diff --git a/README.rst b/README.rst index 94606630..9728cd82 100644 --- a/README.rst +++ b/README.rst @@ -189,12 +189,12 @@ Instructions for Contributors Development: `https://github.com/theupdateframework/tuf `_ -`Virtualenv `_ +`Virtualenv `_ is a tool to create isolated Python environments. It also includes ``pip`` and ``setuptools``, Python packages used to install TUF and its dependencies. All installation methods of virtualenv are outlined in the `installation -section `_ +section `_ and instructions for installing locally from source here: :: diff --git a/docs/tuf-spec.txt b/docs/tuf-spec.txt index 7abce4e8..0867dce5 100644 --- a/docs/tuf-spec.txt +++ b/docs/tuf-spec.txt @@ -39,7 +39,7 @@ Version 0.9 (http://www.geni.net/) (http://www.nsf.gov/) - TUF's Python implementation is based heavily on Thandy, the application + TUF's reference implementation is based heavily on Thandy, the application updater for Tor (http://www.torproject.org/). Its design and this spec are also largely based on Thandy's, with many parts being directly borrowed from Thandy. The Thandy spec can be found here: @@ -277,7 +277,7 @@ Version 0.9 To prevent an adversary from replaying an out-of-date signed metadata file whose signature has not yet expired, an automated process periodically signs - a timestamped statement containing the the hash of the snapshot file. Even + a timestamped statement containing the hash of the snapshot file. Even though this timestamp key must be kept online, the risk posed to clients by compromise of this key is minimal. @@ -428,11 +428,12 @@ Version 0.9 METHOD is the key signing method used to generate the signature. SIGNATURE is a signature of the canonical JSON form of ROLE. - The current Python implementation of TUF defines two signing methods, + The current reference implementation of TUF defines two signing methods, although TUF is not restricted to any particular key signing method, key type, or cryptographic library: "RSASSA-PSS" : RSA Probabilistic signature scheme with appendix. + The underlying hash function is SHA256. "ed25519" : Elliptic curve digital signature algorithm based on Twisted Edwards curves. @@ -954,9 +955,11 @@ Version 0.9 6.1. Key management and migration - All keys except the timestamp file signing key and the mirror list signing - key should be stored securely offline (e.g. encrypted and on a separate - machine, in special-purpose hardware, etc.). + All keys, except those for the timestamp and mirrors roles, should be + stored securely offline (e.g. encrypted and on a separate machine, in + special-purpose hardware, etc.). This document does not prescribe how keys + should be encrypted and stored, and so it is left to implementers of + this document to decide how best to secure them. To replace a compromised root key or any other top-level role key, the root role signs a new root.json file that lists the updated trusted keys for the diff --git a/examples/README.md b/examples/README.md new file mode 100644 index 00000000..220f4725 --- /dev/null +++ b/examples/README.md @@ -0,0 +1,12 @@ +This directory contains an example of a TUF repository, metadata, and key and +client files. + +## WARNING ## +These examples were last updated 2 years ago. We have since made changes to the +format of our metadata and key files, and will need to regenerate them so the +new tools can properly load them. We are currently working on a 1.0 release +that will make further tweaks to the format of metadata and key files, so these +examples will be modified once again. + +Note: The examples that are up-to-date and normally tested are located here: +https://github.com/theupdateframework/tuf/tree/develop/tests/repository_data/