What is Docker Content Trust?
Docker Content Trust (DCT) is a feature within Docker designed to verify the integrity and authenticity of Docker images pulled from or pushed to a registry. By leveraging digital signatures, DCT ensures that the images you use are precisely those signed by their creators and have not been tampered with.
How does it work? When DCT is enabled, images are signed with a publisher's private key. Upon pulling an image, the Docker client verifies this signature against the corresponding public key. If the signature cannot be verified or is missing, the pull operation is blocked, thereby protecting your software supply chain from potential attacks targeting compromised images.
Related Articles
What is an SSL Root Certificate?
An SSL Root Certificate is a foundational digital certificate issued by a trusted Certificate Authority (CA). It serves as the ultimate anchor of trust in the Public Key Infrastructure (PKI) for SSL/TLS connections. All other certificates in the ...
What does asymmetric encryption of gateway communication mean?
Asymmetric encryption, also known as public-key cryptography, is a cryptographic system that uses a pair of keys: a public key and a private key. In the context of gateway communication, it means that data exchanged between a gateway (e.g., an IoT ...
What is a VPN?
A VPN, or Virtual Private Network, is a technology that establishes a secure and encrypted connection over a less secure network, such as the internet. It allows users to send and receive data across public networks as if their computing devices were ...