We should add a way for our users to be able to sign their image with at least 2 different keys to allow migrating from one key to another. This would be useful for instances where a key leaked and a new key needs to be created, but allow users of an image to migrate to the new key without having to rebase to an unsigned image.
There would need to be a way to denote the new key vs the old one to keep signing setup properly during the key transition.
We should add a way for our users to be able to sign their image with at least 2 different keys to allow migrating from one key to another. This would be useful for instances where a key leaked and a new key needs to be created, but allow users of an image to migrate to the new key without having to rebase to an unsigned image.
There would need to be a way to denote the new key vs the old one to keep signing setup properly during the key transition.