PEP 458: Add clarification #1284
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* letting the PSF appoint offline key holders * moving content from abstract to motivation to make the abstract more succinct * updating the threat model * resolving some minor inconsistencies
|
LGTM to me except for my one question! |
|
heads-up @ewdurbin and @di and @woodruffw in case you want to take a look |
|
@mnm678 Per @ncoghlan's note in the Discourse thread about other implementations of TUF, would this PR also be an ok, low-effort place to add a link to https://www.linuxfoundation.org/cloud-containers-virtualization/2017/10/cncf-host-two-security-projects-notary-tuf-specification/ somewhere? :-) |
pep-0458.txt
Outdated
| @@ -51,7 +51,10 @@ would need to steal multiple signing keys, which are stored independently, | |||
| in order to compromise the role responsible for specifying a repository's available | |||
| files. Or, alternatively, a role | |||
| responsible for indicating the latest snapshot of the repository may also have to be | |||
| compromised. | |||
| compromised. More background about TUF and information about other TUF | |||
There was a problem hiding this comment.
I don't think this is really background information, no? Perhaps better to just add it as another link for TUF when it is first defined?
trishankatdatadog
approved these changes
Jan 28, 2020
|
This looks good, but the ReST markup issue needs to be resolved before it can be merged. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Made minor edits including: