Design: Tag Signing #63
Comments
|
I think this might be broken into two parts:
For 1, we may be able to piggyback on the digest signatures, adding the appropriate fields into the json blob. That can probably happen within NV2 issue #39. My though process is along the lines of a signature blob that includes some signed payload like: {
"descriptor": {"mediaType": "x", "digest": "y", "size": 123},
"references": ["registry/repo/img:v1", "registry/repo/img:v1.0.1"]
}There are different possible workflows signers could implement using that, either pushing a new signature for the old digest when the tag changes. Or the signers could push multiple signatures, one with for each reference, and another with only the descriptor. Then when tags change, those signatures with the stale references could be somehow revoked or allowed to expire. One assumption I'm making with this design is that a tag may point to multiple digests. The registry doesn't really do that, but signers may want to have a grace period before expiring old tag signatures to avoid breaking clients in the middle of pulling an image. It also makes a better workflow for checking signatures on multi-platform images where you may pull the index or a specific platform. With that assumption, it's not needed to implement a separate query API for tag artifacts, we would get the tag data with the query for the digest artifacts. Instead we are allowed to invert the problem from "signing a tag pointer to a digest" to "signing a digest that may include tag references". For 2, if we get a solution to revoking a signature then that could be applied to tags just as it's applied to the individual digests. |
We have a design around signing digest, which can be discovered through a tag.
However, we haven't yet designed a solution for tag signing.
The text was updated successfully, but these errors were encountered: