Skip to main content

Notary

Notary is an open-source project for cryptographically signing and verifying content, primarily container images and other software artifacts, to provide trust and integrity guarantees in software distribution (software supply chain security).

  • Content signing and verification for container images and other artifacts (software supply chain security).
  • Uses The Update Framework (TUF) for delegating trust and managing signing and verification metadata (security framework).
  • Supports key management workflows, including root and delegated keys, for controlled signing responsibilities (key management).
  • Integrates with container registries to distribute signed metadata alongside artifacts (container infrastructure).
  • Enables policy-driven verification in deployment pipelines and runtime environments (DevSecOps / Continuous Integration and Continuous Deployment (CI/CD) security).

More About Notary

Notary is an open-source project that implements a system for signing and verifying content, with an initial focus on container images and related software artifacts (software supply chain security). It addresses the problem of establishing trust in distributed software by allowing publishers to sign artifacts and consumers to verify their origin and integrity before use. This is relevant in environments where artifacts traverse multiple registries, caches, and delivery paths, and where operators need a verifiable chain of trust.

At its core, Notary builds on The Update Framework, or TUF (security framework), to model trust delegation, key rotation, and compromise recovery. TUF defines roles, metadata, and cryptographic operations for securing software update systems. Notary implements these concepts for artifact distribution, enabling a separation of root keys, targets keys, and delegated keys. This design supports controlled delegation of signing responsibilities and allows organizations to rotate keys and recover from compromise without replacing all distributed artifacts.

Notary provides server and client components (content signing infrastructure). The server stores TUF metadata, including signed information about targets such as container images or other files, and exposes APIs for publishing and retrieving this metadata. The client tooling interacts with the server to create, sign, and fetch metadata, and to verify content before it is pulled or deployed. Through these components, Notary integrates into artifact publishing workflows, including container image build and push processes.

In enterprise environments, Notary is used with container registries and orchestration platforms (container infrastructure). Organizations can configure build pipelines to sign images as they are produced, and configure deployment systems to verify signatures before running workloads. This supports compliance, provenance tracking, and policy enforcement in CI/CD pipelines (DevSecOps). Operators can define which keys or delegations are trusted and ensure that only content signed by authorized parties is admitted into clusters or other runtime environments.

Notary’s use of TUF enables interoperability with other TUF-based systems at the conceptual level, sharing the same metadata roles and verification model (security framework). While Notary implementation details are specific to its ecosystem, the alignment with TUF allows security teams to reason about risk management patterns such as threshold signatures, offline root keys, and staged key rotation. The project fits into enterprise taxonomies in categories such as software supply chain security, content signing infrastructure, and container platform security.

From an operational perspective, Notary introduces a dedicated trust service that is separate from image storage, which allows organizations to manage trust metadata independently from artifact data (security architecture). This separation supports structured access control on signing keys and metadata publication, and it allows organizations to centralize or segment trust authorities according to organizational boundaries. As a result, Notary provides a framework for building verifiable software distribution processes in containerized and cloud-native environments.