Re: #6230: sign our docker images

#6230: sign our docker images --------------------------+----------------------- Reporter: mattdm | Owner: rel-eng@… Type: enhancement | Status: new Milestone: | Component: other Resolution: | Keywords: Blocked By: | Blocking: --------------------------+----------------------- Comment (by maxamillion): I'm relatively certain that the signing has to be done by Docker Hub because they are the distribution layer and it looks as though this is already done: {{{ $ docker pull fedora Using default tag: latest Trying to pull repository docker.io/library/fedora ... latest: Pulling from library/fedora 48ecf305d2cf: Pull complete ded7cd95e059: Pull complete library/fedora:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security. Digest: sha256:49ae2d6d0b51f713a18db1c0da9fb1b5c94e92eb43cd712ba09028161ea22880 Status: Downloaded newer image for docker.io/fedora:latest }}} -- Ticket URL: <https://fedorahosted.org/rel-eng/ticket/6230#comment:1> Fedora Release Engineering <http://fedorahosted.org/rel-eng> Release Engineering for the Fedora Project