Update container-registry-tutorial-sign-trusted-ca.md

Author: FeynmanZhou

articles/container-registry/container-registry-tutorial-sign-trusted-ca.md

@@ -15,7 +15,7 @@ Signing and verifying container images with a certificate issued by a trusted Ce
 
 Here are some essential components that help you to sign and verify container images with a certificate issued by a trusted CA:
 
-* The [Notation](https://github.com/notaryproject/notation) is an open-source supply chain tool developed by [Notary Project](https://notaryproject.dev/), which supports signing and verifying container images and other artifacts.
+* The [Notation](https://github.com/notaryproject/notation) is an open-source supply chain security tool developed by [Notary Project community](https://notaryproject.dev/) and backed by Microsoft, which supports signing and verifying container images and other artifacts.
 * The Azure Key Vault (AKV), a cloud-based service for managing cryptographic keys, secrets, and certificates will help you ensure to securely store and manage a certificate with a signing key.
 * The [Notation AKV plugin azure-kv](https://github.com/Azure/notation-azure-kv), the extension of Notation uses the keys stored in Azure Key Vault for signing and verifying the digital signatures of container images and artifacts.
 * The Azure Container Registry (ACR) allows you to attach these signatures to the signed image and helps you to store and manage these container images.
@@ -53,17 +53,17 @@ In this article:
     cp ./notation /usr/local/bin
     ```
 
-2. Install the Notation Azure Key Vault plugin `azure-kv` v1.1.0 on a Linux amd64 environment.
+2. Install the Notation Azure Key Vault plugin `azure-kv` v1.2.0 on a Linux amd64 environment.
 
     > [!NOTE]
     > The URL and SHA256 checksum for the Notation Azure Key Vault plugin can be found on the plugin's [release page](https://github.com/Azure/notation-azure-kv/releases).
 
     ```bash
-    notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.1.0/notation-azure-kv_1.1.0_linux_amd64.tar.gz --sha256sum 2fc959bf850275246b044203609202329d015005574fabbf3e6393345e49b884
+    notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.2.0/notation-azure-kv_1.2.0_linux_amd64.tar.gz --sha256sum 06bb5198af31ce11b08c4557ae4c2cbfb09878dfa6b637b7407ebc2d57b87b34
     ```
 
-3. List the available plugins and confirm that the `azure-kv` plugin with version `1.1.0` is included in the list.
-    
+3. List the available plugins and confirm that the `azure-kv` plugin with version `1.2.0` is included in the list. 
+
     ```bash
     notation plugin ls
     ```
@@ -394,6 +394,14 @@ To learn more about assigning policy to a principal, see [Assign Access Policy](
 
 ## Next steps
 
-See [Use Image Integrity to validate signed images before deploying them to your Azure Kubernetes Service (AKS) clusters (Preview)](/azure/aks/image-integrity?tabs=azure-cli) and [Ratify on Azure](https://ratify.dev/docs/1.0/quickstarts/ratify-on-azure/) to get started into verifying and auditing signed images before deploying them on AKS.
+Notation also provides CI/CD solutions on Azure Pipeline and GitHub Actions Workflow:
+
+- [Sign and verify a container image with Notation in Azure Pipeline](/azure/security/container-secure-supply-chain/articles/notation-ado-task-sign)
+- [Sign and verify a container image with Notation in GitHub Actions Workflow](https://github.com/marketplace/actions/notation-actions)
+
+To validate signed image deployment in AKS or Kubernetes:
+
+- [Use Image Integrity to validate signed images before deploying them to your Azure Kubernetes Service (AKS) clusters (Preview)](/azure/aks/image-integrity?tabs=azure-cli)
+- [Use Ratify to validate and audit image deployment in any Kubernetes cluster](https://ratify.dev/)
 
 [terms-of-use]: https://azure.microsoft.com/support/legal/preview-supplemental-terms/