Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement checking for timestamp rollback of snapshot #294

Open
erickt opened this issue Sep 17, 2020 · 0 comments
Open

Implement checking for timestamp rollback of snapshot #294

erickt opened this issue Sep 17, 2020 · 0 comments

Comments

@erickt
Copy link
Collaborator

erickt commented Sep 17, 2020
edited
Loading

TUF-1.0.5 added section 5.2.2.2:

2.2.2. The version number of the snapshot metadata file in the trusted timestamp metadata file, if any, MUST be less than or equal to its version number in the new timestamp metadata file. If not, discard the new timestamp metadata file, abort the update cycle, and report the failure.

We need to extend Tuf to support this check.

See theupdateframework/specification#106 for more details.
erickt added a commit to erickt/rust-tuf that referenced this issue Sep 18, 2020
@erickt
WIP Check for timestamp rollback of snapshot
59f0b29 
This implements TUF-1.0.5 section 5.2.2.2, where when updating the
timestamp role, we reject the new timestamp if the snapshot version it
points at is older than the currently trusted snapshot role.

See theupdateframework/specification#106 for more
details.

Closes theupdateframework#294

Change-Id: I4fb68aaf61ad8c0e3ffc0439095f5d00e5baa116
erickt added a commit to erickt/rust-tuf that referenced this issue Oct 8, 2020
@erickt
WIP Check for timestamp rollback of snapshot
e21e905 
This implements TUF-1.0.5 section 5.2.2.2, where when updating the
timestamp role, we reject the new timestamp if the snapshot version it
points at is older than the currently trusted snapshot role.

See theupdateframework/specification#106 for more
details.

Closes theupdateframework#294

Change-Id: I4fb68aaf61ad8c0e3ffc0439095f5d00e5baa116
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@erickt