With the YubiKey 4, Docker users can digitally sign code during initial development and through subsequent updates to ensure the integrity of the Dockerized applications and guard against malware or other nefarious attacks.
This capability is the first hardware signing key to provide content integrity for containers that are part of Docker Content Trust, and it enables secure software lifecycle development for Docker developers, sysadmins, and third-party ISVs.
Use your YubiKey with the world’s first touch-to-sign code signing system. With a single touch, verify user presence and digitally sign code with the YubiKey 4, using a private root key stored on the YubiKey. Now, during initial development and continuing through subsequent updates, you can ensure the integrity of the Dockerized application as it goes through the application pipeline.