| Responding to your edit: Notary, the underlying project that implements Docker's Content Trust feature, is an implementation of The Update Framework (TUF). Generally, you want a software update system to deal with a whole host of issues. Just solving "is this content signed" actually achieves very little. Survivable key compromise, freshness guarantees, resilience against mix-and-match attacks are all critical to building a system that actually meets real-world use cases and attacks. Threshold signing and signing delegation are additional features that you get when using TUF, which help with splitting the ability to sign across multiple individuals or systems. You seem to be interested in this topic. I recommend you read a couple of papers to get some more background on why TUF exists and what problems it solves. A key point would be to understand why TUF deals with signed collections of software instead of just individual signed objects. Start here to get an overview of The Update Framework: 1. Overview: https://theupdateframework.github.io/ 2. Specification: https://github.com/theupdateframework/tuf/blob/develop/docs/... Existing package managers and their shortcomings are covered in these two papers: 1. https://isis.poly.edu/~jcappos/papers/cappos_pmsec_tr08-02.p... 2. https://isis.poly.edu/~jcappos/papers/cappos_mirror_ccs_08.p... |