pip fork to experiment with PEP-458 implementation https://www.python.org/dev/peps/pep-0458/: See branch tuf-v2 (and tuf-mvp and tuf-mvp-vendored for earlier work)
If this is seen as a blocking issue there are probably two main possibilities:
modify the TUF Updater API in minimal ways to separate target downloading and verification: this would allow pip to handle the downloading part itself. This might be possible with fairly small amount of work. This would still leave the metadata downloads for TUF to handle.
redesign the TUF API to not do network IO at all: this has the added benefit of not tying TUF to a specific http stack. This is definitely a significant amount of work
Currently pip controls the http details at a fairly low level (see e.g. two separate paths for chunking https://github.com/jku/pip/blob/master/src/pip/_internal/network/utils.py#L63). This is not possible with current TUF.
If this is seen as a blocking issue there are probably two main possibilities:
This relates to issue #9