certificate pinning – How to pin public root key when downloading an image with docker pull (Docker Content Trust)?


How can I execute docker pull (with Docker Content Trust enabled) such that it fails if the image doesn’t have a valid signature using the private key corresponding to (or subordinate to) the public key that I provide?

I just discovered that, in fact, DCT silently and dumbly downloads and trusts (TOFU) the root key when downloading an image for the first time.

My application for docker is a CI process that will use the debian:stable-latest docker image to build my application’s releases in ephemeral cloud instances. Because the server used to build my application is ephemeral, DCT literally provides me zero security and it will be vulnerable to a MITM of the docker image payload on every execution of my build process.

Therefore, it’s critical that I pin the public root key used by Debian to sign their docker images. So the questions are:

  1. How do I download the public root key used by Debian to sign their docker images and
  2. How do I tell docker pull to use the above key and fail if the image doesn’t contain a valid signature from that key or a key that’s downchain from the supplied root key?