@@ -49,6 +49,8 @@ by the `docker` command line:

   unsuitable for Docker.

 * `DOCKER_RAMDISK` If set this will disable 'pivot_root'.

 * `DOCKER_TLS_VERIFY` When set Docker uses TLS and verifies the remote.

+* `DOCKER_TRUST` When set Docker uses notary to sign and verify images.

+  Equates to `--untrusted=false` for build, create, pull, push, run.

 * `DOCKER_TMPDIR` Location for temporary Docker files.

 Because Docker is developed using 'Go', you can also use any environment

@@ -61,6 +61,7 @@ Creates a new container.

       --restart="no"             Restart policy (no, on-failure[:max-retry], always)

       --security-opt=[]          Security options

       -t, --tty=false            Allocate a pseudo-TTY

+      --untrusted=true           Skip image verification

       -u, --user=""              Username or UID

       --ulimit=[]                Ulimit options

       --uts=""                   UTS namespace to use

@@ -16,6 +16,7 @@ weight=1

     Pull an image or a repository from the registry

       -a, --all-tags=false    Download all tagged images in the repository

+      --untrusted=true        Skip image verification

 Most of your images will be created on top of a base image from the

 [Docker Hub](https://hub.docker.com) registry.

@@ -15,5 +15,7 @@ weight=1

     Push an image or a repository to the registry

+    --untrusted=true           Skip image signing

+

 Use `docker push` to share your images to the [Docker Hub](https://hub.docker.com)

 registry or to a self-hosted one.

@@ -65,6 +65,7 @@ weight=1

       -t, --tty=false            Allocate a pseudo-TTY

       -u, --user=""              Username or UID (format: <name|uid>[:<group|gid>])

       --ulimit=[]                Ulimit options

+      --untrusted=true           Skip image verification

       --uts=""                   UTS namespace to use

       -v, --volume=[]            Bind mount a volume

       --volumes-from=[]          Mount volumes from the specified container(s)