Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
TAP 5 was designed to fulfil two primary use-cases: 1. restricting trust in a community repository to a single project 2. trusting a mirror only for snapshot and targets metadata TAP 5 addresses both of these use-cases on the repository, effectively by setting up an intermediary repository to filter/restrict the upstream repository configuration. This design is problematic for the second use-case, as this means that a party with a threshold of root keys can no longer affect changes on the Timestamp and Snapshot roles. TUF is designed with the Root role as the locus of trust, removing that control is antithetical to the design of the system. The first use-case, restricting trust to a single project, is unwieldy as it requires setting up an in-house repository in order to filter the views on the upstream repository. This use-case is better suited by the proposal "User Selection of the Top-Level Target Files Through Mapping Metadata" (#118), which extends the map file in TAP 4 to put control for selecting trusted targets in the hands of users who can configuring the client (such as the end user, a system adminstrator or client developer). Signed-off-by: Joshua Lock <jlock@vmware.com>
- Loading branch information