[alexktz]

Docker as the default librarian of images due to the root namespace hijack in docker clients has a duty of care to maintain trust. A policy of preventing namespace reuse for 1 year before recycling should give time to prevent poisoned images squatting on popular handles.

[verdverm]

It has to be a never type of deal, people use images way older than a year, especially the ones most likely to be hit by poisoning