policy-controller icon indicating copy to clipboard operation
policy-controller copied to clipboard
verified publisher icon sigstore

Implement a TUF cache for TrustRoot

Open vaikas opened this issue 3 years ago • 0 comments

Description

As described here: https://docs.google.com/document/d/1QWBvpwYxOy9njAmd8vpizNQpPti9rd5ugVhji0r3T4c/edit#

in Design section 4.

SHOULD define a non-volatile local storage to allow for caching metadata and target files. Otherwise, MAY implement a local TUF cache in-memory; this option prevents protection from rollback attacks.

TrustRoot currently implements a local TUF cache in memory. We should consider keeping this state in the Status for a given TrustRoot (or some other suitable location, but that seems like a good place to have it).

vaikas avatar Jan 05 '23 08:01 vaikas