From 8382bf5576dccf4b9f1696d289a0a55de6f455cf Mon Sep 17 00:00:00 2001 From: Santiago Torres Date: Tue, 23 Sep 2014 11:45:07 -0400 Subject: [PATCH 1/2] Updated spelling and code examples for consistency README-developer-tools had a minor spelling mistake. I also ran the code examples step by step to ensure they could be ran as-is. --- tuf/README-developer-tools.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tuf/README-developer-tools.md b/tuf/README-developer-tools.md index c1b5b60b..09fdd7c2 100644 --- a/tuf/README-developer-tools.md +++ b/tuf/README-developer-tools.md @@ -44,7 +44,7 @@ First, we will need to generate a key to sign the metadata. Keys are generated in pairs: one public and the other private. The private key is password-protected and is used to sign metadata. The public key can be shared freely, and is used to verify signatures made by the private key. You will need -too share your public key with the repository hosting your project so they can +to share your public key with the repository hosting your project so they can verify your metadata is signed by the right person. The generate\_and\_write\_rsa\_keypair function will create two key files named @@ -94,7 +94,7 @@ After importing the key, we can generate a new project with the following command: ``` ->>> project = create_new_project(name="example_project", +>>> project = create_new_project(project_name="example_project", ... metadata_directory="local/path/to/metadata/", ... targets_directory="local/path/to/example_project", ... location_in_repository="repo/unclaimed", key=public_key) @@ -117,7 +117,7 @@ the project. To add a target, we issue the following method: ``` ->>> project.add_target("target_1") +>>> project.add_target("local/path/to/example_project/target_1") ``` Note that the file "target\_1" should be located in @@ -189,6 +189,7 @@ to delegate a new role for them. For example, we can do the following: ``` >>> other_key = import_rsa_publickey_from_file(“another_public_key.pub”) +>>> targets = ['local/path/to/newtarget'] >>> project.delegate(“newrole”, [other_key], targets) ``` From db0ba6d0f1e1a86f066a89bfeeb469d729c9709a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arturo=20Filast=C3=B2?= Date: Fri, 2 Jan 2015 14:42:33 +0100 Subject: [PATCH 2/2] Minor typo fixes --- docs/tuf-spec.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/tuf-spec.txt b/docs/tuf-spec.txt index a4c679da..9ff86883 100644 --- a/docs/tuf-spec.txt +++ b/docs/tuf-spec.txt @@ -131,7 +131,7 @@ installing software that is older than that which the client previously knew to be available. - Indefinite freeze attacks. Attackers should not be able respond to client + Indefinite freeze attacks. Attackers should not be able to respond to client requests with the same, outdated metadata without the client being aware of the problem. @@ -177,7 +177,7 @@ files, or executable binaries is irrelevant to the framework. The metadata describing target files is the information necessary to - securely identity the file and indicate which roles are trusted to provide + securely identify the file and indicate which roles are trusted to provide the file. As providing additional information about target files may be important to some software update systems using the framework, additional arbitrary information can be provided with any target