Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

root version comparison still unclear #240

Open
jku opened this issue Aug 9, 2022 · 2 comments
Open

root version comparison still unclear #240

jku opened this issue Aug 9, 2022 · 2 comments

Comments

@jku
Copy link
Member

jku commented Aug 9, 2022

This text has been modified a lot (see #209 for latest) but the root update section of client workflow is still difficult for new readers:

5. Check for a rollback attack. The version number of the trusted root metadata file (version N) MUST be less than the version number of the new root metadata file (version N+1). Effectively, this means checking that the version number signed in the new root metadata file is indeed N+1. If the version of the new root metadata file is less than the version of the trusted metadata file, discard it, abort the update cycle, and report the rollback attack. In case they are equal, again discard the new root metadata, but proceed the update cycle with the already trusted root metadata.

This is still very long and not super clear. Examples:

  • what does "proceed the update cycle" mean? (I'm pretty sure it means go to 5.3.10 but it's not obvious to a new reader)
  • what if new version is N+2? It almost sounds like this would be ok by the spec but it doesn't make sense: the only valid version number is N+1

Why don't we just say that only accepted version is N+1, everything else should be an error (because we tried to download N+1 and were given something else)?

@mnm678
Copy link
Collaborator

mnm678 commented Aug 9, 2022

Related to #150 (we should make sure it's fixed there)

@lukpueh
Copy link
Member

lukpueh commented Aug 10, 2022

Also related to first item in #235

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants