The problem is right now we have millions of software updates every day across containers, but we have not had a standard way to validate the integrity and authenticity of those applications,” Diogo Mónica, security lead for Docker, told eWEEK.
“So we really had to find a solution that is easy for developers while still working on any type of infrastructure. “Once you enable Content Trust in Docker 1.8.0, you’re in a golden world where every operation that you do in Docker is a trusted operation,” Monica said. “So all operations only work with trusted content.” Trusted content is content that is digitally signed by the developer to provide a degree of authenticity and ownership.