Jussi Kukkonen
Jussi Kukkonen
Are you aware of SigningConfig that was recently added to protobuf specs: https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_trustroot.proto#L150 SigningConfig seems to be solving parts of this (_"how can the user configure half a dozen urls?...
Once there's a review here, I will change the expected test names (currently the expectation is `Tests (3.12, ...)` but I changed the name to `Tests (3.x, ...)` since we...
> * `str | None` instead of `Optional[str]` Actually this might be in 3.10 only -- if that is true then we don't want to change it yet
You mention TOFU but it's a little unclear how the client reacts when top level repository changes the "initial sub-repo metadata". Assume client has cached earlier sub-repo metadata and the...
> For each sub-repo, verify that its cached sub-repo initial root metadata remains valid This is currently not part of the spec but I believe it would be a good...
I meant that I don't understand what the advantage of TAP-21 in general is for the "signers are repository automation" case. Compare to a setup where there are no sub-repos...
>> Compare to a setup where there are no sub-repos and the top-level TUF repo only contains a set of public keys as artifacts (no project indexes or packages are...
> For example, TUF mitigates against endless data attacks by including the size of downloaded files within TUF metadata. Sure but this pretty much a form of DOS which the...
> TAP-21 preserves all but a handful of the protections afforded by TUF. The TUF ["security model" ](https://theupdateframework.io/docs/security/) refers to an idealized repository that we've found out does not usually...
Are you sure the timeout implementation is useful at all? https://pkg.go.dev/net/http#Client: ``` // Timeout specifies a time limit for requests made by this // Client. The timeout includes connection time,...