Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Look into the update framework for delivering updates securely #1200

Open
kirtangajjar opened this issue Sep 2, 2018 · 0 comments
Open

Look into the update framework for delivering updates securely #1200

kirtangajjar opened this issue Sep 2, 2018 · 0 comments
Labels
component/security kind/research

Comments

@kirtangajjar
Copy link
Contributor

From readme of The Update Framework,

The Update Framework (TUF) helps developers maintain the security of a software update system, even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.

TUF is hosted by the Linux Foundation as part of the Cloud Native Computing Foundation (CNCF) and is used in production by companies such as Docker, DigitalOcean, Flynn, LEAP, Kolide, Cloudflare, and VMware.

It says it provides a secure framework that anyone can adopt into their software update system. Since EE is mostly used on servers and security is something we take very seriously, we should investigate this framework, Check if it's beneficial and if it's worth the effort we put in.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/security kind/research
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kirtangajjar