...
1. OPNFV generates the key pairs for each release
2. dovetail Dovetail uses this key to and hash value of the dovetail tool to build a binary signature tool
3. dovetail generates a digest for both dovetail tool and report, then combine two digests into oneUsers begin to run the dovetail tool, the dovetail tool will generate the report in memory, and then use the signature tool to check the integrity of dovetail tool, then sign the final digestreport
4. dovetail Dovetail tool saves the report to a report file
5. Users then can upload report and signature to reviewthe reviewer
6. Reviewer can get a public key from OPNFV to extract digest from signature
7. Then reviewer can validate the integrity of dovetail tool and the report
.png?version=1&modificationDate=1484879859000&cacheVersion=1&api=v2)
.png?version=2&modificationDate=1484901671000&cacheVersion=1&api=v2)