docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added more explanation, cleaned up wording.

This commit is contained in:
Anne Henmi 2018-10-16 19:50:20 -06:00
parent 1155d53225
commit bf9ed86856
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
engine/security/security.md
View File

@ -204,9 +204,14 @@ those explicitly required for their processes.
The Docker Content Trust signature verification feature is built directly
into the `dockerd` binary. The Docker Engine can be configured to only
permitted to run signed images. This is configured in the Dockerd
configuration file. To incorporate this, Docker will use trustpinning.
Trustpinning means Docker reposoitories with a known configured root key
will only be accepted.
configuration file. To incorporate this, the Docker engine have
trustpinning configured in the `daemon.json` file. Trustpinning is when
Docker reposoitories with a known configured root key will only be accepted.
This feature provides image signature verification whenever a Docker pull
or run command uses an image. This provides insight to administrators that
was not previously available with the CLI being responsible for enforcing
and performing image signature verification.
For more information on configuring Docker Content Trust Signature Verificiation, go to (xxx)[xxx].