Skip to content

Commit 5d62196

Browse files
mnm678mnm678
committed
Condense the abstract
Credit to @joshuagl for helping with the text here. This commit makes the abstract shorter and more in line with the requirements of TAP 1. Signed-off-by: Marina Moore <mnm678@gmail.com>
1 parent 17f8f65 commit 5d62196

1 file changed

Lines changed: 9 additions & 22 deletions

File tree

tap16.md

Lines changed: 9 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -12,28 +12,15 @@
1212

1313
# Abstract
1414

15-
To optimize the snapshot metadata file size for large repositories, repositories
16-
can use a snapshot Merkle tree to conceptually store version information about
17-
all images in a single snapshot without needing to distribute this entire
18-
snapshot to all clients. To do so, it puts version information for each targets
19-
metadata file into a leaf of the Merkle tree, and distributes snapshot Merkle
20-
files containing this leaf information and a path to the root of the Merkle tree.
21-
Clients can then compare this information with a Merkle root provided in the
22-
timestamp metadata. To prove that there has not been a reversion of the
23-
snapshot Merkle tree when downloading an image, the client and third-party
24-
auditors download the prior snapshot Merkle trees and check that the version
25-
numbers did not decrease at any point.
26-
27-
By replacing a single snapshot metadata file with individual snapshot Merkle
28-
metadata files, this TAP reduces the metadata overhead for repositories with
29-
large numbers of targets metadata files. It maintains the security protections
30-
of the single snapshot metadata file in part through the use of third party
31-
auditors that check for rollback attacks anywhere in the Merkle tree.
32-
33-
The feature described in this TAP does not need to be implemented by all TUF
34-
implementations. It is an option for any adopter who is interested in the
35-
benefits provided by this feature, but may not make sense for implementations
36-
with fewer target files.
15+
Snapshot metadata for repositories with a high number of targets
16+
metadata files (through significant use of delegations), can become
17+
prohibitively large. Due to the need to download the snapshot file on every
18+
update cycle, very large snapshot metadata files can become a significant
19+
overhead for TUF clients.
20+
21+
This TAP proposes a method for reducing the size of snapshot metadata a client
22+
must download without significantly weakening the security properties of TUF.
23+
3724

3825
# Motivation
3926

0 commit comments

Comments
 (0)