future root-signing metadata may not be compatible with current sigstore-rs

[jku]

This is something that came up during staging testing: sigstore-rs is not compatible with root-signing-staging, and will not be compatible with root-signing if we proceed with #929 without changes.

• Current root-signing metadata contains metadata hashes and lengths, but tuf-on-ci produces metadata that does not contain them
• both variants are spec compliant
• awslabs/tough used by sigstore-rs does not currently support the tuf-on-ci produced metadata
• sigstore-rs is experimental and does not have releases so was not included in the root-signing staging test matrix so the issue was not noticed earlier
• there is a related compatibility problem with keyids: this is not an issue in root-signing and will be fixed in root-signing-staging

I'm filing this so we can decide whether this is a blocker for #929 or not. I would suggest it's not a blocker:

• the tuf-on-ci metadata is compliant wrt hashes and lengths
• adding support for this in the client (awslabs/tough) should not be a major issue

That said, tuf-on-ci could start embedding hashes and lengths if that is really needed.

Related sigstore-rs issue https://github.com/sigstore/sigstore-rs/issues/369

[haydentherapper]

Do you know if https://github.com/theupdateframework/rust-tuf would be compatible or is maintained more actively?

[jku]

IIRC they don't have a CLI so testing would be a bit more work (this specific part of the spec seems to be supported but that doesn't mean much)