[thu]

I think this is because they regard the tar'd layers as a transport mechanism, not as the signed payload itself.

[justincormack]

Yes that makes sense, as tar is not fully deterministic, so untar and retar might give a different checksum on the same files (eg ordering). However it is generally better to keep the same bits people signed regardless.

[thu]

Maybe you could use the Git packfile format; this is a self-contained compressed Merkle-tree. If you ever need to reconstruct deterministically the tar from that, you can use something like pristine-tar[0].

[0]: https://joeyh.name/code/pristine-tar/

[thaJeztah]

Sounds interesting. Perhaps you should create a proposal for that on the docker issue tracker, so that it can be discussed as a possible alternative?