Notary

Jan 1, 0001

Definition

Notary is a tool designed to provide strong cryptographic guarantees for the integrity and authenticity of content. It is commonly used to sign and verify container images and other software artifacts, ensuring that they have not been tampered with and originate from a trusted source. Notary is often integrated with container registries and CI/CD pipelines to enforce security policies and maintain trust in software supply chains.

Secure Settings Example

# Example of a secure Notary configuration for signing Docker images
trust_pinning:
  disable_tofu: true
  certs:
    example.com:
      - path: "/path/to/trusted_cert.pem"
        role: "targets"

Insecure Settings Example

# Example of an insecure Notary configuration with trust on first use (TOFU) enabled
trust_pinning:
  disable_tofu: false

Notary

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter