This talk gives an overview of the status of the Notary project, and the Notary v2 work, and the context in the broader ecosystem. Supply chain security is becoming increasingly critical and its importance has been recognised, but the ecosystem of tools around this is confusing. So this talk will cover the context of the key ideas, including the TUF and in-toto projects and how they relate to the security outcomes people want to achieve.

The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities in Detroit, Michigan from October 24 – 28, 2022. Join containerd, CoreDNS, Envoy, etcd, Fluentd, Harbor, Helm, Jaeger, Kubernetes, Linkerd, Open Policy Agent, Prometheus, Rook, TiKV, TUF, Vitess, Argo, Backstage, Buildpacks, Chaos Mesh, Cilium, CloudEvents, CNI, Contour, Cortex, CRI-O, Crossplane, CubeFS, dapr, Dragonfly, Emissary Ingress, Falco, Flagger, Flux, gRPC, Hubble, in-toto, KEDA, Keptn, Knative, KubeEdge, KubeVirt, Kyverno, Litmus, Longhorn, NATS, Notary, OpenMetrics, OpenTelemetry, Operator Framework, SPIFFE, SPIRE, Tetragon, Thanos, and Volcano as the community gathers for five days to further the education and advancement of cloud native computing.

Notary: State Of Development

Conference: KubeCon + CloudNativeCon North America 2022

Authors: Justin Cormack

Abstract

Post a comment

Related work

Securing the Container Supply Chain with Notary

Notary v2: Supply Chain Security for Containers

Notary v2: Deep Dive and Open Issues

TUF-En Up Your Signatures

Notary: State of the Container Supply Chain

Updates from The Update Framework