Binary Authorization now supports asymmetric PKIX key pairs to verify the identity of attestors

## Feature Binary Authorization now supports asymmetric PKIX key pairs to verify the identity of attestors. The asymmetric key pairs generated and stored in Cloud Key Management Service are compliant with the PKIX format. You set up PKIX keys when you create an attestor using the [Google Cloud Platform Console](https://cloud.google.com/binary-authorization/docs/creating-attestors-console) or the [CLI](https://cloud.google.com/binary-authorization/docs/creating-attestors-cli). ## Feature Binary Authorization now supports [global policy evaluation mode](https://cloud.google.com/binary-authorization/docs/key-concepts#global%5Fpolicy%5Fevaluation%5Fmode). ## Feature Binary Authorization now supports dryrun mode. Dryrun mode is a policy setting that allows non-conformant images to be deployed, but writes details about the policy violation and deployment to the audit log. Dryrun mode allows you to test a policy in your production environment before it goes into effect. You can enable dryrun mode when you configure your policy using the [Google Cloud Platform Console](https://cloud.google.com/binary-authorization/docs/configuring-policy-console) or the [CLI](https://cloud.google.com/binary-authorization/docs/configuring-policy-cli).