The image signature policy criterion does not follow the naming conventions of the rest of the criteria, that is, either of:

1. "$attribute": the policy triggers a violation when $attribute is detected. For example, the "image name" field triggers a violation when an image with the specified name is detected. These fields often have a "negate" checkbox to achieve the opposite behavior (e.g. a negated "image name" field fires when an image does not have the specified name).
2. "required/disallowed $attribute": the policy triggers a violation when the attribute is not present or present. For example:
   • Required image label: triggers a violation for images that don't have the specified label
   • Disallowed image label: triggers a violation for images that have the specified label

Instead, the image signature field is named "image signature", which could be confusing even to experienced ACS users: the wording seems to follow convention 1) above, but it actually triggers when the image is not signed.

In order to follow 1) properly, it should fire when images are signed and provide an option to negate the behavior. However this is not possible, because the image signature field only supports firing on unsigned images. That option is also unlikely to be useful: it is reasonable to expect that users want to be notified when images are not signed.

Therefore the image signature field should follow the "required/disallowed" semantics, and be changed to "require image signature".