From 8a38a1897cc4ce8c41415a2cdbac7e3fc366a3fa Mon Sep 17 00:00:00 2001 From: dachshund Date: Sun, 8 Sep 2013 12:11:40 -0400 Subject: [PATCH] Update README to look better on GitHub. Read on for more on 9ff22ddd4e. About 9ff22ddd4e: I was teaching a class of students about using GitHub, and wanted to show that cloning a Git repository off an HTTPS url would not give the cloner write permissions. Unfortunately, I had cloned off the SSH url and was able to push my example modifications without failure. --- README.md | 37 +++++++++++++++++++++++++++++++++++++ README.txt | 40 ---------------------------------------- 2 files changed, 37 insertions(+), 40 deletions(-) create mode 100644 README.md delete mode 100644 README.txt diff --git a/README.md b/README.md new file mode 100644 index 00000000..87f96f42 --- /dev/null +++ b/README.md @@ -0,0 +1,37 @@ +# A Framework for Securing Software Update Systems + +TUF (The Update Framework) helps developers secure their new or existing +software update systems. Software update systems are vulnerable to many known +attacks, including those that can result in clients being compromised or +crashed. TUF helps solve this problem by providing a flexible security +framework that can be added to software updaters. + +# What Is a Software Update System? + +Generally, a software update system is an application (or part of an +application) running on a client system that obtains and installs software. +This can include updates to software that is already installed or even +completely new software. + +Three major classes of software update systems are: + +* Application Updaters - which are used by applications use to update +themselves. For example, Firefox updates itself through its own application +updater. + +* Library Package Managers - such as those offered by many programming +languages for installing additional libraries. These are systems such as +Python's pip/easy_install + PyPI, Perl's CPAN, Ruby's Gems, and PHP's PEAR. + +* System Package Managers - used by operating systems to update and install all +of the software on a client system. Debian's APT, Red Hat's YUM, and openSUSE's +YaST are examples of these. + +# Our Approach + +There are literally thousands of different software update systems in common +use today. (In fact the average Windows user has about two dozen different +software updaters on their machine!) + +We are building a library that can be universally (and in most cases +transparently) used to secure software update systems. diff --git a/README.txt b/README.txt deleted file mode 100644 index 953720f9..00000000 --- a/README.txt +++ /dev/null @@ -1,40 +0,0 @@ -A Framework for Securing Software Update Systems ------------------------------------------------- - -TUF (The Update Framework) helps developers secure their new or existing -software update systems. Software update systems are vulnerable to many known -attacks, including those that can result in clients being compromised or crashed. -TUF helps solve this problem by providing a flexible security framework that can -be added to software updaters. - - -What Is a Software Update System? ---------------------------------- - -Generally, a software update system is an application (or part of an application) -running on a client system that obtains and installs software. This can include -updates to software that is already installed or even completely new software. - -Three major classes of software update systems are: - -Application Updaters - which are used by applications use to update themselves. -For example, Firefox updates itself through its own application updater. - -Library Package Managers - such as those offered by many programming languages -for installing additional libraries. These are systems such as Python's -pip/easy_install + PyPI, Perl's CPAN, Ruby's Gems, and PHP's PEAR. - -System Package Managers - used by operating systems to update and install all of -the software on a client system. Debian's APT, Red Hat's YUM, and openSUSE's -YaST are examples of these. - - -Our Approach ------------- - -There are literally thousands of different software update systems in common use -today. (In fact the average Windows user has about two dozen different software -updaters on their machine!) - -We are building a library that can be universally (and in most cases transparently) -used to secure software update systems.