Open mnm678 opened 3 years ago
This issue may be as simple as allowing users to opt-out of snapshot for private repositories. Or, we can let private repositories have their own snapshot metadata.
The main requirement is that we should never disclose even the existence of private content to people not authorized to access it. This may mean that each differing set of permissions needs its own snapshots and metadata in general. As permissions are set at repo level, this is why Notary v1 ended up having a TUF root for each repository, despite the fact that caused other issues.
TUF needs to ensure that some artifacts and metadata are private. This means that these artifacts should not be included in externally available snapshot metadata.
This issue is part of #2