iirc there's a setting to allow docker to trust and use http registries
i set it up a few years ago for my homelab
Which makes me think that I have never heard of signed images/artefacts
Which makes me think that I have never heard of signed images/artefacts