CNCF Adds Notary, The Update Framework to Boost Container Security

The Cloud Native Computing Foundation (CNCF) on Oct. 24 announced that it was expanding its project roster with the addition of the the Notary container trust project and The Update Framework (TUF) security effort.

The Notary project was originally developed by Docker and provides a content signing framework to help verify the cryptographic integrity of a container application image. Notary makes use of The Update Framework (TUF) which is a specification for enabling secure software updates.