image

History

Miloslav Trmač 322058e563 Add signedIdentity type:matchRepoDigestOrExact, make it the default This is the new default: tag references require a signature with a matching repo:tag, digest references require a signature with a matching repo (and any tag [or digest]), with the digest itself still being validated in image.UnparsedImage, independently of signature processing. Users can still opt into strict checking by specifying matchExact in signedIdentity. Also update most tests to use matchExactOrSignedDigest, to match the default. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2016-11-08 15:04:53 +01:00
..
policy.json.md	Add signedIdentity type:matchRepoDigestOrExact, make it the default	2016-11-08 15:04:53 +01:00
registries.d.md	Support man page formatting	2016-10-14 09:26:28 -04:00

Miloslav Trmač 322058e563 Add signedIdentity type:matchRepoDigestOrExact, make it the default

This is the new default: tag references require a signature with a
matching repo:tag, digest references require a signature with a matching
repo (and any tag [or digest]), with the digest itself still being
validated in image.UnparsedImage, independently of signature processing.

Users can still opt into strict checking by specifying matchExact
in signedIdentity.

Also update most tests to use matchExactOrSignedDigest, to match
the default.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

2016-11-08 15:04:53 +01:00

policy.json.md

Add signedIdentity type:matchRepoDigestOrExact, make it the default

2016-11-08 15:04:53 +01:00

registries.d.md

Support man page formatting

2016-10-14 09:26:28 -04:00