|
|
|
|
|
|
by anonymuse
3161 days ago
|
|
|
More details on the proposal and discussion can be found in the merged pull request here: https://github.com/cncf/toc/pull/38 and the voting here, in case you'd like to see into the decision making process that went into this: https://lists.cncf.io/pipermail/cncf-toc/2017-October/001309... There also a very interesting sub-discussion about bundling Notary and TUF together, an what the implications are for pairing image signing and package signing into a single request. While TUF can be seen as a next gen tool for signing groups of digital content, it's relationship at this point to Notary is yet to be solidified. |
|
|