docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update security.md 

Incorporated @ddeyo's fixes
This commit is contained in:
Anne Henmi 2018-10-25 15:23:30 -06:00 committed by GitHub
parent 75e3c4de87
commit 5fc2b29768
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
engine/security/security.md
View File

@ -201,14 +201,15 @@ those explicitly required for their processes.
## Docker Content Trust Signature Verification
The Docker Content Trust signature verification feature is built directly
into the `dockerd` binary. The Docker Engine can be configured to only run
signed images. This is configured in the Dockerd configuration file.
The Docker Engine can be configured to only run signed images. The Docker Content
Trust signature verification feature is built directly into the `dockerd` binary.
This is configured in the Dockerd configuration file.
To enable this feature, trustpinning can be configured in `daemon.json`, whereby
only repositories signed with a user-specified root key can be pulled and run.
This provides insight to administrators that was not previously available with
the CLI being responsible for enforcing and performing image signature verification.
This feature provides more insight to administrators than previously available with
the CLI for enforcing and performing image signature verification.
For more information on configuring Docker Content Trust Signature Verificiation, go to
(Content trust in Docker)[engine/security/trust/content_trust].