Update README.md

README.md

@@ -4,21 +4,30 @@ Call Theory public keys for verification of signed containers from our container
 
 ## Call Theory SSH Public Key
 
+Add to your `authorized_keys` file for the SSH user Call Theory uses to access your server(s).
+
 - [calltheory.pub](calltheory.pub)
 
-> Add to your `authorized_keys` file for the 
+---
 
-## Verifying Calltheory container images
+## Call Theory Container Registry
 
-All images published to `cr.calltheory.com/orbital/*` are signed with Cosign.
+All images published to `cr.calltheory.com/orbital/*` are signed with [cosign](https://github.com/sigstore/cosign).
 
 ### Install cosign
 
-```bash
-curl -sSL -o /usr/local/bin/cosign \
-    https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64
-chmod +x /usr/local/bin/cosign
-```
+> You will need to install `cosign` first to validate our signed containers. More information can be found [here](https://github.com/sigstore/cosign).
+
+### Login to the Call Theory container registery
+
+Run `podman login cr.calltheory.com` (or `docker login cr.calltheory.com`) before trying to verify the signature on our containers.
+
+We will create and share a *"robot"* account with you for access:
+
+- Container registery username: `calltheory$orbital+yourcompany`
+- Container registery password: `<redacted>`
+
+Once you have logged in, you can verify signatures using [cosign.pub](cosign.pub), our public key.
 
 ### Get the public key