docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Source repo for Docker's Documentation
1,975 Commits 13 Branches 28 Tags 826 MiB
HTML 67.3%
CSS 15.6%
Go 5.5%
Dockerfile 3.3%
JavaScript 3.1%
Other 5.2%
Go to file
Ying Li 2f62e8d260 Add JSON marshalling and unmarshalling specify model types as a field on a Table object 
Signed-off-by: Ying Li <ying.li@docker.com>
 		2016-06-09 10:43:47 -07:00
Godeps updating docker, logrus and etcd dependencies 2016-05-26 14:14:26 -07:00
buildscripts fix lint and circle, less aggressive codecov threshold 2016-06-06 18:18:20 -07:00
client TUF changed to Tuf in all comments and rethink models as per open issue 313 2016-06-08 17:14:08 -07:00
cmd moving the passphrase.Retriever definition so fewer things have a chained dependency on github.com/docker/docker/pkg/term 2016-06-04 01:51:41 -07:00
cryptoservice moving the passphrase.Retriever definition so fewer things have a chained dependency on github.com/docker/docker/pkg/term 2016-06-04 01:51:41 -07:00
docs Documentation about new server gun prefix requirement feature 2016-05-20 11:21:00 -05:00
fixtures Add password for server and signer 2016-05-10 18:17:01 -07:00
migrations Update migration syntax, add integration test for rethink 2016-04-14 19:38:04 -07:00
misc Sleep for 1s after push, add comment about certs 2016-04-08 09:15:52 -07:00
notarymysql/docker-entrypoint-initdb.d lots of final minor improvements to setup. 2016-02-08 14:18:07 -08:00
passphrase moving the passphrase.Retriever definition so fewer things have a chained dependency on github.com/docker/docker/pkg/term 2016-06-04 01:51:41 -07:00
proto Change the signer protocol to include a health check 2015-10-07 18:12:23 -07:00
server Add JSON marshalling and unmarshalling specify model types as a field on a Table object 2016-06-09 10:43:47 -07:00
signer Add JSON marshalling and unmarshalling specify model types as a field on a Table object 2016-06-09 10:43:47 -07:00
storage Add JSON marshalling and unmarshalling specify model types as a field on a Table object 2016-06-09 10:43:47 -07:00
trustmanager TUF changed to Tuf in all comments and rethink models as per open issue 313 2016-06-08 17:14:08 -07:00
trustpinning TUF changed to Tuf in all comments and rethink models as per open issue 313 2016-06-08 17:14:08 -07:00
tuf TUF changed to Tuf in all comments and rethink models as per open issue 313 2016-06-08 17:14:08 -07:00
utils updating docker, logrus and etcd dependencies 2016-05-26 14:14:26 -07:00
vendor updating docker, logrus and etcd dependencies 2016-05-26 14:14:26 -07:00
version Lint fix 2015-10-19 11:52:43 -07:00
.gitignore validation tests 2015-08-06 17:38:37 -07:00
CHANGELOG.md update changelog for v0.3.0 2016-05-11 15:59:05 -07:00
CONTRIBUTING.md Drop mailing list link 2016-01-13 20:34:13 +01:00
CONTRIBUTORS updating maintainers and adding top level contributors, removing those files from tuf dir 2015-10-27 22:59:23 -07:00
Dockerfile fix lint and circle, less aggressive codecov threshold 2016-06-06 18:18:20 -07:00
LICENSE Update license to set copyright holder 2015-07-31 16:27:40 -07:00
MAINTAINERS Add to maintainers list 2016-01-11 18:00:07 -08:00
Makefile allow devel builds of go to pass make version check 2016-06-08 11:56:40 -07:00
NOTARY_VERSION Update NOTARY_VERSION 2016-05-31 17:19:50 -07:00
README.md Docs: some review on README 2016-04-28 09:27:05 +08:00
ROADMAP.md Refactored Rufus API 2015-07-14 00:23:38 -07:00
circle.yml Try a simplified CircleCI with just Docker commands. 2016-05-25 16:00:56 -07:00
codecov.yml fix lint and circle, less aggressive codecov threshold 2016-06-06 18:18:20 -07:00
const.go Add password for server and signer 2016-05-10 18:17:01 -07:00
coverpkg.sh Fix Makefile to exclude the vendor directory from linting/vetting 2016-03-08 14:54:29 -08:00
development.mysql.yml rename docker-compose network for mysql 2016-06-01 07:54:46 +00:00
development.rethink.yml Try a simplified CircleCI with just Docker commands. 2016-05-25 16:00:56 -07:00
docker-compose.rethink.yml Rethink requires that each subsequent replica join another existant replica. 2016-05-24 17:31:55 -07:00
docker-compose.yml rename docker-compose network for mysql 2016-06-01 07:54:46 +00:00
notary.go fix lint and circle, less aggressive codecov threshold 2016-06-06 18:18:20 -07:00
server.Dockerfile Move the SERVICE_NAME environment variable definitions into the server/signer Dockerfiles 2016-05-18 05:29:28 -05:00
signer.Dockerfile Move the SERVICE_NAME environment variable definitions into the server/signer Dockerfiles 2016-05-18 05:29:28 -05:00

README.md

Notary

Circle CI CodeCov

The Notary project comprises a server and a client for running and interacting with trusted collections. Please see the service architecture documentation for more information.

Notary aims to make the internet more secure by making it easy for people to publish and verify content. We often rely on TLS to secure our communications with a web server which is inherently flawed, as any compromise of the server enables malicious content to be substituted for the legitimate content.

With Notary, publishers can sign their content offline using keys kept highly secure. Once the publisher is ready to make the content available, they can push their signed trusted collection to a Notary Server.

Consumers, having acquired the publisher's public key through a secure channel, can then communicate with any notary server or (insecure) mirror, relying only on the publisher's key to determine the validity and integrity of the received content.

Goals

Notary is based on The Update Framework, a secure general design for the problem of software distribution and updates. By using TUF, notary achieves a number of key advantages:

  • Survivable Key Compromise: Content publishers must manage keys in order to sign their content. Signing keys may be compromised or lost so systems must be designed in order to be flexible and recoverable in the case of key compromise. TUF's notion of key roles is utilized to separate responsibilities across a hierarchy of keys such that loss of any particular key (except the root role) by itself is not fatal to the security of the system.
  • Freshness Guarantees: Replay attacks are a common problem in designing secure systems, where previously valid payloads are replayed to trick another system. The same problem exists in the software update systems, where old signed can be presented as the most recent. notary makes use of timestamping on publishing so that consumers can know that they are receiving the most up to date content. This is particularly important when dealing with software update where old vulnerable versions could be used to attack users.
  • Configurable Trust Thresholds: Oftentimes there are a large number of publishers that are allowed to publish a particular piece of content. For example, open source projects where there are a number of core maintainers. Trust thresholds can be used so that content consumers require a configurable number of signatures on a piece of content in order to trust it. Using thresholds increases security so that loss of individual signing keys doesn't allow publishing of malicious content.
  • Signing Delegation: To allow for flexible publishing of trusted collections, a content publisher can delegate part of their collection to another signer. This delegation is represented as signed metadata so that a consumer of the content can verify both the content and the delegation.
  • Use of Existing Distribution: Notary's trust guarantees are not tied at all to particular distribution channels from which content is delivered. Therefore, trust can be added to any existing content delivery mechanism.
  • Untrusted Mirrors and Transport: All of the notary metadata can be mirrored and distributed via arbitrary channels.

Security

Please see our service architecture docs for more information about our threat model, which details the varying survivability and severities for key compromise as well as mitigations.

Our last security audit was on July 31, 2015 by NCC (results).

Any security vulnerabilities can be reported to security@docker.com.

Getting started with the Notary CLI

Please get the Notary Client CLI binary from the official releases page or you can build one yourself. The version of Notary server and signer should be greater than or equal to Notary CLI's version to ensure feature compatibility (ex: CLI version 0.2, server/signer version >= 0.2), and all official releases are associated with GitHub tags.

To use the Notary CLI with Docker hub images, please have a look at our getting started docs.

For more advanced usage, please see the advanced usage docs.

To use the CLI against a local Notary server rather than against Docker Hub:

  1. Please ensure that you have docker and docker-compose installed.

  2. git clone https://github.com/docker/notary.git and from the cloned repository path, start up a local Notary server and signer and copy the config file and testing certs to your local notary config directory:

    $ docker-compose build
$ docker-compose up -d
$ mkdir -p ~/.notary && cp cmd/notary/config.json cmd/notary/root-ca.crt ~/.notary

  3. Add 127.0.0.1 notary-server to your /etc/hosts, or if using docker-machine, add $(docker-machine ip) notary-server).

You can run through the examples in the getting started docs and advanced usage docs, but without the -s (server URL) argument to the notary command since the server URL is specified already in the configuration, file you copied.

You can also leave off the -d ~/.docker/trust argument if you do not care to use notary with Docker images.

Building Notary

Prerequisites:

  • Go >= 1.6.1
  • godep installed
  • libtool development headers installed
    • Ubuntu: apt-get install libltdl-dev
    • CentOS/RedHat: yum install libtool-ltdl-devel
    • Mac OS (Homebrew): brew install libtool

Run make binaries, which creates the Notary Client CLI binary at bin/notary. Note that make binaries assumes a standard Go directory structure, in which Notary is checked out to the src directory in your GOPATH. For example:

$GOPATH/
    src/
        github.com/
            docker/
                notary/