The Notary project comprises a server and a client for running and interacting with trusted collections.

What is Notary?

Notary is a set of tools that helps you sign, store, and verify OCI artifacts using OCI-conformant registries.

Why use Notary?

  • Sign, store, and verify any OCI artifact, including container images
  • Signing and verifying uses public/private key verification
  • Signing does not change the @digest or artifact:tag reference
  • Signatures are portable across OCI-conformant registries
  • Support for multiple signatures
  • Designed to support multiple development flows

Notary Project is a CNCF incubating project