This is the last PR in a series of four intended to handle Issue #173.
This PR adds timeserver key rotation through root metadata, handling fast-forward attacks that hijack the timeserver key to push current time to some value in the future, expiring all metadata and preventing update.
Fixes #173
Note that this will not be polished and merged until after:
the TUF roledb-et-al rewrite for TUF issue #660
completion of the addition of ASN.1/DER support to the main TUF codebase
migration of this implementation's TUF dependency from the upTUF fork to the main TUF codebase
This is the last PR in a series of four intended to handle Issue #173.
This PR adds timeserver key rotation through root metadata, handling fast-forward attacks that hijack the timeserver key to push current time to some value in the future, expiring all metadata and preventing update.
Fixes #173
Note that this will not be polished and merged until after: