-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create static metadata that demonstrates attacks #360
Comments
The repository management document was updated to demonstrate some of the attacks TUF detects: https://github.com/theupdateframework/tuf/tree/526d7507fa21c71b5f938557f982f757241d3e98/tuf#blocking-malicious-updates |
Updated security page link: https://github.com/theupdateframework/tuf/blob/develop/docs/SECURITY.md |
The section in the repository management document mentioned above was later moved to an attack demo document, which was recently removed as it had become severely outdated. #1798 suggests to reinstate an up-to-date version of the document. So I'd say we can close here. (I will add a note to #1798 about feeding demo data into other implementations) |
We should expand the Security page to include static metadata that simulates known attacks (e.g., replay attack, freeze attack, etc.). This metadata can be fed to other implementations to verify that they correctly handle these attacks.
The text was updated successfully, but these errors were encountered: