heartsucker

I think this is reasonable, but we already have a lot of PRs open for restructuring. You can submit one, but there might be a lot of rebasing. Idk if...

Hey guys. I'm just jumping in on this to point out that we are experiencing headaches of sorts with canonical JSON too. From the TUF spec (emphasis mine): > 4.1....

From the looks of it, a TUF usable implementation wouldn't work with JWS since you just concatenate (simplification) `b64(payload) || '.' || b64(sig_value)`. The sig isn't structured, and whatever the...

Yeah, unfortunately this doesn't address backwards compatibility, but that's what major version changes are for. :)

I'd just like to point out that technically TUF doesn't follow it's own spec in that when JSON is parsed it uses this https://github.com/secure-systems-lab/securesystemslib/blob/master/securesystemslib/util.py#L844 And that just does `json.load` which...

What I mean is that function is used in the `tuf.client.Updater._get_metadata_file` when it loads metadata. It is treating the loaded metadata as JSON and not as CJSON which means that...

@vladimir-v-diaz Ok, yes I see what you mean now. My mistake. I guess I was going down the wrong path because I couldn't calculate the same key IDs that are...

Hey, sorry about the long delay here. I haven't been attentive enough to my FOSS stuff. Is there a reason for adding this? I do you have a description of...

Heya. I think what's happening is one of your variables that's being picked up from `package.json` includes a `\n` somewhere and that's breaking `sed`. Have been meaning to move this...

This is a good suggestion. If this is something you would like to add by doing something the following, I would merge it in. ```bash if hash dh_sysuser > /dev/null;...