Project

Profile

Help

Story #9581

closed

Story #9502: [EPIC] Contrainer Signing and Verification

As a user I can audit existing container images and verify its signatures

Added by ipanova@redhat.com about 3 years ago. Updated about 3 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Ticket moved to GitHub: "pulp/pulp_container/510":https://github.com/pulp/pulp_container/issues/510


There will be a separate API call that will be provided with the (1) signature verification policy config (2) public keys to verify against (3) content to verify

A follow-up question: what to do in case validation failed? There should be some steps that will take care of removing tempered content. Should this be automatic or a separate manual call?

Also available in: Atom PDF