Create static metadata that demonstrates attacks #360
Comments
|
The repository management document was updated to demonstrate some of the attacks TUF detects: https://github.com/theupdateframework/tuf/tree/526d7507fa21c71b5f938557f982f757241d3e98/tuf#blocking-malicious-updates |
|
Updated security page link: https://github.com/theupdateframework/tuf/blob/develop/docs/SECURITY.md |
3 tasks
|
The section in the repository management document mentioned above was later moved to an attack demo document, which was recently removed as it had become severely outdated. #1798 suggests to reinstate an up-to-date version of the document. So I'd say we can close here. (I will add a note to #1798 about feeding demo data into other implementations) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We should expand the Security page to include static metadata that simulates known attacks (e.g., replay attack, freeze attack, etc.). This metadata can be fed to other implementations to verify that they correctly handle these attacks.
The text was updated successfully, but these errors were encountered: