-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resign TUF metadata without changes (e.g. close to expiry) #239
Comments
We currently don't really have an API for this, my proposal is adding something like |
Related: theupdateframework/python-tuf#1727
|
FWIW for delegations and targets adding an existing target will do a version bump with a no-op |
What's the relationship between this issue and #329 ? |
e.g. targets.json is expiring, but we aren't removing or adding targets, no change: so we need to bump the version and expiration |
Closing since the code base changed and is no longer relevant Thanks for raising this 👍 |
@ethan-lowman-dd @mnm678 this came up when using delegations from #175, but also applies to root and targets: how do you deal with re-signing delegations? let's suppose no change is made to a delegation, but expiraiton is coming up and we need to resign and increment the expiration/version. Right now adding the delegation again will return an error that it already exists, and re-signing with
Sign
does not increment a version, it just updates the signatures.We basically need a "snapshot/timestamp" but for other meta.
The text was updated successfully, but these errors were encountered: