Project

Profile

Help

Story #9581

Story #9502: [EPIC] Contrainer Signing and Verification

As a user I can audit existing container images and verify its signatures

Added by ipanova@redhat.com 15 days ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

There will be a separate API call that will be provided with the (1) signature verification policy config (2) public keys to verify against (3) content to verify

A follow-up question: what to do in case validation failed? There should be some steps that will take care of removing tempered content. Should this be automatic or a separate manual call?

Please register to edit this issue

Also available in: Atom PDF