Groups
Conversations
All groups and messages
Send feedback to Google
Help
Training
Sign in
Groups
The Update Framework (TUF)
Conversations
About
The Update Framework (TUF)
1–30 of 255
Mark all as read
Report group
0 selected
Martin Harriman
Dec 13
5.6.7 role not in snapshot
Section 4.4 File formats: snapshot.json: "It MUST list the version numbers of the top-level
unread,
5.6.7 role not in snapshot
Section 4.4 File formats: snapshot.json: "It MUST list the version numbers of the top-level
Dec 13
Milan Satpathy
,
Jussi Kukkonen
2
Nov 6
Query on version and expiry management of metadata
Hi, some responses inline. On Wed, Nov 6, 2024 at 11:52 AM 'Milan Satpathy' via The Update
unread,
Query on version and expiry management of metadata
Hi, some responses inline. On Wed, Nov 6, 2024 at 11:52 AM 'Milan Satpathy' via The Update
Nov 6
Milan Satpathy
,
Lukas Pühringer
2
Jul 15
Future plans for local key management
Hi, Thanks for reaching out! To sign TUF Metadata the new python-tuf library takes an object, which
unread,
Future plans for local key management
Hi, Thanks for reaching out! To sign TUF Metadata the new python-tuf library takes an object, which
Jul 15
Milan Satpathy
,
Jussi Kukkonen
2
May 29
Using TUF 5.0.0 to create a persistent repository
python-tuf is now a library only: we felt the CLI tools were A) painful to maintain and B) not a
unread,
Using TUF 5.0.0 to create a persistent repository
python-tuf is now a library only: we felt the CLI tools were A) painful to maintain and B) not a
May 29
Suvasis Mukherjee
, …
Jussi Kukkonen
5
Apr 16
UAV firmware update framework using TUF
Hi suvasis, The UAV-specific bits I can't possibly comment on but maybe this helps: TUF client
unread,
UAV firmware update framework using TUF
Hi suvasis, The UAV-specific bits I can't possibly comment on but maybe this helps: TUF client
Apr 16
Jianming Xu
,
Justin Cappos
2
11/2/23
The issue of Root key loss and trust chain reconstruction
I'm curious to know more about the threshold you are choosing for root keys and the frequency
unread,
The issue of Root key loss and trust chain reconstruction
I'm curious to know more about the threshold you are choosing for root keys and the frequency
11/2/23
dbrassard
, …
Trishank Kuppusamy
6
10/12/23
[TUF] 5.5. Update the snapshot role - How would you recall a target file
On Thu, 12 Oct 2023 at 16:36, Denis Brassard <denisb...@gmail.com> wrote: Right, I was
unread,
[TUF] 5.5. Update the snapshot role - How would you recall a target file
On Thu, 12 Oct 2023 at 16:36, Denis Brassard <denisb...@gmail.com> wrote: Right, I was
10/12/23
Shubhika Bhardwaj
,
Aditya Sirish A Yelgundhalli
3
1/24/23
First time contributer on TUF. Help Needed
Thanks Aditya! On Tue, Jan 24, 2023, 11:13 PM Aditya Sirish A Yelgundhalli <aditya...@nyu.edu
unread,
First time contributer on TUF. Help Needed
Thanks Aditya! On Tue, Jan 24, 2023, 11:13 PM Aditya Sirish A Yelgundhalli <aditya...@nyu.edu
1/24/23
Sumana Harihareswara
, …
Lukas Puehringer
4
12/12/22
PyCon in April 2023 - propose talk + poster by Friday
I won't make it to Utah either. (Happy to submit to EuroPython, though.) > On 10.12.2022, at
unread,
PyCon in April 2023 - propose talk + poster by Friday
I won't make it to Utah either. (Happy to submit to EuroPython, though.) > On 10.12.2022, at
12/12/22
Trishank Kuppusamy
9/8/22
[go-tuf] Security advisory (GHSA-3633-5h82-39pq): Improper handling of different key IDs for the same public keys in attacker-controlled metadata
Hello, We are writing to inform you of a high-impact but low-severity vulnerability in go-tuf clients
unread,
[go-tuf] Security advisory (GHSA-3633-5h82-39pq): Improper handling of different key IDs for the same public keys in attacker-controlled metadata
Hello, We are writing to inform you of a high-impact but low-severity vulnerability in go-tuf clients
9/8/22
Jussi Kukkonen
5/13/22
TUF meetup at Kubecon Thu May 19th 11AM
Hi all, For those going to Kubecon next week: We're planning to do an informal TUF meetup 11AM on
unread,
TUF meetup at Kubecon Thu May 19th 11AM
Hi all, For those going to Kubecon next week: We're planning to do an informal TUF meetup 11AM on
5/13/22
Thibault Normand
, …
Lukas Puehringer
14
4/19/22
Usage of existing crypto material serialization framework (JWK)
On 14.04.2022, at 15:46, 'Thibault Normand' via The Update Framework (TUF) <
unread,
Usage of existing crypto material serialization framework (JWK)
On 14.04.2022, at 15:46, 'Thibault Normand' via The Update Framework (TUF) <
4/19/22
Sumana Harihareswara
, …
Lukas Puehringer
5
4/4/22
EuroPython call for talks closes in 3 days
Quick heads-up: Kairo and I have re-worked the proposal a bit and are now both listed as speakers for
unread,
EuroPython call for talks closes in 3 days
Quick heads-up: Kairo and I have re-worked the proposal a bit and are now both listed as speakers for
4/4/22
B. van Lunteren
, …
Jussi Kukkonen
3
4/1/22
Inspecting trusted targets
Hi, TUF (as in the TUF specification) doesn't really provide any means for searching for things -
unread,
Inspecting trusted targets
Hi, TUF (as in the TUF specification) doesn't really provide any means for searching for things -
4/1/22
B. van Lunteren
, …
Trishank Kuppusamy
6
3/24/22
Is python-tuf production ready?
On Thu, Mar 24, 2022 at 11:06 PM Joshua Lock <jl...@vmware.com> wrote: The python-tuf
unread,
Is python-tuf production ready?
On Thu, Mar 24, 2022 at 11:06 PM Joshua Lock <jl...@vmware.com> wrote: The python-tuf
3/24/22
Tim Lehnen
, …
Trishank Kuppusamy
3
3/16/22
Drupal Association seeking contractor for server-side TUF implementation
Hi PHP friends, At the OpenSSF, we've formed a WG on securing community repos together. Would
unread,
Drupal Association seeking contractor for server-side TUF implementation
Hi PHP friends, At the OpenSSF, we've formed a WG on securing community repos together. Would
3/16/22
Lukas Puehringer
2/10/22
GitHub organization permission updates
Hello everyone! We updated the individual access levels for members and collaborators of the GitHub
unread,
GitHub organization permission updates
Hello everyone! We updated the individual access levels for members and collaborators of the GitHub
2/10/22
Marina Moore
, …
Joshua Lock
3
12/10/21
TAP Acceptance at TUF Community Meeting
Unfortunately, I won't make the community meeting next week, so I have been looking at TAPs 13
unread,
TAP Acceptance at TUF Community Meeting
Unfortunately, I won't make the community meeting next week, so I have been looking at TAPs 13
12/10/21
Zach Wasserman
, …
Jussi Kukkonen
4
9/1/21
Compromise of local repository in threat model
Just dug this thread from the spam folder so I'm a bit late to the discussion, apologies. I saw
unread,
Compromise of local repository in threat model
Just dug this thread from the spam folder so I'm a bit late to the discussion, apologies. I saw
9/1/21
Marina Moore
8/26/21
Uptane Workshop
Hello, Uptane, the automotive variant of TUF, is having a workshop next month. The free registration
unread,
Uptane Workshop
Hello, Uptane, the automotive variant of TUF, is having a workshop next month. The free registration
8/26/21
Matt Rutkowski
, …
Trishank Kuppusamy
3
8/19/21
Good examples of role-based CI/CD approval process signing/key construction/verification
On Thursday, August 19, 2021 at 1:35:00 PM UTC-4 sant...@nyu.edu wrote: I think in-toto (or a
unread,
Good examples of role-based CI/CD approval process signing/key construction/verification
On Thursday, August 19, 2021 at 1:35:00 PM UTC-4 sant...@nyu.edu wrote: I think in-toto (or a
8/19/21
Marina Moore
8/19/21
TUF Community Meeting
Hi, The next TUF community meeting will be next week on August 25 at 11am EST. The agenda and meeting
unread,
TUF Community Meeting
Hi, The next TUF community meeting will be next week on August 25 at 11am EST. The agenda and meeting
8/19/21
Parvesh Katoch
7/28/21
Re: TUF Community Meeting
Sorry, I can't make it. We'll have to reschedule.
unread,
Re: TUF Community Meeting
Sorry, I can't make it. We'll have to reschedule.
7/28/21
Pedro Gabriel
,
Trishank Kuppusamy
2
7/27/21
TUF vs GIthub Releaases + Webhooks
Sorry, I don't fully understand what you mean. Would you mind giving concrete examples? On Sat,
unread,
TUF vs GIthub Releaases + Webhooks
Sorry, I don't fully understand what you mean. Would you mind giving concrete examples? On Sat,
7/27/21
Tony Arcieri
, …
Trishank Kuppusamy
7
7/22/21
Debian moving away from OpenPGP signatures
On Thu, Jul 22, 2021 at 9:17 AM Joshua Lock <jl...@vmware.com> wrote: I don't think they
unread,
Debian moving away from OpenPGP signatures
On Thu, Jul 22, 2021 at 9:17 AM Joshua Lock <jl...@vmware.com> wrote: I don't think they
7/22/21
Aditya Sirish A Yelgundhalli
6/24/21
Proposal of TAP-17 & Updates to POUF-1
Hello all, Marina Moore and I have co-authored TAP-17 which proposes removing the descriptions of
unread,
Proposal of TAP-17 & Updates to POUF-1
Hello all, Marina Moore and I have co-authored TAP-17 which proposes removing the descriptions of
6/24/21
Marina Moore
4/21/21
TUF Community Meeting
Hi everyone, It's looking like time for another TUF community meeting. I made a doodle poll for
unread,
TUF Community Meeting
Hi everyone, It's looking like time for another TUF community meeting. I made a doodle poll for
4/21/21
Kainaat Singh
, …
Joshua Lock
4
4/6/21
Running TUF tests
Hi Kainaat, Thanks for your interest in tuf and for working on a patch for issue #1297! We have some
unread,
Running TUF tests
Hi Kainaat, Thanks for your interest in tuf and for working on a patch for issue #1297! We have some
4/6/21
Joshua Lock
,
Trishank Kuppusamy
2
2/25/21
Reference implementation will no longer support Python 2.7
Thanks, Joshua! This is such a big one, that I wonder whether it's worth advertising by
unread,
Reference implementation will no longer support Python 2.7
Thanks, Joshua! This is such a big one, that I wonder whether it's worth advertising by
2/25/21
Daniel Kaleja
, …
Marina Moore
3
12/7/20
Clarification on tuf regarding repo and versioning
A small addition to Lukas's answer for number 3: In a variant of TUF for automobiles (Uptane), a
unread,
Clarification on tuf regarding repo and versioning
A small addition to Lukas's answer for number 3: In a variant of TUF for automobiles (Uptane), a
12/7/20