Look into the update framework for delivering updates securely

[kirtangajjar]

From readme of The Update Framework,

The Update Framework (TUF) helps developers maintain the security of a software update system, even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.

TUF is hosted by the Linux Foundation as part of the Cloud Native Computing Foundation (CNCF) and is used in production by companies such as Docker, DigitalOcean, Flynn, LEAP, Kolide, Cloudflare, and VMware.

It says it provides a secure framework that anyone can adopt into their software update system. Since EE is mostly used on servers and security is something we take very seriously, we should investigate this framework, Check if it's beneficial and if it's worth the effort we put in.