Add note about `ImageID` to the `config` section of `manifest.md`

[tianon]

The config digest is used by a number of popular runtimes/orchestrators as an identifier for an image with an amount of assumed uniqueness.

[sudo-bmitch]

If I understood correctly, this requirement for Container images is related to making sure that the configuration in mediaType.config applied matches the layers that were set up in the for the container on the file system exactly. Otherwise you could potentially apply the wrong configuration to the wrong image and _do bad things_tm.

The bad things people worry about are runtimes improperly deduping images. So you may have a config for v1.2 of a WASM image being deployed by a WASM capable runtime, and try to upgrade it to v1.3 and the runtime would respond that it already has that image id and keep running the v1.2 WASM application.

That could also be used maliciously by those that want to poison the cache and potentially access data they shouldn't have access to, by creating a WASM app with a configuration matching a well known trusted image. If the malicious image is pulled first, for testing in an untrusted sandbox, and the trusted image is later requested to run with secure data, the malicious image would be run with access to the secure data.

[jsturtevant]

Thanks! Two follow up questions:

• Since this could be a security concern and the current runtimes do in fact rely on this should this be a MUST instead of recommendation?
• My understand was that this was a leftover from earlier days before the config was content addressable. Should this be encoded in the spec for backwards compatibility or is there a better way to represent the unique image that the spec should point to so that newer runtimes don't need to use the config as the unique Image ID?

[tianon]

Hah, https://github.com/opencontainers/image-spec/issues/743 is very related 🚀