Providing more examples how the provenance docs look like in various scenarios will be helpful to understand the proposal better. Right now, it is not clear what provenance information will be added for externally imported images and for images that are built internally. Also, how will confidential information be handled in the provenance.