specification
specification copied to clipboard
theupdateframework
The Update Framework specification
In the [current](https://github.com/theupdateframework/specification/blob/fd85a8a12403435d84e202ea8790eb4abad4559d/tuf-spec.md#5-detailed-workflows) version of the spec, we say: > 5.5.6.2.1. If the current delegation is a multi-role delegation, recursively visit each role, and check that each has signed exactly...
It could be useful to allow for some slack in metadata expiration time during the client update workflow; for example to help ameliorate the impact of issues such as NTP...
The TUF spec is written in a prose form, especially the update workflow. One of the challenges with this that we have duplicated paragraphs that describe essentially the same thing....
Should the TUF update workflow eventually succeed even if non-volatile storage writes always fails?
In https://github.com/heartsucker/rust-tuf/pull/304, I'm extending rust-tuf to fail an update if writing to non-volatile storage fails. However, in https://github.com/heartsucker/rust-tuf/pull/304/files#r512292123, @wellsie1116 noticed an odd consequence to the update workflow, where even though...
While TUF protects against a malicious server tricking a client into rolling back metadata (especially if we can land #106), it doesn't have any protections against an attacker who has...
Do unofficial/non-blessed downstream mirrors need to do anything special in order to mirror TUF repos? I should read the spec more closely,but guidance on how and whether this should be...
On Fuchsia, we are using TUF not only to fetch new packages, but also as a file system implementation to launch packages (see [this](https://fuchsia.dev/fuchsia-src/concepts/packages/package_url) for more details). For a long...
I am currently doing some exploration into how clients should handle interrupted, partially successful updates. For example, say we have a client that has a local cached copy of valid...
The specification alludes to various concepts that aren't described in detail when they are mentioned. Organisationally this makes sense, to ensure the specification is tractable for implementation. However, understanding those...
The specification should provide recommendations about upload access to TUF repositories. An uploader should only be trusted to upload images that have been delegated to them, and in most cases...
