary

notary copied to clipboard

Hashicorp Vault as storage engine for notary client

5

It would be great if the notary client could be integrated with Hashicorp vault as a storage location for the keys. Use case: CI and CD to release docker images...

marcofranssen

in the section **[Key Rotations](https://github.com/notaryproject/notary/blob/master/docs/best_practices.md#key-rotations)** of `Best Practices for Using Docker Notary`, it mentions that: `Currently the Root key is published as a self signed x509 certificate with an expiry...

ghost

Signing Docker Images with Notary CLI ?

2

Hi ! In the case we want to use other means to build containers (Kaniko, Buildah, etc ...) how can we sign a container using notary CLI only (not Docker...

ThinkBriK

Update of nearing expiry delegation key with validity extended key

5

I recently noticed "nearing expiry" warning when pulling image from one of the trusted docker repository. Delegation process was used to sign the images. i tried the below approach 1....

ase-101

Convert ECDSA signing code to produce ECDSA signatures in ASN.1 form

3

The Elliptic Curve signatures that Notary produces are not in [ASN.1](https://en.wikipedia.org/wiki/ASN.1) form, which leads to incompatibilities with some popular external libraries and tools such as OpenSSL (https://github.com/theupdateframework/notary/issues/1544) or AWS KMS....

stefan-zh

Feature/sandbox

6

This PR adds a docker-compose setup that can be utilized to have a sandbox available for playing with notary and docker content trust. resolves #1561 which was included by rebasing...

marcofranssen

extracting pkcs11 implementation from notary and replacing it with RPC interface

6

This PR extracts the pkcs11 HSM implementation from notary and replaces it with an RPC interface. New HSM implementations can now implement their own adapter independent from notary through using...

jschintag

It seems the autobuild image hasnt been updated since a while. Testing the certificate gets all the certs have expired. https://hub.docker.com/r/dockersecurity/notary_autobuilds SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: Session-ID-ctx:...

tech-novic

Unable To Publish Images Using Delegation Keys w/ Docker Content Trust - Del. Passphrase Not Accepted

20

I've been unable to publish signed images using Docker Content Trust with the following Notary setup. `# notary version` > notary > Version: **0.5.0** > Git commit: a41821f ` #...

unullmass

GitHub releases

4

Hi ! I just noticed a 0.7 tag is pushed but no release has been written for it, that makes people think that the latest release was in 2018. Also,...

williamdes