Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement revocations #483

Open
renatav opened this issue Jul 22, 2024 · 0 comments
Open

Implement revocations #483

renatav opened this issue Jul 22, 2024 · 0 comments
Labels
BIG DEAL security
Milestone
TAF 1.0

Comments

@renatav
Copy link
Collaborator

renatav commented Jul 22, 2024

Once force pushing to/destroying an authentication repository completely is no longer an option, we need to be able to revoke the repository's commits.

  • A revocation needs to be signed by a threshold of root keys
  • We need to assume that another library (not us) downloaded certain changes before they were revoked.
  • The updater should never delete something that was pulled down. Instead, we want to move revoked commits to a separate branch.
  • The official repository should make it seem as that revoked branch never happened
  • Any library that is authenticating things will not be able to authenticate a revoked commit if they didn't pull it down before it was revoked, so two different libraries might give different authentication results. How bad is that?
  • Figure out where to store revoked metadata
@renatav renatav moved this to Backlog in TAF Planning Jul 22, 2024
@n-dusan n-dusan added this to the TAF 1.0 milestone Aug 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
BIG DEAL security
Projects
TAF Planning
Status: Backlog
Milestone
TAF 1.0
Development

No branches or pull requests
2 participants
@renatav @n-dusan