You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jul 16, 2020. It is now read-only.
Key revocation: we show how easy it is to revoke compromised keys with TUF. (You may manually sign packages with PGP, and keys could implicitly expire with time, but how would you explicitly and immediately revoke compromised keys?)
Slow retrieval attacks: we trickle updates to pip. (This might allow an attacker to remotely exploit a vulnerability before an update is downloaded to completion.)