BastionZero and Docker Unveil OpenPubkey Integration to Enhance Software Supply Chain Security at DockerCon 2023

Cryptographic protocol and Linux Foundation hosted open source project selected to amplify container security with zero trust passwordless authentication

BOSTON, Oct. 04, 2023 (GLOBE NEWSWIRE) -- BastionZero, the cybersecurity company redefining zero trust access to cloud infrastructure, today announced the integration of their cryptographic protocol OpenPubkey for Docker container signing. As part of this new collaboration, BastionZero and Docker officially launched OpenPubkey as an open source project under the Linux Foundation.

The OpenPubkey protocol was developed by BastionZero’s Ph.D. cryptographers and engineers as the identity layer of the protocol that powers its infrastructure access product. It enables users to securely and accurately bind cryptographic keys to users by turning an OpenID Connect Identity provider (IdP) into a Certificate Authority (CA). With the rollout of this integration, Docker users can enhance software supply chain security.

“We introduced OpenPubkey as its own standalone protocol to address one of the most fundamental problems in cryptography: key distribution,” said Ethan Heilman, co-founder and CTO, BastionZero. “We are excited to partner with Docker to offer its community of software developers and open source contributors a simple and convenient way for users, service accounts, machines or workloads to create secure digital signatures using their identity.”

With OpenPubkey, any IdP that supports OIDC can bind user identities to user-held signing keys. Integrating OpenPubkey as a fundamental component to Docker Hub will enable developers to securely sign container images without the need for hosting or managing a certificate authority.

“The Docker team has been exploring OIDC technologies for a while, which is why we were quick to realize the full potential of BastionZero’s OpenPubkey protocol,” said Justin Cormack, CTO, Docker. “The ability to easily build and extend OpenPubkey across various use cases will help address technical issues across hundreds of thousands of containers in Docker Hub. We are excited to collaborate with the BastionZero team to bring this work to the broader community under the Linux Foundation.”

To learn more about leveraging this innovative protocol to secure your applications, check out the OpenPubkey paper or contact one of BastionZero’s OpenPubkey experts here.

About BastionZero
BastionZero provides simple passwordless access to Kubernetes, server, web and database infrastructure. It pairs with your IdP to quickly grant access with policy controls and observability — without a mess of passwords, VPNs and SSH keys. Learn more about BastionZero at and follow the company on LinkedIn and X for the latest innovations in zero trust.

About Docker
Docker helps millions of developers efficiently and collaboratively build, share and run applications. The Docker collaborative application development platform provides developers with an unmatched experience for an integrated, reliable and secure workflow that accelerates app delivery from code to the cloud. Through a combination of the world’s largest marketplace of trusted content and integrations with leading tools, Docker allows teams to rapidly create modern applications. For more information, visit

Media Contact:
Liesse Jayalath