Open gal-legit opened 1 year ago
Thank you for providing this feedback.
Since Notation v1.0.0 RC.1, digest will be used to sign by default. If users are using a tag, Notation will automatically resolve tag to digest then sign it. See https://notaryproject.dev/docs/quickstart/
@gal-legit Thanks for the suggestions. With notation v1.0.0 rc.1, there is a warning message to the users when they use tag
instead of digest
for notation sign
and notation verify
commands. The CLI specs and quick-start were also updated to emphasis it. Let us know anything else we could improve.
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.
As demonstrated in this blog post, signing and verifying container images using tags is insecure. The blog post demonstrates the issue using cosign, but the same principles apply using Notary.
Problem
The following race condition illustrates the problem:
The same logic applies to the verification, although the attacker needs to have more precise timing since continuous push would cause the verification to fail:
Solution
To solve the issue, we need to extract the digest from
docker push
, e.g.:similarly, we would take the digest from the output of
notation verify
and use it to run the docker.Action Items: