Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
2063 commits 28 branches 35 tags 23 MiB
Commit graph

99 commits

Author SHA1 Message Date
Trishank Karthik Kuppusamy
c5e8c079bb Fix bloopers. 2017-05-23 21:41:31 -04:00
Trishank Karthik Kuppusamy
558fb43dec Merge branch 'add-detailed-workflow' of github.com:trishankkarthik/tuf into add-detailed-workflow 2017-05-23 17:12:20 -04:00
Trishank Karthik Kuppusamy
98de3c490f Worked with @vladimir-v-diaz to add root migration workflow. 
Also corrected how files are fetched.
 2017-05-23 17:09:57 -04:00
Vladimir Diaz
06665c0bdc Merge branch 'develop' into add-detailed-workflow 2017-05-23 12:20:25 -04:00
Trishank Karthik Kuppusamy
d80ea0b145 Add a note about the expiration of the previous root metadata file. 2017-05-19 16:32:48 -04:00
Trishank Karthik Kuppusamy
3935141b85 Remove what seems like an unnecessary note. 2017-05-19 16:31:18 -04:00
Trishank Karthik Kuppusamy
a2a5931883 Merge reading consistent snapshots with the client update workflow. 2017-05-19 00:45:28 -04:00
Trishank Karthik Kuppusamy
5666cbcfc0 Remove what seems like unnecessary, obsolete text. 2017-05-19 00:10:50 -04:00
Trishank Karthik Kuppusamy
487d27a654 Add subtleties to preorder DFS for targets. 2017-05-19 00:10:29 -04:00
Trishank Karthik Kuppusamy
30536cfb1a Edit Section 7.2 to reflect Section 5.1. 
Ideally, the former should be merged with the latter.
 2017-05-18 21:09:35 -04:00
Trishank Karthik Kuppusamy
c5deaa340f Explain why download targets up to the # of bytes in the targets metadata. 2017-05-18 20:59:00 -04:00
Trishank Karthik Kuppusamy
8b1f85363a Explain how to obtain and load the previous root metadata file. 2017-05-18 20:58:37 -04:00
Trishank Karthik Kuppusamy
947e366557 Use "MUST" with regard to RFC 2119. 2017-05-18 20:44:46 -04:00
Vladimir Diaz
70cf57ad85 Slight edit to fix incorrect version of root file 2017-05-18 16:04:44 -04:00
Vladimir Diaz
1269ed9678 Fix whitespace issue in previous commit 2017-05-18 16:04:44 -04:00
Vladimir Diaz
4a1791d125 Incorporate @awwad and @heartsucker suggestions 2017-05-18 16:04:44 -04:00
Vladimir Diaz
be7a7ffd6f Clarify procedure for updating to new root.json 
Client's should validate new root.json according to the threshold and keys set by its previous version.

See @heartsucker comment [here](https://github.com/heartsucker/rust-tuf/issues/42#issuecomment-302436972)
 2017-05-18 16:04:44 -04:00
Trishank Karthik Kuppusamy
afa804f093 Clarify that the previous snapshot metadata file may be safely expired. 2017-05-18 12:36:01 -04:00
Trishank Karthik Kuppusamy
6236878eb1 Address comments by @JustinCappos. 2017-04-26 15:07:56 -04:00
Trishank Karthik Kuppusamy
f092d2a87b Expand on the TUF client update workflow, per popular demand. 2017-04-26 14:02:01 -04:00
Vladimir Diaz
76435bfdb5 Update tuf-spec.txt 
Add improved definition of the fast-forward attack in the specification.
 2017-02-07 11:29:43 -05:00
Vladimir Diaz
70fc8dce36 Resolve merge conflicts with upstream and ecordell-root-versioning 2016-10-18 10:28:04 -04:00
Vladimir Diaz
8882dc5b7b Merge branch 'root-versioning' of https://github.com/ecordell/tuf into ecordell-root-versioning 
Conflicts:
	tests/test_key_revocation.py
	tests/test_replay_attack.py
	tests/test_repository_tool.py
	tests/test_updater.py
	tuf/formats.py
	tuf/repository_lib.py
 2016-10-17 15:57:48 -04:00
Vladimir Diaz
3ab08e52f6 Update tuf-spec.txt 
Distinguish the "signed" portion of a metadata file from the entire file itself.  Addressing comment provided by @HuKeping
 2016-10-07 10:57:19 -04:00
Evan Cordell
a11709000d Add root versioning for root key rotation 2016-09-19 15:18:20 -04:00
Vladimir Diaz
5d2c8fdc76 Update tuf-spec.txt 
Remove mention of a "private" dictionary key in metadata.  Public TUF metadata consumed by clients would never include a "private" field, so it shouldn't be specified here in the specification.
 2016-09-15 14:23:44 -04:00
Vladimir Diaz
f8e56d29e6 Add favicons 
Add two favicons that are easier to see in the browser.
 2016-09-02 10:22:58 -04:00
Vladimir Diaz
158f452b1b Create new folder 
Add a `proposals` folder to keep track of changes made to specification.
 2016-08-25 14:09:31 -04:00
Vladimir Diaz
fbd901422f Update tuf-spec.txt 
Address issue #364.  The specification includes examples of metadata with version numbers listed, but the description of snapshot.json does not.  The `custom` field is listed only in targets metadata.
 2016-08-25 07:02:00 -04:00
Vladimir Diaz
0dac8e7b19 Update tuf-spec.txt 
Move text explaining where delegated roles live on the repository
 2016-08-22 15:23:19 -04:00
Vladimir Diaz
53b16aefd1 Update tuf-spec.txt 
All delegated metadata is stored in one flat directory.
 2016-08-09 15:02:14 -04:00
Jonathan Rudenberg
03a5cc4b36 Use HTTPS links in spec 2016-08-08 11:32:00 -04:00
Jonathan Rudenberg
eac88eb3e8 Fix Thandy link 2016-08-08 11:19:38 -04:00
Vladimir Diaz
15bbbb7b53 List fast-forward attack in the specification, including those missing. Alphabetize the attacks. 2016-07-28 16:06:59 -04:00
Vladimir Diaz
ece53b413d Mark the version 1.0 specification as a draft 2016-07-28 13:12:58 -04:00
Vladimir Diaz
f57a0bb1a9 Save version 0.9 of specification 2016-07-26 12:21:49 -04:00
Vladimir Diaz
2f909f695f Add Spec 1.0 2016-07-26 12:17:31 -04:00
Vladimir Diaz
e3a1544070 Begin implementation changes to address issue with a global role and key database 2016-05-06 12:13:57 -04:00
Vladimir Diaz
1bed3e09a4 Update tuf-spec.txt 2016-02-25 17:29:36 -05:00
Vladimir Diaz
b008edd7cd Update tuf-spec.txt 
Begin section 5.1 (The Client Application) with a concise overview of the update procedure followed by client applications.  Follow the overview text with the more detailed explanation of the update procedure.
 2016-02-25 17:24:23 -05:00
Vladimir Diaz
e943048757 Add Diplomat paper 2016-02-19 14:13:03 -05:00
Vladimir Diaz
801c4ced2f Remove logo of dolly 2016-02-19 11:15:51 -05:00
Vladimir Diaz
30bd90810d Rename the banner images 2016-02-19 11:14:28 -05:00
Vladimir Diaz
2c0ef0c94a Merge branch 'logo' of github.com:vladimir-v-diaz/tuf into logo 2016-02-19 11:10:05 -05:00
Vladimir Diaz
1b378a2f80 Add avatar, banner, and favicon 2016-02-19 11:07:43 -05:00
Vladimir Diaz
b60b741261 Update tuf-spec.txt 
* @jawi recommended that the specification say that it is up to implementers to decide how keys should be securely stored.

* Python implementation -> reference implementation: for clarity and to be consistent with other documents.
 2015-11-17 15:19:24 -05:00
Vladimir Diaz
cb1591e63d Update tuf-spec.txt 
Fix for issue #296.  We should document which underlying hash function is used with PKCS #1 RSA PSS signatures to maintain compatibility with different clients, or integrators that wish to verify/test our metadata.
 2015-11-11 12:55:30 -05:00
Benno Fünfstück
6ae6a0cda0 tuf-spec.txt: fix duplicate 'the' 2015-10-03 15:40:24 +02:00
Vladimir Diaz
bd757d6738 Update tuf-spec.txt 
Add date and version number.
 2015-05-14 18:02:26 -04:00
Vladimir Diaz
d1d4b3cc56 Add examples of top-level role files to tuf-spec.txt. Fix for issue #273 2015-05-03 15:28:38 -04:00