search

theupdateframework / specification

The Update Framework specification
https://theupdateframework.github.io/specification/
Other
365 stars 54 forks source link

Document delegation removal in repository operations #262

Open joshuagl opened 1 year ago

joshuagl commented 1 year ago

@trishankatdatadog summarised the steps for removing a delegation in https://github.com/sigstore/root-signing/pull/546#issuecomment-1319169899. We really should include that in the repository operations section of the specification.

Copy/pasted here for ease of reference:

Seems right to me, yes. If there is a delegatee you want to delete, you should delete:

  1. The targets only the delegatee is responsible for.
  2. The delegatee's targets metadata.
  3. The delegation off any delegator's targets metadata.

But keep the snapshot metadata about (2) around until timestamp/snapshot needs to be reset (e.g., due to a fast-forward attack, as described in Section 5.3.11 of the spec).

(3) can safely be updated in the snapshot metadata so long as it doesn't rollback itself.

Originally posted by @trishankatdatadog in https://github.com/sigstore/root-signing/issues/546#issuecomment-1319169899

shubhusion commented 1 month ago

@joshuagl @trishankatdatadog assign this issue to me