Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update text for handling overlapping targets between delegations.

Browse source 
Remove note about priority tag schemes and our investigation of several of these schemes
This commit is contained in:
Vladimir Diaz 2017-02-27 15:29:51 -05:00
parent 1a00c4cd8f
commit bbd3288245
1 changed files with 13 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
docs/tuf-spec.txt
View file

@ -773,21 +773,20 @@ Version 1.0 (Draft)
"targets/foo.txt". Likewise, path pattern "foo-version-?.tgz" matches
foo-version-2.tgz", but not "foo-version-alpha.tgz".
We are currently investigating a few "priority tag" schemes to resolve
conflicts between delegated roles that share responsibility for overlapping
target paths. One of the simplest of such schemes is for the client to
consider metadata in order of appearance of delegations; we treat the order
of delegations such that the first delegation is trusted more than the
second one, the second delegation is trusted more than the third one, and so
on. The metadata of the first delegation will override that of the second
delegation, the metadata of the second delegation will override that of the
third delegation, and so on. In order to accommodate this scheme, the
"roles" key in the DELEGATIONS object above points to an array, instead of a
hash table, of delegated roles.
Several schemes exist to resolve conflicts between delegated roles that
share responsibility for overlapping target paths. One of the simplest of
such schemes is for the client to consider metadata in order of appearance
of delegations; we treat the order of delegations such that the first
delegation is trusted more than the second one, the second delegation is
trusted more than the third one, and so on. The metadata of the first
delegation will override that of the second delegation, the metadata of the
second delegation will override that of the third delegation, and so on. In
order to accommodate this scheme, the "roles" key in the DELEGATIONS object
above points to an array, instead of a hash table, of delegated roles.
Another priority tag scheme would have the clients prefer the delegated role
with the latest metadata for a conflicting target path. Similar ideas were
explored in the Stork package manager (University of Arizona Tech Report
Another scheme would have the clients prefer the delegated role with the
latest metadata for a conflicting target path. Similar ideas were explored
in the Stork package manager (University of Arizona Tech Report
08-04)[https://isis.poly.edu/~jcappos/papers/cappos_stork_dissertation_08.pdf].
The metadata files for delegated target roles has the same format as the