Delegations for content trust (Engine)

Delegations for content trust

Docker Engine supports the usage of the targets/releases delegation as the canonical source of a trusted image tag.

Using this delegation allows you to collaborate with other publishers without sharing your repository key (a combination of your targets and snapshot keys - please see “Manage keys for content trust” for more information). A collaborator can keep their own delegation key private.

The targets/releases delegation is currently an optional feature - in order to set up delegations, you must use the Notary CLI:

  1. Download the client and ensure that it is available on your path

  2. Create a configuration file at ~/.notary/config.json with the followi