Thanks for spreading the word about TUF, Prashanth! I hope you don't mind me
sharing the blog post on TUF's CNCF slack channel?
Also, you are very welcome to shoot me more question when you write Part 2 ...
or in case you want to write a blog post about TUF's sister project 'in-toto',
which helps to protect the rest of the software supply chain. ;)
Cheers,
Lukas
[1]
https://in-toto.io/
On 19.08.2020 8:32 AM,
mulgu...@gmail.com wrote:
> Hi folks,
>
> Here's the link to my Medium blog post on TUF. As the post was getting too
> lengthy--more than 3000 words--I have broken it into two parts.
>
> Part 1 covers, why securing the entire software update delivery system is
> needed, how TUF works to provide this security, the design principles that
> underpin TUF, and its structure.
>
> Part 2, which I am yet to finish, will cover metadata file formats and
> repository layout.
>
> Please do read and let me know if I have made any mistakes.
>
>
https://urldefense.proofpoint.com/v2/url?u=https-3A__medium.com_-40mulgundmath_secure-2Dsoftware-2Dupdates-2Dvia-2Dtuf-2Dpart-2D1-2Df9bbb34bcbbc&d=DwIBaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=2YMLsMLCML1EOEAeVc1Mhx6J99vqRVHSnZUnatehIDg&m=gi-t_HfB0cUfkEVjOZPKM3TlzxRL-wZV8S_IRtT_NOw&s=efWzuJFBo-wkYLNHul2YEmgOAwF28MW8VsXHPGEkmZw&e=
>
> Thanks Lukas, for helping me out whenever I needed it.
>
> Regards
> Prashanth
>
--
lukas.pu...@nyu.edu
PGP fingerprint: 8BA6 9B87 D43B E294 F23E 8120 89A2 AD3C 07D9 62E8