Add ec documentation

Signed-off-by: Manuel Lorenzo <mlorenzofr@redhat.com>

Author: mlorenzofr

content/patterns/layered-zero-trust/lzt-secure-supply-chain.adoc

@@ -446,15 +446,6 @@ This following commands illustrates the process for obtaining the token when usi
 
 .Procedure
 
-. Get the OIDC Issuer URL from Keycloak and set the token URL:
-+
-[source,terminal]
-----
-# Get the OIDC Issuer URL from Keycloak route
-$ export OIDC_ISSUER_URL="https://$(oc get route -n keycloak-system -l app=keycloak -o jsonpath='{.items[0].spec.host}')/realms/ztvp"
-$ export OIDC_TOKEN_URL="${OIDC_ISSUER_URL}/protocol/openid-connect/token"
-----
-
 . Obtain the client secret for the RHTPA OIDC client:
 +
 [source,terminal]
@@ -521,7 +512,8 @@ image::/images/layered-zero-trust/rhtpa-web-ui.png[RHTPA Web UI]
 [id="validate-sbom"]
 == Validating the SBOM
 
-To verify the integrity and provenance of the SBOM file, specifically confirming that its signature originates from a trusted source and was securely generated, use the `ec` tool.
+To verify the integrity and provenance of the SBOM file, specifically confirming that its signature originates from a trusted source and was securely generated, use the `ec` tool. Beyond the verification of attestation and container signatures, Enterprise Contract (`ec`) offers additional capabilities for monitoring supply chain security. Comprehensive details are available within link:https://docs.redhat.com/en/documentation/red_hat_trusted_artifact_signer/1.3/html-single/deployment_guide/index#verifying-signatures-on-container-images-with-conforma-openshift_deploy[Red{nbsp}Hat Trusted Artifact Signer Deployment Guide].
+
 
 You can install the `ec` tool by directly downloading it from the `cli-server` pod.