clear query| facets| time Search criteria: author:"erickt".   Results from 1 to 10 from 28 (0.0s).
Loading phrases to help you
refine your search...
Snapshot.json example is missing hash(es) and size for the root role - TUF - [issue]
...In section 4.6 of the spec, the description of the snapshot.json file states:The snapshot.json file is signed by the snapshot role. It lists the version numbers of all metadata on the reposi...
https://github.com/theupdateframework/specification/issues/31    Author: erickt , 2019-10-17, 19:08
Remove root, add delegation hashes to the snapshot metadata - TUF - [issue]
...According to @JustinCappos in #31, the root.json is no longer needed in the snapshot metadata, because the workflow will already have updated the root metadata before the snapshot metadata i...
https://github.com/theupdateframework/specification/pull/40    Author: erickt , 2019-10-17, 20:39
Fix keyids in the 1.0 spec - TUF - [issue]
...It looks like the sample Key IDs in the 1.0 spec were not updated to the TUF 1.0 algorithm. For example:>>> key_meta = { "keytype": "ed25519", "keyval": { "public": "72378e5bc588793...
https://github.com/theupdateframework/specification/pull/43    Author: erickt , 2019-10-17, 20:38
Add example for downloading foo/bar/baz target files - TUF - [issue]
...This extends section 5.5.2 to include examples on how a client should download artifacts from a subdirectory. It uses the approach that python-tuf and go-tuf use, where downloading a target ...
https://github.com/theupdateframework/specification/pull/66    Author: erickt , 2020-03-03, 11:56
Removing assumed TAP numbers in PR - TUF - [issue]
...I've noticed there have been some collisions for future TAP numbers: like for TAP 11 with #74 and #106, and TAP 12, with #103 and #107. According to TAP 1, numbers are supposed to be assigne...
https://github.com/theupdateframework/taps/issues/109    Author: erickt , 2020-02-10, 17:50
Clarify how delegated roles are downloaded - TUF - [issue]
...Section 5.4.5 is a little vague how on delegated targets are fetched and validated. This updates that section to use the same logic and verification process as downloading the top-level targ...
https://github.com/theupdateframework/specification/pull/72    Author: erickt , 2020-01-30, 14:26
Ambiguity around rotating keys and deleting metadata - TUF - [issue]
...In section 5.1.9, it states:1.9. If the timestamp and / or snapshot keys have been rotated, then delete the trusted timestamp and snapshot metadata files. This is done in order to recover fr...
https://github.com/theupdateframework/specification/issues/71    Author: erickt , 2020-01-29, 17:15
Does timestamp.json still require `length` and `hashes`? - TUF - [issue]
...In 4.6 of the spec, the timestamp role METAFILES is described as:METAFILES is the same is described for the snapshot.json file. In the case of the timestamp.json file, this will commonly onl...
https://github.com/theupdateframework/specification/issues/38    Author: erickt , 2020-03-06, 08:52
Creating a TAP to forbid leading path separators in targets? - TUF - [issue]
...Good morning,I noticed that in #679 @vladimir-v-diaz banned the python tuf library from having leading path separators in paths. However, the current 1.0 draft has example targets.json with ...
https://github.com/theupdateframework/tuf/issues/837    Author: erickt , 2019-10-04, 00:35
Ambiguity between section 5.1.3 and 6.1 regarding updating root keys - TUF - [issue]
...In section 5.1.3, the spec states:1.3. Check signatures. Version N+1 of the root metadata file MUST have been signed by: (1) a threshold of keys specified in the trusted root metadata file (...
https://github.com/theupdateframework/specification/issues/56    Author: erickt , 2019-11-15, 14:49