-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create static metadata to demonstrate attacks #870
Conversation
…omise.md to sample_tests/Vulnerability to Key Compromise/Vulnerability_to_key_compromise.md
…key_compromise.md to sample_tests/Compromised Key Attack/Vulnerability_to_key_compromise.md
The premise is great but I think the approach has flaws:
Any data in the repo must get tested automatically. In my opinion storing generated data is also wrong (publishing generated data is fine: the source of truth should be the scripts that generated the data). The PR is over a year old: I think it should be declined as it is, a better approach is required. |
Closing this PR, a PR implementing the same premise with automated code would be very welcome. |
Please fill in the fields below to submit a pull request. The more information
that is provided, the better.
Fixes issue #: Create static metadata that demonstrate attacks #360
Description of the changes being introduced by the pull request:
This pull request includes static metadata to simulate known attacks that TUF prevents, these can be fed to implementation to test if it handles the attacks appropriately.
Please verify and check that the pull request fulfils the following
requirements: