Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How should we handle metadata that has the same version but different content? #114

Open
erickt opened this issue Sep 17, 2020 · 2 comments
Open

How should we handle metadata that has the same version but different content? #114

erickt opened this issue Sep 17, 2020 · 2 comments

Comments

@erickt
Copy link
Contributor

erickt commented Sep 17, 2020

The spec is a little vague as to how we should handle updating metadata that shares the same version number as the trusted metadata, but has different content. We can encounter this situation in two cases:

  • When we fetch a new timestamp, section 5.2.2 says it's okay if the new file shares the same version as the trusted version. However, it doesn't say what we should do if this new file points at a different snapshot than the trusted timestamp.
  • When we fetch a target or delegated target, section 4.4.4 states it's optional for the snapshot role to contain hashes of the targets and delegated targets. Without hashes, we have no way to tell without downloading the file to see if it matches the trusted version, nor what we should do if it doesn't match.

I can think of a few possible ways we could extend the spec to cover these situations:

  • Just trust the new file (this though would probably expose us to all sorts of weird issues).
  • Always try to download metadata, even if we think we have that version locally. Check that the new file matches our trusted content, or fail the update.
  • Implement the above test for timestamp updates, but instead in section 5.4, change the logic to skip fetching any metadata version if we already trust that version (and hash if it's listed in the trusted snapshot).
@joshuagl joshuagl mentioned this issue Feb 11, 2022
Closed
rdimitrov added a commit to rdimitrov/specification that referenced this issue Feb 16, 2022
@rdimitrov
Rationalize the version comparison rules for when a client tries to u…
094fdd3 
…pdate the metadata files

The client workflow has a set of version comparisons rules for how to update metadata files.
Not all metadata files should be treated equal and the following PR address that.
Fixes theupdateframework#207 and is related to theupdateframework#114.

Signed-off-by: Radoslav Dimitrov <[email protected]>
rdimitrov added a commit to rdimitrov/specification that referenced this issue Feb 16, 2022
@rdimitrov
Update metadata version comparison rules in client workflow
94c5930 
The client workflow has a set of version comparisons rules for how
to update metadata files. The following PR addresses the differences
coming from the fact that when updating not all metadata files should
be treated equally.
Fixes theupdateframework#207 and is related to theupdateframework#114.

Signed-off-by: Radoslav Dimitrov <[email protected]>
@rdimitrov rdimitrov mentioned this issue Feb 16, 2022
Merged
rdimitrov added a commit to rdimitrov/specification that referenced this issue Feb 16, 2022
@rdimitrov
Update metadata version comparison rules in client workflow
b534008 
The client workflow has a set of version comparison rules for how
to update metadata files. The following PR addresses the differences
coming from the fact that when updating not all metadata files should
be treated equally.

Fixes theupdateframework#207 and is related to theupdateframework#114

Signed-off-by: Radoslav Dimitrov <[email protected]>
mnm678 pushed a commit that referenced this issue Apr 28, 2022
@rdimitrov @joshuagl
Update metadata version comparison rules in client workflow (#209)
7f356e4 
* Update metadata version comparison rules in client workflow

The client workflow has a set of version comparison rules for how
to update metadata files. The following PR addresses the differences
coming from the fact that when updating not all metadata files should
be treated equally.

Fixes #207 and is related to #114

Signed-off-by: Radoslav Dimitrov <[email protected]>

* Bump date and version to 1.0.29

Signed-off-by: Radoslav Dimitrov <[email protected]>

* Address what happens in case of equal metadata versions for client update

Signed-off-by: Radoslav Dimitrov <[email protected]>

* Update VERSION and Date

Co-authored-by: Joshua Lock <[email protected]>
@rdimitrov
Copy link
Contributor

@erickt - Hey, I think #209 partially covered the topics of this issue, at least in regards to the timestamp update process. Are the rest of the thoughts still relevant or perhaps we can close this one?

@trishankatdatadog
Copy link
Member

trishankatdatadog commented Apr 29, 2022
edited
Loading

@erickt - Hey, I think #209 partially covered the topics of this issue, at least in regards to the timestamp update process. Are the rest of the thoughts still relevant or perhaps we can close this one?

I don't think we can close this yet. Erick does raise some interesting questions. Now, it's not clear to me why a correct repository would do this, but a buggy/compromised/malicious one might. To me, the safest option is for clients to fail the update process, and buggy/compromised repositories can take action to recover so that clients can update again.

Erick, WDYT?

@erickt erickt mentioned this issue May 23, 2022
Open
@lukpueh lukpueh mentioned this issue Jun 8, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@erickt @rdimitrov @trishankatdatadog