Docker 1.3 was released on the 16th of October and top of the announcements was a “tech preview” of digital signature verification. In this post, we’ll have a look at what this means and why it’s needed. To date, most of the security discussion around containers has centred around how “contained” they are; can a malicious user break out of a container and gain access to the host? Whilst undoubtedly important, it has overshadowed another concern – why should I …