python-tuf icon indicating copy to clipboard operation
python-tuf copied to clipboard

Published 20 hours ago verified publisher icon theupdateframework

doc: consider re-adding python-tuf attack protection demo

Open lukpueh opened this issue 3 years ago • 1 comments

Description of issue or feature request: #1790 removes severely outdated ATTACKS.md, which demoed how python-tuf protects against the attacks TUF is designed for.

Such documentation, if up-to-date, still seems like a good source for better understanding the purpose and necessity of TUF and thus should be re-added.

Current behavior:

  • no attack protection demo

Expected behavior:

  • add attack protection demo for ngclient (potential source of inspiration: https://github.com/theupdateframework/python-tuf/issues/1640)

lukpueh avatar Jan 26 '22 09:01 lukpueh

Adding suggestion from duplicate closed #360:

This metadata [required to demonstrate the attacks] can be fed to other implementations to verify that they correctly handle these attacks

lukpueh avatar Feb 23 '22 14:02 lukpueh