Open tekul opened 9 years ago
The TUF spec says to use hex encoding for key IDs (and we do); it leaves the encoding for actual keys open (indeed, it leaves the entire public key algorithm open) -- I don't think think it gives a specific format in which it expects keys. But if I'm wrong about that and it does specify a specific format for keys (in particular, for ED25519 keys) then yes, we should match it.
Yeah, it only seems to mention PEM format for RSA keys. It seems a bit of an omission though, since a client would then have to know the format in advance (or try multiple options).
Just a minor question. When I run hackage-local, the encoding for keys and so on seems to all be in Base64, but the TUF spec shows everything as hex-encoded.
To avoid future compatibility issues (e.g. a generic Haskell TUF implementation which could be used by other repositories, not just Hackage, and might need to interact with other clients) might it not be better to use the same encoding?