...
Users do not need to know or learn any details about this procedure.
How:
1. proposal for authenticating of final report :
a. OPNFV generates the key pairs for each release
b. Dovetail uses this key and hash value of the dovetail tool to build a binary signature tool
c. Users begin to run the dovetail tool, the dovetail tool will generate the report in memory, and then use the signature tool to check the integrity of dovetail tool, then sign the report
d. Dovetail tool saves the report to a report file
e. Users then can upload report and signature to the reviewer
f. Reviewer can get a public key from OPNFV to extract digest from signature
g. Then reviewer can validate the integrity of the report
2. proposal for container security:
Temporary test results in container can be modified as well, we can improve this by following:
...