You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since the delegating targets defines the valid keys a delegated targets can be signed by, it is possible for delegated targets to be valid when accessed via one target path and invalid when accessed via another. tuf::Tuf currently stores a mapping of role to the delegated targets metadata, but that information is insufficient to know which keys should be used to verify metadata given to update_delegation.
Additionally, tuf::Tuf currently depends on tuf::Client correctly calling update_delegation for every link in the delegation chain when resolving a target. Ideally, tuf::Tuf wouldn't depend on tuf::Client calling APIs in the correct order.
The text was updated successfully, but these errors were encountered:
Since the delegating targets defines the valid keys a delegated targets can be signed by, it is possible for delegated targets to be valid when accessed via one target path and invalid when accessed via another.
tuf::Tuf
currently stores a mapping of role to the delegated targets metadata, but that information is insufficient to know which keys should be used to verify metadata given to update_delegation.Additionally,
tuf::Tuf
currently depends ontuf::Client
correctly calling update_delegation for every link in the delegation chain when resolving a target. Ideally, tuf::Tuf wouldn't depend on tuf::Client calling APIs in the correct order.The text was updated successfully, but these errors were encountered: