TEA release staging and releasing

During a community meeting we discussed the technology that might be used for staging a release and then releasing it. In this context the use of TUF (The Update Framework) could be very valuable.

TUF allows us to do have delegated roles for signing artifacts. The power of TUF is in the way it establishes a trust root with signing delegations and allowing you to rotate keys if an artifact becomes compromised and should be retracted.

- https://theupdateframework.io/
- Must watch video on TUF and security artifact distribution. https://www.youtube.com/watch?v=lIYXVIPsk_U

- There is a broad scope in adoption for TUF as a technology. 
- https://theupdateframework.io/community/adoptions/

Using TUF should be an optional choice for providers probably.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

TEA release staging and releasing #184

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

TEA release staging and releasing #184

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions