Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Relying on mandatory DelegatedRole.name attribute when TAP 15 describes it as optional

See original GitHub issue

Description of issue or feature request: We are working to implement TAP 15 (see #1909). There it’s said that:

If the succinct_hash_delegations field is present in a delegation, the name field will not be used as a rolename, and so is not required.

meaning that the DelegatedRole.name attribute is not required. That seems to be a problem for us as until now we are relying on its existence to uniquely identify roles: (see Delegations.from_dict() implementation) https://github.com/theupdateframework/python-tuf/blob/10f9feaead407cf65b7b29ecc4d28b0e2190cb45/tuf/api/metadata.py#L1472

One solution to this problem could be providing an additional ID number that will serve as a unique identifier for roles. This approach is widely used by databases.

But then we have the next question what to do about DelegatedRole.to_dict() where we currently provide name: https://github.com/theupdateframework/python-tuf/blob/10f9feaead407cf65b7b29ecc4d28b0e2190cb45/tuf/api/metadata.py#L1359

In summary what we should do is:

decide what unique identifier to use for delegated roles inside Delegations
decide what to do with DelegatedRole.to_dict

Issue Analytics

State:
Created a year ago
Reactions:1
Comments:34 (22 by maintainers)

Top GitHub Comments

2reactions

lukpuehcommented, Apr 6, 2022

I think the problem is that DelegatedRole so far was used for exactly one delegated role, but with TAP 15 there would only be one DelegatedRole object for all bin-n roles.

1reaction

jkucommented, Apr 29, 2022

This is always already a risk with accepting and ignoring unknown fields (except only to check if any signatures cover them), correct?

I don’t think so. In this case we are changing the way delegations are supposed to be understood, while leaving the format seemingly compatible. The old client will think it has understood the delegation correctly when it has only understood a part of it.

It’s possible that there are no security issues here but I don’t like the ambiguity: I would rather choose a design where old client fails to process the whole delegations object if the delegations object contains a delegation client does not understand.

Top Results From Across the Web

Discussion of TAP 15: Succinct hash bin delegations #132

Relying on mandatory DelegatedRole.name attribute when TAP 15 describes it as optional theupdateframework/python-tuf#1943.

Leadership final Flashcards - Quizlet

Study with Quizlet and memorize flashcards containing terms like What is the primary difference between constructive and destructive discipline?

Oracle Fusion Cloud SCM

This guide describes the security reference implementation for the roles ... Maintains persons' name related attributes. ... Resource: Delegated Role.

HP Select Identity - Support

Add constraints and external calls to the new attribute (optional). Configure Attributes. As you create Select Identity attributes, you have to configure ...

Best Practices In Change Management

Chapter 15 : Culture, Employee and Stakeholder Engagement. ... Figure 4.3 – Other groups that required justification . ... Name of Functional Group....